Dig 工具使用
Linux工具
DNS域名查询
查询百度域名
dig baidu.com
ANSWER SECTION:
- 第一列:列出被查询到服务器的名称
- 第二列:列出Time to Live,刷新记录的设定时间范围
- 第三列:显示查询的类型--"IN" 代表internet
- 第四列:显示查询的类型--"A" 代表A(地址)的记录
- 最后一列:显示与域名相关联的IP地址
显示dig命令的版本
<<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.3 <<>> baidu.com
HEADER部分显示它从根服务器中接受到的信息。标志是只答案格式。
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14125
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
QUESTION部分显示已发送的查询数据
;; QUESTION SECTION:
;baidu.com. IN A
- 第一列是查询的域名
- 第二列是查询的类型(IN = Internet)
- 第三列指定记录(A = 地址),除非另有说明
STATISTICS部分显示有关的查询元数据
;; Query time: 0 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 29 14:52:41 CST 2022
;; MSG SIZE rcvd: 59
- 查询时间 - 响应所花费的时间
- SERVER – 响应 DNS 服务器的 IP 地址和端口。您可能会注意到这一行中有一个环回地址——这是指转换 DNS 地址的本地设置
- WHEN – 运行命令时的时间戳
- MSG SIZE rcvd – DNS 服务器回复的大小
指定DNS服务器查询
默认情况下,dig 使用本地配置来决定要查询的名称服务器。使用以下命令指定 Google 的域服务器:
dig @8.8.8.8 google.com
返还任何结果
系统列出google.com它找到所用DNS 记录以及IP地址
dig google.com ANY
====
[root@VM-8-5-centos ~]# dig google.com ANY
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.3 <<>> google.com ANY
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23683
;; flags: qr rd ra; QUERY: 1, ANSWER: 21, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;google.com. IN ANY
;; ANSWER SECTION:
google.com. 300 IN A 142.251.43.14
google.com. 3600 IN TXT "webexdomainverification.8YX6G=6e6922db-e3e6-4a36-904e-a805c28087fa"
google.com. 3600 IN TXT "facebook-domain-verification=22rm551cu4k0ab0bxsw536tlds4h95"
google.com. 3600 IN TXT "google-site-verification=wD8N7i1JTNTkezJ49swvWW48f8_9xveREV4oB-0Hf5o"
google.com. 3600 IN TXT "MS=E4A68B9AB2BB9670BCE15412F62916164C0B20BB"
google.com. 3600 IN TXT "docusign=1b0a6754-49b1-4db5-8540-d2c12664b289"
google.com. 3600 IN TXT "v=spf1 include:_spf.google.com ~all"
google.com. 3600 IN TXT "globalsign-smime-dv=CDYX+XFHUw2wml6/Gb8+59BsH31KzUr6c1l2BPvqKX8="
google.com. 3600 IN TXT "docusign=05958488-4752-4ef2-95eb-aa7ba8a3bd0e"
google.com. 3600 IN TXT "google-site-verification=TV9-DBe4R80X4v0M4U_bd_J9cpOJM0nikft0jAgjmsQ"
google.com. 3600 IN TXT "atlassian-domain-verification=5YjTmWmjI92ewqkx2oXmBaD60Td9zWon9r6eakvHX6B77zzkFQto8PQ9QsKnbf4I"
google.com. 3600 IN TXT "apple-domain-verification=30afIBcvSuDV2PLX"
google.com. 3600 IN TXT "onetrust-domain-verification=de01ed21f2fa4d8781cbc3ffb89cf4ef"
google.com. 345600 IN NS ns4.google.com.
google.com. 345600 IN NS ns3.google.com.
google.com. 345600 IN NS ns2.google.com.
google.com. 345600 IN NS ns1.google.com.
google.com. 21600 IN TYPE65 # 13 00010000010006026832026833
google.com. 86400 IN CAA 0 issue "pki.goog"
google.com. 60 IN SOA ns1.google.com. dns-admin.google.com. 484487304 900 900 1800 60
google.com. 300 IN MX 10 smtp.google.com.
