Fun with DNS: Three Useful Commands
The DNS is a distributed, hierarchical database where
authority flows from the top (or root) of the hierarchy
downward.
When thinking of the structure of the DNS, imagine an inverted
tree. Each branch of the tree is within a zone of authority;
however, multiple branches of the tree can be within a single
zone.
The software (Bind being the most common) that stores domain
name information is called a domain name server. A single
name server can be authoritative for multiple zones. All
zones have a primary master and a secondary master name
server that provides authoritative responses for their zones.
If you query a name server not authoritative for a particular
zone, that name server will most likely have up-to-date
information. This is because zone information propagates
throughout the Internet at regular intervals, and name servers
cache zone information for which they are not authoritative.
DNS Commands
There are three crucial commands that can put all the DNS
information you need at your fingertips. The way to use
this article is to try each of the commands listed on a
domain name, so you can see what the output looks like.
Learn by doing!
Zone file database records divide DNS information into
three primary types: NS (Name Server) records, MX (Mail
Exchange) records, and A (Address) records. NS records indicate
the name servers. MX records indicate the hosts that handle
e-mail delivery; the priority (pri) number indicates the
order in which mail servers are used, with the lowest number
receiving the highest priority. The A (Address) records
map hostnames to IP addresses, the real names of machines.
host
This is the simplest of the DNS commands. It is a quick
way to determine the IP address of a hostname:
: host www.your-domain-name.com
The -a option will return all of the DNS information in
verbose format.
: host -a www.your-domain-name.com
Now that you know the IP address for www.your-domain-name.com,
try a reverse lookup.
: host IP-ADDRESS
dig (domain information groper)
This command gathers and returns DNS information in a format
the name server can use directly. You will find it easy
to query
specific name servers with dig.
You can quickly determine the Name servers of your host
or any other host:
: dig ns your-host.com
Then you check your (or another) website against the host's
name servers:
dig www.your-domain-name.com @ns.your-host.com
Dig can provide output that is in the same format as the
zone file itself. Here is how to get the whole zone file:
dig any your-domain-name.com
Here are the most useful dig query types: dig any (gathers
all DNS information), dig ns (gathers name server information),
dig mx (gathers mail exchanger information) and dig a (gathers
network address information).
The dig command can also do reverse lookups with output
formatted for the zone file:
: dig -x IP-Address
nslookup
You can use this tool as a single line command, or you
can use it interactively, which distinguishes it from the
other DNS commands. Once you have started nslookup, type
set all to list the default options. As with dig you can
choose the server (name server) you want to query, and you
can decide the type of DNS information on which to focus.
Just as you can issue commands to nslookup interactively,
you can also change the initial defaults by starting a .nslookuprc
file. The format of the .nslookup is one command per line:
set type=NS
set domain=srvns.your-host.com
set timeout=10
Conclusion
These three commands can provide you with most of the information
you need about your domain names. They are powerful tools,
and this article should provide you enough information to
get started or offer a quick refresher if you already use
these commands.
Back
to Tips Page |
