nslookup

nslookup

nslookup命令用于查询DNS的记录,查看域名解析是否正常,在网络故障的时候用来诊断网络问题。 nslookup的用法相对来说还是蛮简单的,主要是下面的几个用法。

windows 和 Linux系统均可使用

1 直接查询

查询一个域名的A记录。

nslookup domain [dns-server]

如果没指定dns-server,用系统默认的dns服务器。下面是一个例子:

centos系统执行对baidu.com的查询

[root@VM-0-10-centos ~]# nslookup baidu.com
Server:        183.60.83.19
Address:    183.60.83.19#53

Non-authoritative answer:
Name:    baidu.com
Address: 220.181.38.148
Name:    baidu.com
Address: 39.156.69.79

Windows系统执行对baidu.com的查询

C:\Users\admin>nslookup baidu.com
服务器:  cachea.nic.jnu.edu.cn
Address:  192.168.10.8

非权威应答:
名称:    baidu.com
Addresses:  39.156.69.79
          220.181.38.148

C:\Users\admin>nslookup www.oschina.net
服务器:  cachea.nic.jnu.edu.cn
Address:  192.168.10.8

非权威应答:
名称:    fn0wz54v.dayugslb.com
Address:  180.97.125.228
Aliases:  www.oschina.net

返回信息说明

  1. 什么叫非权威应答?
    非权威应答对应的英文是:Non-authoritative answer。
    假设某个DNS server没有域名test.com的记录信息,当有客户端通过它请求获取test.com的域名信息,此DNS Server会通过迭代递归的方式从test公司实际存储此记录信息的DNS server中获取test.com的域名信息,反馈给发出请求的客户端,同时会把test.com的记录信息放在自身缓存中放置一段时间,当又有客户端请求test.com域名解析时,此DNS server直接从自身缓存中提取返回给客户端,这个回答叫“非权威回答”,简言之凡是从非实际记录存储DNS server中获取的域名解析回答,都叫“非权威回答”。
    即本地DNS服务器从缓存而非本地实际存储中返回某一解析记录,就叫非权威应答。
  2. “服务器”指的是返回该解析的DNS服务器,这里是校园网的DNS服务器
nslookup cachea.nic.jnu.edu.cn
服务器:  cachea.nic.jnu.edu.cn
Address:  192.168.10.8
名称:    cachea.nic.jnu.edu.cn
Addresses:  2001:da8:2002::10:8
          192.168.10.8

查看一下本机DNS服务器:

其中一个便是192.168.10.8
自然,第一个Address便是DNS服务器的IP地址了。

  1. 应答的内容:非权威应答上面已经讲过,这里的名称(name)是指要查询的域名,查询www.oschina.net时的名称是该站点的A记录绑定域名,www.oschina.netfn0wz54v.dayugslb.com的CNAME记录,第二个Address就是该站点的IP地址,Aliases是别名的意思,意思是www.oschina,netfn0wz54v.dayugslb.com的別名。

2 指定某一DNS服务器进行解析

C:\Users\admin>nslookup baidu.com 114.114.114.114
服务器:  public1.114dns.com
Address:  114.114.114.114

非权威应答:
名称:    baidu.com
Addresses:  39.156.69.79
          220.181.38.148

国内优秀公共DNS服务:
1、114DNS
114.114.114.114
114.114.115.115

2、腾讯
119.29.29.29
182.254.118.118

3、阿里
223.5.5.5
223.6.6.6

4、百度
180.76.76.76

5、CNNIC
1.2.4.8
210.2.4.8

盘点国内外优秀的DNS服务器:https://80ea4520.wiz03.com/wapp/pages/view/share/s/20WAkw2zU17G2_qokg3SpfH81BhpQ31Ag48I2o19hc3msadD

3 查询其他记录

直接查询返回的是A记录,我们可以指定参数,查询其他记录,比如AAAA、MX等。

nslookup -qt=type domain [dns-server]

其中,type可以是以下这些类型:

  • A 地址记录
  • AAAA 地址记录
  • AFSDB Andrew文件系统数据库服务器记录
  • ATMA ATM地址记录
  • CNAME 别名记录
  • HINFO 硬件配置记录,包括CPU、操作系统信息
  • ISDN 域名对应的ISDN号码
  • MB 存放指定邮箱的服务器
  • MG 邮件组记录
  • MINFO 邮件组和邮箱的信息记录
  • MR 改名的邮箱记录
  • MX 邮件服务器记录
  • NS 域名服务器记录
  • PTR 反向记录
  • RP 负责人记录
  • RT 路由穿透记录
  • SRV TCP服务器信息记录
  • TXT 域名对应的文本信息
  • X25 域名对应的X.25地址记录

例如:

C:\Users\admin>nslookup -qt=CNAME www.oschina.net
服务器:  cachea.nic.jnu.edu.cn
Address:  192.168.10.8

非权威应答:
www.oschina.net canonical name = fn0wz54v.dayugslb.com
//www.oschina.net 的规范名称是 fn0wz54v.dayugslb.com

关于Canonical name的解释

A Canonical Name record (abbreviated as CNAME record) is a type of resource record in the Domain Name System (DNS) used to specify that a domain name is an alias for another domain, the "canonical" domain. All information, including subdomains, IP addresses, etc., are defined by the canonical domain.
规范名称记录(缩写为CNAME记录)是域名系统(DNS)中的一种资源记录,用于指定域名是另一个域(“规范”域)的别名。所有信息,包括子域,IP地址等,均由规范域定义。

This can prove convenient when running multiple services (like an FTP server and a webserver; each running on different ports) from a single IP address. One can, for example, point ftp.example.com and www.example.com to the DNS A record for example.com, which in turn points to the IP address. Then, if the IP address ever changes, one only has to record the change in one place within the network: in the DNS A record.
当从单个IP地址运行多个服务(例如FTP服务器和Web服务器;每个都运行在不同的端口上)时,这可以证明很方便。例如,可以将ftp.example.com和www.example.com指向example.com的DNS A记录,该记录又指向IP地址。然后,如果IP地址曾经更改过,则只需将更改记录在网络中的一个位置即可:在DNS A记录中。

CNAME records must always point to another domain name, never directly to an IP address.
CNAME记录必须始终指向另一个域名,永远不要直接指向IP地址

查看邮箱记录

C:\Users\admin>nslookup -qt=MX www.oschina.net 114.114.114.114
服务器:  public1.114dns.com
Address:  114.114.114.114

非权威应答:
www.oschina.net canonical name = fn0wz54v.dayugslb.com

dayugslb.com
        primary name server = ns3.dnsv5.com
        responsible mail addr = enterprise3dnsadmin.dnspod.com
        serial  = 1600760096
        refresh = 3600 (1 hour)
        retry   = 180 (3 mins)
        expire  = 1209600 (14 days)
        default TTL = 180 (3 mins)

3 查询更具体的信息

查询语法:

nslookup –d [其他参数] domain [dns-server]

只要在查询的时候,加上-d参数,即可查询域名的缓存。

C:\Users\admin>nslookup -d www.oschina.net 114.114.114.114
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 1, rcode = NOERROR
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 1,  authority records = 0,  additional = 0

    QUESTIONS:
        114.114.114.114.in-addr.arpa, type = PTR, class = IN
    ANSWERS:
    ->  114.114.114.114.in-addr.arpa
        name = public1.114dns.com
        ttl = 510 (8 mins 30 secs)

------------
服务器:  public1.114dns.com
Address:  114.114.114.114

------------
Got answer:
    HEADER:
        opcode = QUERY, id = 2, rcode = NOERROR
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 2,  authority records = 0,  additional = 0

    QUESTIONS:
        www.oschina.net, type = A, class = IN
    ANSWERS:
    ->  www.oschina.net
        canonical name = fn0wz54v.dayugslb.com
        ttl = 35 (35 secs)
    ->  fn0wz54v.dayugslb.com
        internet address = 180.97.125.228
        ttl = 35 (35 secs)

------------
非权威应答:
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 3, rcode = NOERROR
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 1,  authority records = 1,  additional = 0