;; Query time: 216 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Oct 29 15:08:34 CST 2022
;; MSG SIZE rcvd: 1092
简答选项
要仅显示与域名关联的 IP 地址,请输入以下内容:
dig google.com +short
详细答案选择
**+noall +answer**使用命令运行 dig 以访问答案部分中的详细信息:
dig google.com +noall +answer
跟踪选项
该 **+trace**选项列出了查询经过其最终目的地的每个不同服务器。使用此命令选项可识别流量下降的 IP 地址。
dig google.com +trace
====
显示连接超时-- 可能是udp prot 53端口问题
追加了服务器的地址--google
dig @8.8.8.8 google.com +trace
======
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.3 <<>> @8.8.8.8 google.com +trace
; (1 server found)
;; global options: +cmd
. 85851 IN NS g.root-servers.net.
. 85851 IN NS j.root-servers.net.
. 85851 IN NS e.root-servers.net.
. 85851 IN NS l.root-servers.net.
. 85851 IN NS d.root-servers.net.
. 85851 IN NS a.root-servers.net.
. 85851 IN NS b.root-servers.net.
. 85851 IN NS i.root-servers.net.
. 85851 IN NS m.root-servers.net.
. 85851 IN NS h.root-servers.net.
. 85851 IN NS c.root-servers.net.
. 85851 IN NS k.root-servers.net.
. 85851 IN NS f.root-servers.net.
. 85851 IN RRSIG NS 8 0 518400
///省略大段数据
google.com. 300 IN A 142.251.43.14
;; Received 55 bytes from 216.239.36.10#53(ns3.google.com) in 23 ms
查询到追踪失败的原因
53端口上不允许UDP流量
强制使用TCP-进行Dig测试:
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.3 <<>> +trace google.com +vc
;; global options: +cmd
///省略大段数据
. 67498 IN NS c.root-servers.net.
. 67498 IN NS d.root-servers.net.
. 67498 IN NS e.root-servers.net.
. 67498 IN NS f.root-servers.net.
. 67498 IN NS g.root-servers.net.
. 67498 IN NS h.root-servers.net.
. 67498 IN NS i.root-servers.net.
///
google.com. 172800 IN NS ns2.google.com.
google.com. 172800 IN NS ns1.google.com.
google.com. 300 IN A 142.251.43.14
;; Received 55 bytes from 216.239.32.10#53(ns1.google.com) in 47 ms
可以成功显示追踪数据
域名不存在或域名被Hold
当域名不存在(输入错误,或者域名过期被删除),或者域名存在但是被Hold(域名未实名认证)
例如
dig +trace not-existes-webset.com +vc
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.3 <<>> +trace not-existes-webset.com +vc
;; global options: +cmd
. 58193 IN NS m.root-servers.net.
. 58193 IN NS a.root-servers.net.
. 58193 IN NS b.root-servers.net.
. 58193 IN NS c.root-servers.net.
. 58193 IN NS d.root-servers.net.
. 58193 IN NS e.root-servers.net.
. 58193 IN NS f.root-servers.net.
. 58193 IN NS g.root-servers.net.
. 58193 IN NS h.root-servers.net.
. 58193 IN NS i.root-servers.net.
. 58193 IN NS j.root-servers.net.
. 58193 IN NS k.root-servers.net.
. 58193 IN NS l.root-servers.net.
;; Received 239 bytes from 183.60.83.19#53(183.60.83.19) in 0 ms
com. 172800 IN NS a.gtld-servers.net.
com. 172800 IN NS b.gtld-servers.net.
com. 172800 IN NS c.gtld-servers.net.
com. 172800 IN NS d.gtld-servers.net.
com. 172800 IN NS e.gtld-servers.net.
com. 172800 IN NS f.gtld-servers.net.
com. 172800 IN NS g.gtld-servers.net.
com. 172800 IN NS h.gtld-servers.net.
com. 172800 IN NS i.gtld-servers.net.
com. 172800 IN NS j.gtld-servers.net.
com. 172800 IN NS k.gtld-servers.net.
com. 172800 IN NS l.gtld-servers.net.
com. 172800 IN NS m.gtld-servers.net.
;; Received 1182 bytes from 192.58.128.30#53(j.root-servers.net) in 204 ms
com. 900 IN SOA a.gtld-servers.net. nstld.verisign-grs.com. 1667043393 1800 900 604800 86400
com. 900 IN RRSIG SOA 8 1 900 20221105113633 20221029102633 53929
;; Received 1142 bytes from 192.33.14.30#53(b.gtld-servers.net) in 212 ms
当域名不存在可以看到查询结果中没有出现not-existes-webset.com ** IN NS dns.dnsname.com 这样的记录,在顶级域中返回的是SOA记录(SOA a.gtld-servers.net. nstld.verisign-grs.com. 1667043393 1800 900 604800 86400)
