34
NETWORKING IN LINUX DNS Related Commands Sayed Ahmed Computer Engineering, BUET, Bangladesh (Graduated on 2001 ) MSc, Computer Science, U of Manitoba, Canada http://www.justetc.net http://sayed.justetc.net [email protected]

Linux networking commands

Embed Size (px)

Citation preview

Page 1: Linux networking commands

NETWORKING IN LINUXDNS Related Commands

Sayed AhmedComputer Engineering, BUET, Bangladesh (Graduated on 2001 )MSc, Computer Science, U of Manitoba, Canada

http://www.justetc.nethttp://sayed.justetc.net

[email protected]

Page 2: Linux networking commands

INTRODUCTION Will list mostly DNS related commands

and concepts At one point, will try to discuss DNS

system At another point, will try to explain how

to configure DNS system Related

Zones (Forward Zones, Reverse Zones) And related

Page 3: Linux networking commands

SO WHAT IS MY BACKGROUND IN THIS AREA Some of my study and experience can be checked here

http://sayed.justetc.net/skills.php#networkSkills Started to use Linux on 3rd year of my undergraduate study Used several, like Red Hat, Debian, probably one another at that point

Yes, I also taught Linux at a training center in Bangladesh on my 3rd year in university On 3rd or 4th year, we have connected two buildings in our university residence and provided

services like email, and internal websites [in addition to sharing stuff] At that point Internet was not widespread like now

I taught Computer Networks theory and also practical courses (both Linux and Windows) in Bangladesh in Universities and training Institutes

I was thought/treated to be good (at least to some degree for sure) However, not everything is on top of my head; also, I do not try much to keep it up; but

they should be somewhere in my brain I must have some sense left in my brain if I do not remember it exactly

So if I want to do something in Linux or in Networking, I always find a way And planning to get back on it to some extent

Sure, I have checked/studied lightly CCNA, CCNP stuff Probably, more lightly on other CISCO stuff as well I read a book on establishing an ISP ground up – looks like totally forgot – need to skim through to

remember the stuff

Page 4: Linux networking commands

DNS COMMAND ANSWER TYPES Authoritative Answer vs Non-Authoritative

Answer For a DNS related Linux command

Any answer that originates from the DNS Server which has the complete zone file information available for the domain is said to be authoritative answer.

In many cases, DNS servers will not have the complete zone file information available for a given domain. Instead, it maintains a cache file which has the results of all queries performed in the past for which it has gotten authoritative response. When a DNS query is given, it searches the cache file, and return the information available as “Non-Authoritative Answer”.

Page 5: Linux networking commands

GET DOMAIN/HOST IP ADDRESS Get domain/host IP address

nslookup yahoo.com host -t A yahoo.com

Page 6: Linux networking commands

NSLOOKUP 1. nslookup – Simple Example

nslookup followed by the domain name will display the “A Record” ( IP Address ) of the domain

$ nslookup redhat.com Server: 192.168.19.2 Address: 192.168.19.2#53

Non-authoritative answer: Name: redhat.com Address: 209.132.183.181

Page 7: Linux networking commands

NSLOOKUP AND QUERY THE MX RECORD 2. Query the MX Record using -query=mx MX ( Mail Exchange ) record maps a domain name to a list of mail

exchange servers for that domain. The MX record tells that all the mails sent to “@redhat.com” should be routed to the Mail server in that domain.

$ nslookup -query=mx redhat.com Server: 192.168.19.2 Address: 192.168.19.2#53

Non-authoritative answer: redhat.com mail exchanger = 10 mx2.redhat.com. redhat.com mail exchanger = 5 mx1.redhat.com.

Authoritative answers can be found from: mx2.redhat.com internet address = 66.187.233.33 mx1.redhat.com internet address = 209.132.183.28

Page 8: Linux networking commands

QUERY THE NS RECORD USING -QUERY=NS 3. Query the NS Record using -query=ns

NS ( Name Server ) record maps a domain name to a list of DNS servers authoritative for that domain. It will output the name serves which are associated with the given domain

nslookup -type=ns redhat.com Server: 192.168.19.2 Address: 192.168.19.2#53

Non-authoritative answer: redhat.com nameserver = ns4.redhat.com. redhat.com nameserver = ns2.redhat.com. redhat.com nameserver = ns1.redhat.com. redhat.com nameserver = ns3.redhat.com.

