NSLOOKUP bridge leading to DNS

[NSLOOKUP? ¡¿

The nslookup command is a very common network command in Linux, in short, “check DNS information”.

You can see the official explanation of Nslookup is “Query Internet Name Servers Interactively” through Man Nslookup.

[NSLOOKUP author? ¡¿

It can be seen by man nslookup, and I look for his Linkedin homepage, the original

He is a high-profile student of computer science, once studied at Harvard University and University of California Berkeley.

Currently in ChoicesTream,

[There is no nslookup command? ¡¿

If your Linux system does not have a nslookup command, then 80% is that you have not installed a bind-utils package.

Direct Yum Install Bind-Utils can solve the problem.

[NSLOOKUP two modes]

Nslookup is a program that can query Internet domain server information. He has two working modes, “interactive mode” and “non-interactive mode”.

Under “Interaction Mode”, users can query the information of all kinds of hosts, domain names to the domain name server, or output a list of hosts in the domain name.

Under “Non-interactive mode”, users can only get specific names or desired information for a host or domain name.

[How to enter interactive mode? ¡¿

Enter interactive mode, there are two ways.

The first method, enter the nslookup command directly, does not add any parameters, then enter the interactive mode, and Nslookup is connected to the default domain name server (ie the first DNS address of /etc/resolv.conf).

The second method is to support the selected different domain name servers. You need to set the first parameter “-“, and then the second parameter is to set the domain name server host name or IP address to be connected.

[How to enter non-interactive mode? ¡¿

If you add the IP or host name you want to query directly after the nslookup command, then the non-interactive mode is entered. Of course, you can also set the domain name server to be connected in the second parameter location.

[Options and parameters]

Nslookup not only supports setting parameters, but also supports setting options (Options). For example, you can use -Query to set the query type host message, and set the initial timeout time limit for 10 seconds:

Nslookup -queryhinfo -timeout10

[Interactive mode is very powerful]

1 direct query domain name

If you enter domain name directly (for www.baidu.com), there will be an output similar to the following:

$ nslookup> www.baidu.comserver: 61.139.2.69 // Upconnected DNS Server Address: 61.139.2.69 # 53 // The IP address of the upper DNS server and the port number Non-Authoritative Answer: // Non-authoritative answer, That is, the value reads from the local cache of the Upload DNS server, rather than actually querying the value www.baidu.com canonical name www.a.shifen.com. // Description www.baidu.com has an individual name Called www.a.shifen.comName: www.a.shifen.com // Domain Name www.a.shifen.comAddress: 119.75.217.56 // One of the corresponding IP addresses Name: www.a.shifen.comAddress: 119.75. 218.77 // Two of the corresponding IP address

2 Server [Domain]

First NSLookup is connected to the current default DNS server to query the Domain’s IP address and will serve as the current default DNS server.

In addition, there is another command called Lserveer [domain], which is different from the server that it is a local first DNS server to query Domain’s IP address and will be used as the current DNS server. (The first letter L in Lserveer is the meaning of Local)

$ nslookup> www.baidu.com // Query Server: 61.139.2.69 # 53non-authoritative answers: www.baidu.com canonical name www.baidu.com canonical name www.baidu.com canonical name www.a.shifen.com. Name: www.a.shifen.comAddress: 119.75.218.77 // The corresponding description information is “Beijing Baidu Network News Technology” Name: www.a.shifen.comAddress: 119.75.217.56> Server 8.8.8.8 // Changed Upconnect Server: 8.8.8.8Address: 8.8.8.8 # 53> www.baidu.com / //////> Check Server: 8.8.8.8.8Address: 8.8.8.8 # 53non-authoritative answer: www.baidu.com canonical name www.a.shifen.com.name: www.a.shifen.comAddress: 220.181.111.147 // Corresponding description information is “Beijing City (Nanxuan Bridge Telecom Computer room) Telecom visible, the IP address returned by two different upward DNS servers is different.

3 exit

Exit the interactive mode of NSLookup.

4 set all

List the current settings of the common options for the NSLookUP tool.

> SET AllDefault Server: 8.8.8.8 // Current Updated DNS Server Address: 8.8.8.8 # 53 // Current Upper DNS Server IP Address and Port Set Options: NovcNodebug Nod2searchRecurseTimeout 0 Retry 3 Port 53QueryType a class InsoRist

5 Set Class [Value]

You can change the query class, and different classes set different protocols.

