程式扎記: [Linux 文章收集] UNDERSTANDING THE DIG COMMAND

Source From Here
Preface
The command dig is a tool for querying DNS nameservers for information about host addresses, mail exchanges, nameservers, and related information. This tool can be used from any Linux (Unix) or Macintosh OS X operating system. The most typical use of dig is to simply query a single host.

The dig command fundamentally used for the following purposes:

1. Performs DNS lookups.
2. Find host addresses, IP address, mail exchanges (MX), CNAMEs, name servers, and more.
3. Verify ISP DNS server and Internet connectivity.
4. Verify spam and blacklisting records.

The basic syntax:

view plaincopy to clipboardprint?
dig Hostname  
dig DomaiNameHere  
dig @DNS-server-name Hostname  
dig @DNS-server-name IPAddress  
dig @DNS-server-name Hostname|IPAddress type  

Where:

1. DNS-server-name – The name or IP address of the name server to query (such as 8.8.8.8 or ns1.cyberciti.biz). If no DNS-server-name is provided, the dig command will use the /etc/resolv.conf file and use name servers listed there.
2. Hostname|IPAddress – The name of the resource record that is to be looked up using DNS-server-name.
3. type – Set the type of query such as A, MX, NS and more.

List of DNS record types
Before you use the dig command you should aware of common types of resource records of the DNS. Here are most common resource records:

By default, dig command looks for A records only.

dig command examples
To find the IP address of the host www.cyberciti.biz, type:

# dig www.cyberciti.biz

Sample outputs:

view plaincopy to clipboardprint?
; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3.2 <<>> www.cyberciti.biz  
;; global options: +cmd  
;; Got answer:  
;; ->>HEADER<<- class="number" id:="" nbsp="" noerror="" opcode:="" query="" span="" status:="" style="background-color: inherit; border: none; color: #c00000; margin: 0px; padding: 0px;">40839  

;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 5

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 4096

;; QUESTION SECTION:

;www.cyberciti.biz. IN A

;; ANSWER SECTION:

www.cyberciti.biz. 300 IN A 104.20.187.5

www.cyberciti.biz. 300 IN A 104.20.186.5

;; AUTHORITY SECTION:

cyberciti.biz. 107 IN NS clay.ns.cloudflare.com.

cyberciti.biz. 107 IN NS fay.ns.cloudflare.com.

;; ADDITIONAL SECTION:

clay.ns.cloudflare.com. 79127 IN A 173.245.59.88

clay.ns.cloudflare.com. 79127 IN AAAA 2400:cb00:2049:1::adf5:3b58

fay.ns.cloudflare.com. 165552 IN A 173.245.58.115

fay.ns.cloudflare.com. 165552 IN AAAA 2400:cb00:2049:1::adf5:3a73

;; Query time: 7 msec

;; SERVER: 140.122.65.9#53(140.122.65.9)

;; WHEN: Thu Nov 08 15:45:22 CST 2018

;; MSG SIZE rcvd: 220

Understanding dig command output
The above is simple query for a single host called www.cyberciti.biz. The dig command displays lots of information. Let us try to understand the default dig command output:

1. The "QUESTION SECTION" displays query type. By default query is for A (Internet address). In this example, I am using dig command to find out an IP address of www.cyberciti.biz.
2. Next, you get the answer to your query in "ANSWER SECTION" – the address of www.cyberciti.biz is 104.20.187.5/104.20.186.5
3. For "AUTHORITY SECTION" section, it tells where you obtain those DNS record(s). The local DNS server is used to query for and the "Authority section" will tell you where the DNS record(s) are from. Here is "clay.ns.cloudflare.com" and "fay.ns.cloudflare.com".
4. For "ADDITIONAL SECTION", you can obtain the IP address of those "authority DNS server(s)"
5. The final section of the dig command contains statistics (stats section) about the query such as name server names, query time and more.

More Usage Examples
Here we will teach you how to use dig command through examples.

How do I query a different nameserver such as 8.8.8.8?
You can use @8.8.8.8 as below to query specific nameserver:

# dig @8.8.8.8 www.kimo.com.tw

Sample output:

view plaincopy to clipboardprint?
; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3.2 <<>> @8.8.8.8 www.kimo.com.tw  
; (1 server found)  
;; global options: +cmd  
;; Got answer:  
;; ->>HEADER<<- class="number" id:="" nbsp="" noerror="" opcode:="" query="" span="" status:="" style="background-color: inherit; border: none; color: #c00000; margin: 0px; padding: 0px;">7741  

;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 512

;; QUESTION SECTION:

;www.kimo.com.tw. IN A

;; ANSWER SECTION:

www.kimo.com.tw. 7129 IN CNAME rc.yahoo.com.

rc.yahoo.com. 229 IN CNAME src.g03.yahoodns.net.

src.g03.yahoodns.net. 229 IN A 124.108.115.100

;; Query time: 16 msec

;; SERVER: 8.8.8.8#53(8.8.8.8)

;; WHEN: Thu Nov 08 16:03:49 CST 2018

;; MSG SIZE rcvd: 120

How do I select the DNS query type?
The -t option sets the query type to type. It can be any valid query type which is supported in BIND 9. The default query type is "A", unless the -x option is supplied to indicate a reverse lookup. Below is a simple example:

// +noall +answer: Return "ANSWER SECTION" only
# dig -ta www.weibo.com +noall +answer

; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3.2 <<>> -ta www.weibo.com +noall +answer
;; global options: +cmd
www.weibo.com. 28 IN CNAME weibo.com.edgekey.net.
weibo.com.edgekey.net. 11334 IN CNAME e4141.dscb.akamaiedge.net.
e4141.dscb.akamaiedge.net. 1 IN A 163.28.225.6

FIND THE IP ADDRESS (A) OF A HOSTNAME
You can use "+short" to show the query result only:

# dig +short www.cyberciti.biz A
104.20.186.5
104.20.187.5

FIND THE HOSTNAME OF AN IP ADDRESS
You can use option -x to carry out the DNS reverse Look-up

# dig @8.8.8.8 -x 209.132.183.81 +short
www.redhat.com.

FIND THE NS (NAME SERVERS) OF A DOMAIN NAME
You can use query type "NS" as below example:

# dig -t NS cyberciti.biz +short
clay.ns.cloudflare.com.
fay.ns.cloudflare.com.

Real World Case Study - Find Google CDN IP range
Below bash script is from here which is used to dig out all Google CDN IP range:

view plaincopy to clipboardprint?
#!/bin/bash  
  
# https://cloud.google.com/compute/docs/faq#ipranges  
  
#nslookup -q=TXT _cloud-netblocks.googleusercontent.com  8.8.8.8  
  
for LINE in `dig txt _cloud-netblocks.googleusercontent.com +short | tr " " "\n" | grep include | cut -f 2 -d :`  
do  
    dig txt $LINE +short  
done | tr " " "\n" | grep ip4  | cut -f 2 -d : | sort -n  

The flow is as below commands:

# dig txt _cloud-netblocks.googleusercontent.com +short
"v=spf1 include:_cloud-netblocks1.googleusercontent.com include:_cloud-netblocks2.googleusercontent.com include:_cloud-netblocks3.googleusercontent.com include:_cloud-netblocks4.googleusercontent.com include:_cloud-netblocks5.googleusercontent.com ?all"

# dig txt _cloud-netblocks.googleusercontent.com +short | tr " " "\n" | grep include | cut -f 2 -d :
_cloud-netblocks1.googleusercontent.com
_cloud-netblocks2.googleusercontent.com
_cloud-netblocks3.googleusercontent.com
_cloud-netblocks4.googleusercontent.com
_cloud-netblocks5.googleusercontent.com

# dig txt _cloud-netblocks1.googleusercontent.com +short
"v=spf1 include:_cloud-netblocks6.googleusercontent.com ip4:8.34.208.0/20 ip4:8.35.192.0/21 ip4:8.35.200.0/23 ip4:108.59.80.0/20 ip4:108.170.192.0/20 ip4:108.170.208.0/21 ip4:108.170.216.0/22 ip4:108.170.220.0/23 ip4:108.170.222.0/24 ip4:35.224.0.0/13 ?all"

# dig txt _cloud-netblocks1.googleusercontent.com +short | tr " " "\n" | grep ip4 | cut -f 2 -d : | sort -n
8.34.208.0/20
8.35.192.0/21
8.35.200.0/23
35.224.0.0/13
108.170.192.0/20
108.170.208.0/21
108.170.216.0/22
108.170.220.0/23
108.170.222.0/24
108.59.80.0/20

Supplement
* Linux and Unix dig Command Examples
* Dig 常用參數與 DNS 偵錯追蹤
* DNS（二）通过dig命令理解DNS
* DNS資源紀錄 (Resource Record) 介紹
* 10 Linux DIG Command Examples for DNS Lookup

程式扎記

標籤

2018年11月8日星期四

[Linux 文章收集] UNDERSTANDING THE DIG COMMAND

沒有留言:

張貼留言

[Git 常見問題] error: The following untracked working tree files would be overwritten by merge

檢舉濫用情形

學習筆記

標籤

2018年11月8日 星期四