2018年11月8日 星期四

[Linux 文章收集] UNDERSTANDING THE DIG COMMAND

Source From Here 
Preface 
The command dig is a tool for querying DNS nameservers for information about host addresses, mail exchanges, nameservers, and related information. This tool can be used from any Linux (Unix) or Macintosh OS X operating system. The most typical use of dig is to simply query a single host. 

The dig command fundamentally used for the following purposes: 
1. Performs DNS lookups.
2. Find host addresses, IP address, mail exchanges (MX), CNAMEs, name servers, and more.
3. Verify ISP DNS server and Internet connectivity.
4. Verify spam and blacklisting records.

The basic syntax: 
  1. dig Hostname  
  2. dig DomaiNameHere  
  3. dig @DNS-server-name Hostname  
  4. dig @DNS-server-name IPAddress  
  5. dig @DNS-server-name Hostname|IPAddress type  
Where: 
1. DNS-server-name – The name or IP address of the name server to query (such as 8.8.8.8 or ns1.cyberciti.biz). If no DNS-server-name is provided, the dig command will use the /etc/resolv.conf file and use name servers listed there.
2. Hostname|IPAddress – The name of the resource record that is to be looked up using DNS-server-name.
3. type – Set the type of query such as A, MX, NS and more.

List of DNS record types 
Before you use the dig command you should aware of common types of resource records of the DNS. Here are most common resource records: 


By default, dig command looks for A records only. 

dig command examples 
To find the IP address of the host www.cyberciti.biz, type: 
# dig www.cyberciti.biz

Sample outputs: 
  1. ; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3.2 <<>> www.cyberciti.biz  
  2. ;; global options: +cmd  
  3. ;; Got answer:  
  4. ;; ->>HEADER<<- class="number" id:="" nbsp="" noerror="" opcode:="" query="" span="" status:="" style="background-color: inherit; border: none; color: #c00000; margin: 0px; padding: 0px;">40839  

  • ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 5  
  •   
  • ;; OPT PSEUDOSECTION:  
  • ; EDNS: version: 0, flags:; udp: 4096  
  • ;; QUESTION SECTION:  
  • ;www.cyberciti.biz.             IN      A  
  •   
  • ;; ANSWER SECTION:  
  • www.cyberciti.biz.      300     IN      A       104.20.187.5  
  • www.cyberciti.biz.      300     IN      A       104.20.186.5  
  •   
  • ;; AUTHORITY SECTION:  
  • cyberciti.biz.          107     IN      NS      clay.ns.cloudflare.com.  
  • cyberciti.biz.          107     IN      NS      fay.ns.cloudflare.com.  
  •   
  • ;; ADDITIONAL SECTION:  
  • clay.ns.cloudflare.com. 79127   IN      A       173.245.59.88  
  • clay.ns.cloudflare.com. 79127   IN      AAAA    2400:cb00:2049:1::adf5:3b58  
  • fay.ns.cloudflare.com.  165552  IN      A       173.245.58.115  
  • fay.ns.cloudflare.com.  165552  IN      AAAA    2400:cb00:2049:1::adf5:3a73  
  •   
  • ;; Query time: 7 msec  
  • ;; SERVER: 140.122.65.9#53(140.122.65.9)  
  • ;; WHEN: Thu Nov 08 15:45:22 CST 2018  
  • ;; MSG SIZE  rcvd: 220  


  • Understanding dig command output 
    The above is simple query for a single host called www.cyberciti.biz. The dig command displays lots of information. Let us try to understand the default dig command output: 
    1. The "QUESTION SECTION" displays query type. By default query is for A (Internet address). In this example, I am using dig command to find out an IP address of www.cyberciti.biz.
    2. Next, you get the answer to your query in "ANSWER SECTION" – the address of www.cyberciti.biz is 104.20.187.5/104.20.186.5
    3. For "AUTHORITY SECTION" section, it tells where you obtain those DNS record(s). The local DNS server is used to query for and the "Authority section" will tell you where the DNS record(s) are from. Here is "clay.ns.cloudflare.com" and "fay.ns.cloudflare.com".
    4. For "ADDITIONAL SECTION", you can obtain the IP address of those "authority DNS server(s)"
    5. The final section of the dig command contains statistics (stats section) about the query such as name server names, query time and more.


    More Usage Examples 
    Here we will teach you how to use dig command through examples. 