    QUESTIONS:
        www.oschina.net, type = AAAA, class = IN
    ANSWERS:
    ->  www.oschina.net
        canonical name = fn0wz54v.dayugslb.com
        ttl = 35 (35 secs)
    AUTHORITY RECORDS:
    ->  dayugslb.com
        ttl = 107 (1 min 47 secs)
        primary name server = ns3.dnsv5.com
        responsible mail addr = enterprise3dnsadmin.dnspod.com
        serial  = 1600760096
        refresh = 3600 (1 hour)
        retry   = 180 (3 mins)
        expire  = 1209600 (14 days)
        default TTL = 180 (3 mins)

------------
名称:    fn0wz54v.dayugslb.com
Address:  180.97.125.228
Aliases:  www.oschina.net

利用本地DNS服务器进行解析

C:\Users\admin>nslookup -d www.oschina.net
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 1, rcode = NOERROR
        header flags:  response, auth. answer, want recursion, recursion avail.
        questions = 1,  answers = 1,  authority records = 2,  additional = 4

    QUESTIONS:
        8.10.168.192.in-addr.arpa, type = PTR, class = IN
    ANSWERS:
    ->  8.10.168.192.in-addr.arpa
        name = cachea.nic.jnu.edu.cn
        ttl = 86400 (1 day)
    AUTHORITY RECORDS:
    ->  168.192.in-addr.arpa
        nameserver = cachea.nic.jnu.edu.cn
        ttl = 86400 (1 day)
    ->  168.192.in-addr.arpa
        nameserver = cacheb.nic.jnu.edu.cn
        ttl = 86400 (1 day)
    ADDITIONAL RECORDS:
    ->  cachea.nic.jnu.edu.cn
        internet address = 192.168.10.8
        ttl = 86400 (1 day)
    ->  cachea.nic.jnu.edu.cn
        AAAA IPv6 address = 2001:da8:2002::10:8
        ttl = 86400 (1 day)
    ->  cacheb.nic.jnu.edu.cn
        internet address = 192.168.11.8
        ttl = 86400 (1 day)
    ->  cacheb.nic.jnu.edu.cn
        AAAA IPv6 address = 2001:da8:2002::11:8
        ttl = 86400 (1 day)

------------
服务器:  cachea.nic.jnu.edu.cn
Address:  192.168.10.8

------------
Got answer:
    HEADER:
        opcode = QUERY, id = 2, rcode = NOERROR
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 2,  authority records = 0,  additional = 0

    QUESTIONS:
        www.oschina.net, type = A, class = IN
    ANSWERS:
    ->  www.oschina.net
        canonical name = fn0wz54v.dayugslb.com
        ttl = 226 (3 mins 46 secs)
    ->  fn0wz54v.dayugslb.com
        internet address = 180.97.125.228
        ttl = 226 (3 mins 46 secs)

------------
非权威应答:
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 3, rcode = NOERROR
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        www.oschina.net, type = AAAA, class = IN

------------
名称:    fn0wz54v.dayugslb.com
Address:  180.97.125.228
Aliases:  www.oschina.net

第一个Got answer后面几行,包括了一个ttl数值。这个数值就是域名记录的生存时间。

4 用nslookup模拟DNS迭代解析过程

操作环境:Windows
解析目标:bilibili.com(试过baidu.com,但被权限域名服务器给拒绝了)

  1. 指定根域名服务器
nslookup bilibili.com a.root-servers.net


返回十个顶级域名服务器,均为com结点。

  1. 指定顶级域名服务器
nslookup bilibili.com a.gtld-servers.net


返回了两个权限域名服务器
查看其whois信息

DNSPod是中国第一大DNS解析服务提供商、第一大域名托管商。

  1. 指定二级域名服务器
nslookup bilibili.com ns3.dnsv5.com

  1. 或直接用本地域名服务器
    nslookup bilibili.com

    Windows主机ping一下:

    Linux主机ping一下:

    由于两台主机的地理位置不同,所以DNS解析出来的IP地址不同,一般是就近服务。

 

感谢阅读!

参考:https://blog.csdn.net/violet_echo_0908/article/details/52033725

posted @ 2020-09-23 16:03  叶际参差  阅读(2334)  评论(0编辑  收藏  举报