IN: Internet class (default) CH: chaos class HS: Hesiod class

Generally we use IN. HeSiod is only used within M.I.T (Massachusetts Institute Of Technology, the Missionary Institute of Technology), and now there is even no one. And Chaos is almost extinct, once bind sets of Chaos to assist in the version number information.

6 set [no] debug

Can be used to set whether to enter debug mode. If set debug, you will enter the debug mode, and the complete response package is displayed during the query and the interactive packets.

$ nslookup> Set debug // Enter the debug mode> www.baidu.comserver: 61.139.2.69address: 61.139.2.69 # 53 ————- Questions: // Request www.baidu .com, Type A, Class in Answers: // Return information -> www.baidu.comcanonical name www.a.shifen.com.ttl 1192-> www.a.shifen.cominternet Address 119.75.217.56ttl 262-> Www.a.shifen.comInternet Address 119.75.218.77ttl 262authority Records: Additional Records: ———— Non-Authoritative Answer: www.baidu.com canonical name www.a.shifen.com. Name: www.a.shifen.comAddress: 119.75.217.56name: www.a.shifen.comAddress: 119.75.218.77

7 set [no] d2

The advanced debug mode is turned on, and there will be many information on the internal work of NSLookup, including many functions call information. 8 Set Domain [name]

Used to set the default domain. In this case, this domain is automatically traced on the tail for all Query requests that do not contain “.”.

$ nslookup> SET All / / First Display Upcon DNS server information and all current option information Default Server: 61.139.2.69address: 61.139.2.69 # 53Default Server: 8.8.8.8.8.8.8.8 # 53Default Server: 202.102.224.68 Address: 202.102.224.68 # 53Set options: novcnodebug nod2searchrecursetimeout 0 retry 3 port 53querytype A class INsrchlist // see srchlist (i.e. search list is empty)> set domainbaidu.com // set the default domain to baidu.com> image // Direct Query Imagerver: 61.139.2.69Address: 61.139.2.69 # 53non-authoritative answer: image.baidu.com canonical name image.n.shifen.com. // You can see the default added .baidu.com domain, become the image.baidu.comName: image.n.shifen.comAddress: 220.181.111.131> set domain // Clear domain settings> imageServer: 61.139.2.69Address: 61.139.2.69 # 53Non-authoritative answer: Name: imageAddress: 61.139.8.100 // So, you can find that the domain name analysis is hijacked …

9 set [no] search

If set search is set, only one period is only included in the strings of the query, and the NSLookup is added to the tail of the query string to attempt to query.

10 set port [value]

It is well known that DNS default service port is 53. When some special circumstances, this port changes, you can set this command.

11 set type [value]

You can also write a set querytype [value] for changing the information query type.

By default, nslookup is a record corresponding to the query domain name, and if you want to query your corresponding MX record, you need to set the TYPE value specifically.

The currently used TYPE value is as follows:

A: View the host’s IPv4 address AAAA: View the host’s IPv6 address Any: View all information about the host domain CNAME: Find a formal name corresponding to the alias Hinfo: Find the host’s CPU and operating system type minfo: Find Mailbox information MX: Find Email exchange information NS: Find the domain name server PTR: lookup with a host name rp matching the given IP address: Find the domain of the domain: Find the SOA address in the domain UINFO: Find User Information

For example, the results of the Query for the MX type are as follows:

> Set Typemx> Baidu.com // Query MX Information Server: 61.139.2.69Address: 61.139.2.69 # 53non-Authoritative Answer: Baidu.com Mail Exchange 20 jpmx.baidu.com.baidu.com Mail Exchange 20 mx50.baidu.COM.BAIDU.com Mail Exchange 10 mx.mailcdn.baidu.com.baidu.com Mail Exchange 20 mx1.baidu.com.Authoritative Answers Can Be Found from:> Set Typea> Baidu.com // Query A Record Server: 61.139

Can be used to set the number of query retry, and the timeout time limit for each query.

¡¾Summarize¡¿

In fact, the MAN information of the nslookup command is not long. Everyone carefully reads 20 or 30 minutes.

The nslookup command is small, but it is very practical. It is a very convenient communication bridge between our and DNS servers.

Thanks!