    How do I query a different nameserver such as 8.8.8.8? 
    You can use @8.8.8.8 as below to query specific nameserver: 
    # dig @8.8.8.8 www.kimo.com.tw

    Sample output: 
    1. ; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3.2 <<>> @8.8.8.8 www.kimo.com.tw  
    2. ; (1 server found)  
    3. ;; global options: +cmd  
    4. ;; Got answer:  
    5. ;; ->>HEADER<<- class="number" id:="" nbsp="" noerror="" opcode:="" query="" span="" status:="" style="background-color: inherit; border: none; color: #c00000; margin: 0px; padding: 0px;">7741  

  • ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1  
  •   
  • ;; OPT PSEUDOSECTION:  
  • ; EDNS: version: 0, flags:; udp: 512  
  • ;; QUESTION SECTION:  
  • ;www.kimo.com.tw.               IN      A  
  •   
  • ;; ANSWER SECTION:  
  • www.kimo.com.tw.        7129    IN      CNAME   rc.yahoo.com.  
  • rc.yahoo.com.           229     IN      CNAME   src.g03.yahoodns.net.  
  • src.g03.yahoodns.net.   229     IN      A       124.108.115.100  
  •   
  • ;; Query time: 16 msec  
  • ;; SERVER: 8.8.8.8#53(8.8.8.8)  
  • ;; WHEN: Thu Nov 08 16:03:49 CST 2018  
  • ;; MSG SIZE  rcvd: 120  
  • How do I select the DNS query type? 
    The -t option sets the query type to type. It can be any valid query type which is supported in BIND 9. The default query type is "A", unless the -x option is supplied to indicate a reverse lookup. Below is a simple example: 
    // +noall +answer: Return "ANSWER SECTION" only
    # dig -ta www.weibo.com +noall +answer

    ; <<>> DiG 9.9.4-RedHat-9.9.4-38.el7_3.2 <<>> -ta www.weibo.com +noall +answer
    ;; global options: +cmd
    www.weibo.com. 28 IN CNAME weibo.com.edgekey.net.
    weibo.com.edgekey.net. 11334 IN CNAME e4141.dscb.akamaiedge.net.
    e4141.dscb.akamaiedge.net. 1 IN A 163.28.225.6

    FIND THE IP ADDRESS (A) OF A HOSTNAME 
    You can use "+short" to show the query result only: 
    # dig +short www.cyberciti.biz A
    104.20.186.5
    104.20.187.5

    FIND THE HOSTNAME OF AN IP ADDRESS 
    You can use option -x to carry out the DNS reverse Look-up 
    # dig @8.8.8.8 -x 209.132.183.81 +short
    www.redhat.com.

    FIND THE NS (NAME SERVERS) OF A DOMAIN NAME 
    You can use query type "NS" as below example: 
    # dig -t NS cyberciti.biz +short
    clay.ns.cloudflare.com.
    fay.ns.cloudflare.com.

    Real World Case Study - Find Google CDN IP range 
    Below bash script is from here which is used to dig out all Google CDN IP range: 
    1. #!/bin/bash  
    2.   
    3. # https://cloud.google.com/compute/docs/faq#ipranges  
    4.   
    5. #nslookup -q=TXT _cloud-netblocks.googleusercontent.com  8.8.8.8  
    6.   
    7. for LINE in `dig txt _cloud-netblocks.googleusercontent.com +short | tr " " "\n" | grep include | cut -f 2 -d :`  
    8. do  
    9.     dig txt $LINE +short  
    10. done | tr " " "\n" | grep ip4  | cut -f 2 -d : | sort -n  
    The flow is as below commands: 
    # dig txt _cloud-netblocks.googleusercontent.com +short
    "v=spf1 include:_cloud-netblocks1.googleusercontent.com include:_cloud-netblocks2.googleusercontent.com include:_cloud-netblocks3.googleusercontent.com include:_cloud-netblocks4.googleusercontent.com include:_cloud-netblocks5.googleusercontent.com ?all"

    # dig txt _cloud-netblocks.googleusercontent.com +short | tr " " "\n" | grep include | cut -f 2 -d :
    _cloud-netblocks1.googleusercontent.com
    _cloud-netblocks2.googleusercontent.com
    _cloud-netblocks3.googleusercontent.com
    _cloud-netblocks4.googleusercontent.com
    _cloud-netblocks5.googleusercontent.com


    # dig txt _cloud-netblocks1.googleusercontent.com +short
    "v=spf1 include:_cloud-netblocks6.googleusercontent.com ip4:8.34.208.0/20 ip4:8.35.192.0/21 ip4:8.35.200.0/23 ip4:108.59.80.0/20 ip4:108.170.192.0/20 ip4:108.170.208.0/21 ip4:108.170.216.0/22 ip4:108.170.220.0/23 ip4:108.170.222.0/24 ip4:35.224.0.0/13 ?all"

    # dig txt _cloud-netblocks1.googleusercontent.com +short | tr " " "\n" | grep ip4 | cut -f 2 -d : | sort -n
    8.34.208.0/20
    8.35.192.0/21
    8.35.200.0/23
    35.224.0.0/13
    108.170.192.0/20
    108.170.208.0/21
    108.170.216.0/22
    108.170.220.0/23
    108.170.222.0/24
    108.59.80.0/20

    Supplement 
    Linux and Unix dig Command Examples 
    Dig 常用參數 與 DNS 偵錯追蹤 
    DNS(二)通过dig命令理解DNS 
    DNS資源紀錄 (Resource Record) 介紹 
    10 Linux DIG Command Examples for DNS Lookup

    沒有留言:

    張貼留言

    [ Python 常見問題 ] How to shift a datetime object by 12 hours in python

    Source From   Here   Question   Datetime   objects hurt my head for some reason. I am writing to figure out   how to shift a date time obje...