Authoritative answers can be found from: ns4.redhat.com internet address = 209.132.188.218 ns2.redhat.com internet address = 209.132.183.2 ns1.redhat.com internet address = 209.132.186.218 ns3.redhat.com internet address = 209.132.176.100

Page 9: Linux networking commands

QUERY THE SOA RECORD USING -QUERY=SOA

4. Query the SOA Record using -query=soa SOA record ( start of authority ), provides the authoritative information about the

domain, the e-mail address of the domain admin, the domain serial number, etc…

$ nslookup -type=soa redhat.com Server: 192.168.19.2 Address: 192.168.19.2#53

Non-authoritative answer: redhat.com origin = ns1.redhat.com mail addr = noc.redhat.com serial = 2012071601 refresh = 300 retry = 180 expire = 604800 minimum = 14400

Page 10: Linux networking commands

ALL THE AVAILABLE DNS RECORDS USING -QUERY=ANY

Authoritative answers can be found from: ns1.redhat.com internet address = 209.132.186.218

5. View available DNS records using -query=any We can also view all the available DNS records using -query=any option.

$ nslookup -type=any google.com Server: 192.168.19.2 Address: 192.168.19.2#53

Non-authoritative answer: Name: google.com Address: 173.194.35.7 Name: google.com Address: 173.194.35.8

google.com nameserver = ns1.google.com. google.com nameserver = ns2.google.com.

Page 11: Linux networking commands

ALL THE AVAILABLE DNS RECORDS USING -QUERY=ANY google.com origin = ns1.google.com mail addr = dns-admin.google.com serial = 2012071701 refresh = 7200 retry = 1800 expire = 1209600 minimum = 300 google.com mail exchanger = 20 alt1.aspmx.l.google.com. google.com mail exchanger = 30 alt2.aspmx.l.google.com. google.com mail exchanger = 40 alt3.aspmx.l.google.com. google.com mail exchanger = 50 alt4.aspmx.l.google.com. google.com mail exchanger = 10 aspmx-v4v6.l.google.com. google.com has AAAA address 2a00:1450:4002:801::1004

Authoritative answers can be found from: ns4.google.com internet address = 216.239.38.10 ns3.google.com internet address = 216.239.36.10

Page 12: Linux networking commands

REVERSE DNS LOOKUP 6. Reverse DNS lookup

You can also do the reverse DNS look-up by providing the IP Address as argument to nslookup.

$ nslookup 209.132.183.181 Server: 192.168.19.2 Address: 192.168.19.2#53

Non-authoritative answer: 181.183.132.209.in-addr.arpaname = origin-

www2.redhat.com.

Page 13: Linux networking commands

USING SPECIFIC DNS SERVER 7. Using Specific DNS server

Instead of using default DNS server’s for querying, you can also specify a particular name server to resolve the domain name.

$ nslookup redhat.com ns1.redhat.com Server: 209.132.186.218 Address: 209.132.186.218#53

Name: redhat.com Address: 209.132.183.181

In the above command, we have used the ns1.redhat.com as the DNS server. Here you may notice that, we don’t get any “Non-authoritative answer:” header, since ns1.redhat.com has all the zone information of redhat.com

Page 14: Linux networking commands

PORT FOR DNS 8. Change the port number to connect

with By default DNS servers uses the port

number 53. If for any reasons, the port number got changed, then we can specify the port number using -port option

$ nslookup -port 56 redhat.com

Page 15: Linux networking commands

DNS TIMEOUT 9. Change timeout interval to wait for a

reply You can change the default timeout to wait

for a reply using -timeout option $ nslookup -timeout=10 redhat.com

Page 16: Linux networking commands

ENABLING DEBUG MODE USING -DEBUG 10. Enabling debug mode using -debug

You can turn on/off the debugging using -debug option in the command line

$ nslookup -debug redhat.com Server: 192.168.19.2 Address: 192.168.19.2#53

Page 17: Linux networking commands

ENABLING DEBUG MODE USING -DEBUG ------------ QUESTIONS: redhat.com, type = A, class = IN ANSWERS: -> redhat.com internet address = 209.132.183.181 ttl = 5 AUTHORITY RECORDS: ADDITIONAL RECORDS: ------------ Non-authoritative answer: Name: redhat.com Address: 209.132.183.181

Page 18: Linux networking commands

FIND IP MAPPING Code:

host 66.94.234.13 nslookup 66.94.234.13

Page 19: Linux networking commands

DIG You can also use dig Code:

dig yahoo.com dig 66.94.234.13

Page 20: Linux networking commands

NAMESERVER FOR YOUR HOST Your name server listed in

/etc/resolv.conf file Code:

more /etc/resolv.conf cat /etc/resolv.conf vi /etc/resolv.conf

Page 21: Linux networking commands

HOST host

This is the simplest of the DNS commands. It is a quick way to determine the IP address of a hostname:

host www.linuxjournal.com www.linuxjournal.com has address 207.178.22.49 www.linuxjournal.com mail is handled (pri=80) by www.ssc.com www.linuxjournal.com mail is handled (pri=10) by mail.ssc.com www.linuxjournal.com mail is handled (pri=40) by cascadia.a42.com

