nslookup
nslookup命令用於查詢DNS的記錄,查看域名解析是否正常,在網絡故障的時候用來診斷網絡問題。 nslookup的用法相對來說還是蠻簡單的,主要是下面的幾個用法。
windows 和 Linux系統均可使用
1 直接查詢
查詢一個域名的A記錄。
nslookup domain [dns-server]如果沒指定dns-server,用系統默認的dns服務器。下面是一個例子:
centos系統執行對baidu.com的查詢
[root@VM-0-10-centos ~]# nslookup baidu.com
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
Name: baidu.com
Address: 220.181.38.148
Name: baidu.com
Address: 39.156.69.79Windows系統執行對baidu.com的查詢
C:\Users\admin>nslookup baidu.com
服務器: cachea.nic.jnu.edu.cn
Address: 192.168.10.8
非權威應答:
名稱: baidu.com
Addresses: 39.156.69.79
220.181.38.148
C:\Users\admin>nslookup www.oschina.net
服務器: cachea.nic.jnu.edu.cn
Address: 192.168.10.8
非權威應答:
名稱: fn0wz54v.dayugslb.com
Address: 180.97.125.228
Aliases: www.oschina.net返回信息說明
- 什么叫非權威應答?
非權威應答對應的英文是:Non-authoritative answer。
假設某個DNS server沒有域名test.com的記錄信息,當有客戶端通過它請求獲取test.com的域名信息,此DNS Server會通過迭代遞歸的方式從test公司實際存儲此記錄信息的DNS server中獲取test.com的域名信息,反饋給發出請求的客戶端,同時會把test.com的記錄信息放在自身緩存中放置一段時間,當又有客戶端請求test.com域名解析時,此DNS server直接從自身緩存中提取返回給客戶端,這個回答叫“非權威回答”,簡言之凡是從非實際記錄存儲DNS server中獲取的域名解析回答,都叫“非權威回答”。
即本地DNS服務器從緩存而非本地實際存儲中返回某一解析記錄,就叫非權威應答。 - “服務器”指的是返回該解析的DNS服務器,這里是校園網的DNS服務器
nslookup cachea.nic.jnu.edu.cn
服務器: cachea.nic.jnu.edu.cn
Address: 192.168.10.8
名稱: cachea.nic.jnu.edu.cn
Addresses: 2001:da8:2002::10:8
192.168.10.8查看一下本機DNS服務器:
其中一個便是192.168.10.8
自然,第一個Address便是DNS服務器的IP地址了。
- 應答的內容:非權威應答上面已經講過,這里的名稱(name)是指要查詢的域名,查詢
www.oschina.net時的名稱是該站點的A記錄綁定域名,www.oschina.net是fn0wz54v.dayugslb.com的CNAME記錄,第二個Address就是該站點的IP地址,Aliases是別名的意思,意思是www.oschina,net是fn0wz54v.dayugslb.com的別名。
2 指定某一DNS服務器進行解析
C:\Users\admin>nslookup baidu.com 114.114.114.114
服務器: public1.114dns.com
Address: 114.114.114.114
非權威應答:
名稱: baidu.com
Addresses: 39.156.69.79
220.181.38.148國內優秀公共DNS服務:
1、114DNS
114.114.114.114
114.114.115.115
2、騰訊
119.29.29.29
182.254.118.118
3、阿里
223.5.5.5
223.6.6.6
4、百度
180.76.76.76
5、CNNIC
1.2.4.8
210.2.4.8
盤點國內外優秀的DNS服務器:https://80ea4520.wiz03.com/wapp/pages/view/share/s/20WAkw2zU17G2_qokg3SpfH81BhpQ31Ag48I2o19hc3msadD
3 查詢其他記錄
直接查詢返回的是A記錄,我們可以指定參數,查詢其他記錄,比如AAAA、MX等。
nslookup -qt=type domain [dns-server]其中,type可以是以下這些類型:
- A 地址記錄
- AAAA 地址記錄
- AFSDB Andrew文件系統數據庫服務器記錄
- ATMA ATM地址記錄
- CNAME 別名記錄
- HINFO 硬件配置記錄,包括CPU、操作系統信息
- ISDN 域名對應的ISDN號碼
- MB 存放指定郵箱的服務器
- MG 郵件組記錄
- MINFO 郵件組和郵箱的信息記錄
- MR 改名的郵箱記錄
- MX 郵件服務器記錄
- NS 域名服務器記錄
- PTR 反向記錄
- RP 負責人記錄
- RT 路由穿透記錄
- SRV TCP服務器信息記錄
- TXT 域名對應的文本信息
- X25 域名對應的X.25地址記錄
例如:
C:\Users\admin>nslookup -qt=CNAME www.oschina.net
服務器: cachea.nic.jnu.edu.cn
Address: 192.168.10.8
非權威應答:
