2011年4月17日 星期日

網際網路查詢指令nslookup

Default Server: redhat52.siyongc.domain
Address: 192.168.0.17


然後您輸入欲查詢的主機或 IP 位址﹐您會看到從 DNS 回來的結果﹕

> pii266.siyongc.domain
Server: redhat52.siyongc
Address: 192.168.0.17

Name: pii266.siyongc.domain
Address: 192.168.0.15

> www.hinet.net
Server: redhat52.siyongc.domain
Address: 192.168.0.17

Non-authoritative answer:
Name: w3c2.hinet.net
Address: 168.95.1.84
Aliases: www.hinet.net


這是一個標準模式下面的查詢﹐我們可以看到﹕不是這台 DNS 伺服器管理的查詢﹐而且已經在 cache 裡面的話﹐會附加一個﹕“Non-authoritative answer:”的回應信息。因為在 cache 中的資料未必與真正授權主機上的一致。

若想查詢更多資訊,我們可將查詢模式設為 any 之後﹐再輸入同樣的主機名稱試試看﹕


> set q=any
> pii266.siyongc.domain
Server: redhat52.siyongc.domain
Address: 192.168.0.17

pii266.siyongc.domain preference = 20, mail exchanger = debian.home
pii266.siyongc.domain preference = 10, mail exchanger = redhat52.siyongc.domain
pii266.siyongc.domain internet address = 192.168.0.15
siyongc.domain nameserver = debian.home
siyongc.domain nameserver = redhat52.siyongc.domain
debian.home internet address = 192.168.0.2
redhat52.siyongc.domain internet address = 192.168.0.17

-------------------------------------------------------------------

您就可以看到更多的資料了﹐例如﹕MX﹑NS﹑和它們的 IP 位址等信息。假如您使用“除錯模式”的話﹐看到的資料還將更多﹗


> set debug
> www.hinet.net
Server: redhat52.siyongc.domain
Address: 192.168.0.17

;; res_nmkquery(QUERY, www.hinet.net, IN, ANY)
------------
Got answer:
HEADER:
opcode = QUERY, id = 3102, rcode = NOERROR
header flags: response, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 3, additional = 3

QUESTIONS:
www.hinet.net, type = ANY, class = IN
ANSWERS:
-> www.hinet.net
canonical name = w3c2.hinet.net
ttl = 76134 (21h8m54s)
AUTHORITY RECORDS:
-> hinet.net
nameserver = HNTP1.hinet.net
ttl = 162533 (1d21h8m53s)
-> hinet.net
nameserver = HNTP3.hinet.net
ttl = 162533 (1d21h8m53s)
-> hinet.net
nameserver = DNS.hinet.net
ttl = 162533 (1d21h8m53s)
ADDITIONAL RECORDS:
-> HNTP1.hinet.net
internet address = 168.95.192.1
ttl = 162533 (1d21h8m53s)
-> HNTP3.hinet.net
internet address = 168.95.192.2
ttl = 162533 (1d21h8m53s)
-> DNS.hinet.net
internet address = 168.95.1.1
ttl = 162533 (1d21h8m53s)

------------
Non-authoritative answer:
www.hinet.net
canonical name = w3c2.hinet.net
ttl = 76134 (21h8m54s)

Authoritative answers can be found from:
hinet.net
nameserver = HNTP1.hinet.net
ttl = 162533 (1d21h8m53s)
hinet.net
nameserver = HNTP3.hinet.net
ttl = 162533 (1d21h8m53s)
hinet.net
nameserver = DNS.hinet.net
ttl = 162533 (1d21h8m53s)
HNTP1.hinet.net
internet address = 168.95.192.1
ttl = 162533 (1d21h8m53s)
HNTP3.hinet.net
internet address = 168.95.192.2
ttl = 162533 (1d21h8m53s)
DNS.hinet.net
internet address = 168.95.1.1
ttl = 162533 (1d21h8m53s)

----------------------------------------------

另外﹐您還可以用 set q=mx 或 set q=ptr 等模式來查詢特定的記錄﹐也可以用 ls 後接 domain name 來查看某個 domain 的所有主機記錄。善用 nslookup 我們可以找到許多 DNS 的信息﹐而當有問題發生的時候﹐這個工具就變得非常有用了。

沒有留言:

張貼留言