Page 22: Linux networking commands

REVERSE LOOKUP Now that you know the IP address for

www.linuxjournal.com, you might want to make sure the reverse lookup works. The reverse lookup checks to see if the

reverse zone file maps the IP address to the hostname:

host 207.178.22.49 49.22.178.207.IN-ADDR.ARPA

domain name pointer www.linuxjournal.com

Page 23: Linux networking commands

LISTING 1. DNS INFO IN VERBOSE FORMAT WITH -A OPTION

Listing 1. DNS Info in Verbose Format with -a Option host -a www.linuxjournal.com Trying null domain rcode = 0 (Success), ancount=4 The following answer is not authoritative: The following answer is not verified as authe by the server: www.linuxjournal.com 19788 IN MX 80 www.ssc.com www.linuxjournal.com 19788 IN MX 10 mail.ssc.com www.linuxjournal.com 85833 IN A 207.178.22.49 www.linuxjournal.com 19788 IN MX 40

cascadia.a42.com

Page 24: Linux networking commands

LISTING 1. DNS INFO IN VERBOSE FORMAT WITH -A OPTION For authoritative answers, see: linuxjournal.com 85833 IN NS NS2.ssc.com linuxjournal.com 85833 IN NS cascadia.a42.com linuxjournal.com 85833 IN NS NS2.RACKSPACE.com Additional information: www.ssc.com 226 IN A 207.178.22.48 mail.ssc.com 86261 IN A 216.39.159.17 cascadia.a42.com 72030 IN A 216.39.159.18 NS2.ssc.com 88090 IN A 209.61.155.155 NS2.RACKSPACE.com 172308 IN A 207.71.44.121

Page 25: Linux networking commands

DIG dig (domain information groper)

This powerful command gathers and returns DNS information in a format the name server can use directly. For this reason, dig is particularly useful in scripts. You will find it easy to query specific name servers with dig, making it a useful tool for narrowing down the source of DNS problems.

Suppose you have just transferred your domain name hosting from old-host.com to new-host.com. A customer sends you an e-mail saying he cannot reach your web site when he is logged into his ISP. You suspect the zone information simply has not had time to propagate. So, you find out what the NS records are for the ISP in question:

Page 26: Linux networking commands

DIG dig ns isp-in-question.com ;; ANSWER SECTION:

isp-in-question.com. 10H IN NS ns1.hugeupstream.com.

isp-in-question.com. 10H IN NS isp-in-question.com.

isp-in-question.com. 10H IN NS ns.isp-in-question.com.

isp-in-question.com. 10H IN NS ns.goodnameserver.com.

Page 27: Linux networking commands

DIG Then you check your company's web

site against the ISP's name servers: dig www.yourcompany.com @ns.isp-in-

question.com ;; ANSWER SECTION:

www.yourcompany.com. 59m53s IN A 192.168.5.10

Page 28: Linux networking commands

DIG Wait a minute, that is your old IP address. It appears

the DNS information has not fully propagated yet. Next, you decide to see if old-host.com has removed

the old zone information from their name servers. The “any” option will retrieve all the DNS information:

dig any www.yourcompany.com @ns.old-host.com ;; ANSWER SECTION:

www.yourcompany.com. 1H IN A 192.168.200.250 ;; AUTHORITY SECTION:

yourcompany.com. 1H IN NS webns.new-isp.com. yourcompany.com. 1H IN NS srvns.new-isp.com.

Page 29: Linux networking commands

DIG In this case the A record shows your new IP address for your

web server, and it shows the new authoritative name servers for your domain name. This is the information you hoped to find.

These are the most useful dig query types: dig any (gathers all DNS information), dig ns (gathers name server information), dig mx (gathers mail exchanger information) and dig a (gathers network address information).

The dig command can also do reverse lookups with output formatted for the zone file:

dig -x 192.168.200.250 ;; ANSWER SECTION:

250.200.168.192.in-addr.arpa. 4h11s IN PTR www.yourcompany.com.

Page 30: Linux networking commands

NSLOOKUP nslookup

You can use this tool as a single line command, or you can use it interactively, which distinguishes it from the other DNS commands. Once you have started nslookup, type set all to list the default options. As with dig you can choose the server (name server) you want to query, and you can decide the type of DNS information on which to focus.

Page 31: Linux networking commands

.NSLOOKUPRC Just as you can issue commands to

nslookup interactively, you can also change the initial defaults by starting a .nslookuprc file. The format of the .nslookup is one command per line: set type=NS set domain=srvns.new-host.com set timeout=10

Page 32: Linux networking commands

NSLOOKUP Listing 2. Output with nslookup nslookup

Default Server: server.randomisp.com Address: 172.16.53.130

> set all Default Server: server.randomisp.com Address: 172.16.53.130 Set options: nodebug defname search recurse nod2 novc noignoretc port=53 querytype=A class=IN timeout=10 retry=2 root=a.root-servers.net. domain=randomisp.com srchlist=randomisp.com

Page 33: Linux networking commands

NSLOOKUP > set type=mx > server srvns.new-host.com Default Server: srvns.new-host.com Address: 192.168.200.145 > yourcompany.com Server: webns.new-host.com Address: 192.168.200.144 yourcompany.com preference = 10, mail exchanger =< mail.new-host.com yourcompany.com nameserver = srvns.new-host.com yourcompany.com nameserver = webns.new-host.com mail.new-host.com internet address = 192.168.200.72 srvns.new-host.com internet address = 192.168.200.145 webns.new-host.com internet address = 192.168.200.144 > exit