www.oschina.net canonical name = fn0wz54v.dayugslb.com
//www.oschina.net 的規范名稱是 fn0wz54v.dayugslb.com關於Canonical name的解釋
A Canonical Name record (abbreviated as CNAME record) is a type of resource record in the Domain Name System (DNS) used to specify that a domain name is an alias for another domain, the "canonical" domain. All information, including subdomains, IP addresses, etc., are defined by the canonical domain.
規范名稱記錄(縮寫為CNAME記錄)是域名系統(DNS)中的一種資源記錄,用於指定域名是另一個域(“規范”域)的別名。所有信息,包括子域,IP地址等,均由規范域定義。This can prove convenient when running multiple services (like an FTP server and a webserver; each running on different ports) from a single IP address. One can, for example, point ftp.example.com and www.example.com to the DNS A record for example.com, which in turn points to the IP address. Then, if the IP address ever changes, one only has to record the change in one place within the network: in the DNS A record.
當從單個IP地址運行多個服務(例如FTP服務器和Web服務器;每個都運行在不同的端口上)時,這可以證明很方便。例如,可以將ftp.example.com和www.example.com指向example.com的DNS A記錄,該記錄又指向IP地址。然后,如果IP地址曾經更改過,則只需將更改記錄在網絡中的一個位置即可:在DNS A記錄中。CNAME records must always point to another domain name, never directly to an IP address.
CNAME記錄必須始終指向另一個域名,永遠不要直接指向IP地址
查看郵箱記錄
C:\Users\admin>nslookup -qt=MX www.oschina.net 114.114.114.114
服務器: public1.114dns.com
Address: 114.114.114.114
非權威應答:
www.oschina.net canonical name = fn0wz54v.dayugslb.com
dayugslb.com
primary name server = ns3.dnsv5.com
responsible mail addr = enterprise3dnsadmin.dnspod.com
serial = 1600760096
refresh = 3600 (1 hour)
retry = 180 (3 mins)
expire = 1209600 (14 days)
default TTL = 180 (3 mins)3 查詢更具體的信息
查詢語法:
nslookup –d [其他參數] domain [dns-server]只要在查詢的時候,加上-d參數,即可查詢域名的緩存。
C:\Users\admin>nslookup -d www.oschina.net 114.114.114.114
------------
Got answer:
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
114.114.114.114.in-addr.arpa, type = PTR, class = IN
ANSWERS:
-> 114.114.114.114.in-addr.arpa
name = public1.114dns.com
ttl = 510 (8 mins 30 secs)
------------
服務器: public1.114dns.com
Address: 114.114.114.114
------------
Got answer:
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 2, authority records = 0, additional = 0
QUESTIONS:
www.oschina.net, type = A, class = IN
ANSWERS:
-> www.oschina.net
canonical name = fn0wz54v.dayugslb.com
ttl = 35 (35 secs)
-> fn0wz54v.dayugslb.com
internet address = 180.97.125.228
ttl = 35 (35 secs)
------------
非權威應答:
------------
Got answer:
HEADER:
opcode = QUERY, id = 3, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 1, additional = 0
QUESTIONS:
www.oschina.net, type = AAAA, class = IN
ANSWERS:
-> www.oschina.net
canonical name = fn0wz54v.dayugslb.com
ttl = 35 (35 secs)
AUTHORITY RECORDS:
-> dayugslb.com
ttl = 107 (1 min 47 secs)
primary name server = ns3.dnsv5.com
responsible mail addr = enterprise3dnsadmin.dnspod.com
serial = 1600760096
refresh = 3600 (1 hour)
retry = 180 (3 mins)
expire = 1209600 (14 days)
default TTL = 180 (3 mins)
------------
名稱: fn0wz54v.dayugslb.com
Address: 180.97.125.228
Aliases: www.oschina.net利用本地DNS服務器進行解析
C:\Users\admin>nslookup -d www.oschina.net
------------
Got answer:
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 2, additional = 4
QUESTIONS:
8.10.168.192.in-addr.arpa, type = PTR, class = IN
ANSWERS:
-> 8.10.168.192.in-addr.arpa
name = cachea.nic.jnu.edu.cn
ttl = 86400 (1 day)
AUTHORITY RECORDS:
-> 168.192.in-addr.arpa
nameserver = cachea.nic.jnu.edu.cn
ttl = 86400 (1 day)
-> 168.192.in-addr.arpa
nameserver = cacheb.nic.jnu.edu.cn
ttl = 86400 (1 day)
ADDITIONAL RECORDS:
-> cachea.nic.jnu.edu.cn
internet address = 192.168.10.8
ttl = 86400 (1 day)
-> cachea.nic.jnu.edu.cn
AAAA IPv6 address = 2001:da8:2002::10:8
ttl = 86400 (1 day)
-> cacheb.nic.jnu.edu.cn
internet address = 192.168.11.8
ttl = 86400 (1 day)
-> cacheb.nic.jnu.edu.cn
AAAA IPv6 address = 2001:da8:2002::11:8
ttl = 86400 (1 day)
------------
服務器: cachea.nic.jnu.edu.cn
Address: 192.168.10.8
------------
Got answer:
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 2, authority records = 0, additional = 0
QUESTIONS:
www.oschina.net, type = A, class = IN
ANSWERS:
-> www.oschina.net
canonical name = fn0wz54v.dayugslb.com
ttl = 226 (3 mins 46 secs)
-> fn0wz54v.dayugslb.com
internet address = 180.97.125.228
ttl = 226 (3 mins 46 secs)
------------
非權威應答:
------------
Got answer:
HEADER:
opcode = QUERY, id = 3, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
www.oschina.net, type = AAAA, class = IN
------------
名稱: fn0wz54v.dayugslb.com
Address: 180.97.125.228
Aliases: www.oschina.net第一個Got answer后面幾行,包括了一個ttl數值。這個數值就是域名記錄的生存時間。
4 用nslookup模擬DNS迭代解析過程
操作環境:Windows
解析目標:bilibili.com(試過baidu.com,但被權限域名服務器給拒絕了)
- 指定根域名服務器
nslookup bilibili.com a.root-servers.net
返回十個頂級域名服務器,均為com結點。
- 指定頂級域名服務器
nslookup bilibili.com a.gtld-servers.net
返回了兩個權限域名服務器
查看其whois信息
DNSPod是中國第一大DNS解析服務提供商、第一大域名托管商。
- 指定二級域名服務器
nslookup bilibili.com ns3.dnsv5.com
- 或直接用本地域名服務器
nslookup bilibili.com
Windows主機ping一下:
Linux主機ping一下:
由於兩台主機的地理位置不同,所以DNS解析出來的IP地址不同,一般是就近服務。
感謝閱讀!
參考:https://blog.csdn.net/violet_echo_0908/article/details/52033725