通过 dig 解析域名,便于问题排查
1. 常见的DNS记录类型
1.1 A记录(默认)
代码语言:txt复制$ dig dhcp.cn
; <<>> DiG 9.10.6 <<>> dhcp.cn
;; global options: cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30553
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 7
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;dhcp.cn. IN A
;; ANSWER SECTION:
dhcp.cn. 300 IN A 159.75.190.197
;; AUTHORITY SECTION:
dhcp.cn. 86400 IN NS ns4.dns.com.
dhcp.cn. 86400 IN NS ns3.dns.com.
;; ADDITIONAL SECTION:
ns3.dns.com. 372 IN A 119.167.180.139
ns3.dns.com. 372 IN A 218.98.111.173
ns4.dns.com. 171364 IN A 211.99.99.52
ns4.dns.com. 171364 IN A 183.253.57.199
ns3.dns.com. 492 IN AAAA 2404:da80::1:1a2
ns4.dns.com. 172715 IN AAAA 240e:ff:9000:1100::1a2
;; Query time: 47 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Feb 09 12:10:45 CST 2021
;; MSG SIZE rcvd: 3091.2 MX(邮箱)
代码语言:txt复制dig dhcp.cn mx
; <<>> DiG 9.10.6 <<>> dhcp.cn mx
;; global options: cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23243
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 8
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;dhcp.cn. IN MX
;; ANSWER SECTION:
dhcp.cn. 600 IN MX 5 mxbiz1.qq.com.
dhcp.cn. 600 IN MX 10 mxbiz2.qq.com.
;; AUTHORITY SECTION:
dhcp.cn. 86400 IN NS ns4.dns.com.
dhcp.cn. 86400 IN NS ns3.dns.com.
;; ADDITIONAL SECTION:
mxbiz2.qq.com. 592 IN A 183.57.48.34
ns3.dns.com. 167756 IN A 119.167.180.139
ns3.dns.com. 167756 IN A 218.98.111.173
ns4.dns.com. 171754 IN A 183.253.57.199
ns4.dns.com. 171754 IN A 211.99.99.52
ns3.dns.com. 172238 IN AAAA 2404:da80::1:1a2
ns4.dns.com. 172665 IN AAAA 240e:ff:9000:1100::1a2
;; Query time: 31 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Feb 09 12:10:16 CST 2021
;; MSG SIZE rcvd: 387查询出 MX 的记录为 ;; ANSWER SECTION: dhcp.cn. 600 IN MX 5 mxbiz1.qq.com. dhcp.cn. 600 IN MX 10 mxbiz2.qq.com.
当然可以用更简短的方式查询
代码语言:txt复制$ dig nocmd dhcp.cn mx noall answer
dhcp.cn. 600 IN MX 5 mxbiz1.qq.com.
dhcp.cn. 600 IN MX 10 mxbiz2.qq.com.1.3 TXT
验证域名所有权会经常使用 DNS 解析 TXT记录的方式,比如申请 SSL 证书或 Google、百度站长认证时;
代码语言:txt复制$ dig nocmd dhcp.cn txt noall answer
dhcp.cn. 600 IN TXT "google-site-verification=yVvYi9IY_0g9xKaASfQbS2pE-BJPQiCQyKIv8QrcoDU"1.4 CNAME(映射)
代码语言:txt复制$ dig cloud.tencent.com CNAME
; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7_5.1 <<>> cloud.tencent.com CNAME
;; global options: cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3408
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;cloud.tencent.com. IN CNAME
;; ANSWER SECTION:
cloud.tencent.com. 2574 IN CNAME cloud.tencent-cloud.com.
;; Query time: 0 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jul 26 11:18:27 CST 2019
;; MSG SIZE rcvd: 802. 其他查询
2.1 反向查询
通过 IP 查询域名,一般会把邮件服务器的IP转成域名,减少被当成垃圾邮件的可能性;
代码语言:txt复制$ dig -x 114.114.114.114 short
public1.114dns.com.2.2 跟踪DNS完整解析过程
代码语言:txt复制$ dig trace dhcp.cn A
; <<>> DiG 9.9.4-RedHat-9.9.4-74.el7_6.1 <<>> trace dhcp.cn A
;; global options: cmd
. 220 IN NS b.root-servers.net.
. 220 IN NS c.root-servers.net.
. 220 IN NS d.root-servers.net.
. 220 IN NS e.root-servers.net.
. 220 IN NS f.root-servers.net.
. 220 IN NS g.root-servers.net.
. 220 IN NS h.root-servers.net.
. 220 IN NS i.root-servers.net.
. 220 IN NS j.root-servers.net.
. 220 IN NS k.root-servers.net.
. 220 IN NS l.root-servers.net.
. 220 IN NS m.root-servers.net.
. 220 IN NS a.root-servers.net.
;; Received 228 bytes from 183.60.83.19#53(183.60.83.19) in 8 ms
cn. 172800 IN NS a.dns.cn.
cn. 172800 IN NS b.dns.cn.
cn. 172800 IN NS c.dns.cn.
cn. 172800 IN NS d.dns.cn.
cn. 172800 IN NS e.dns.cn.
cn. 172800 IN NS f.dns.cn.
cn. 172800 IN NS g.dns.cn.
cn. 172800 IN NS ns.cernet.net.
cn. 86400 IN DS 57724 8 2 5D0423633EB24A499BE78AA22D1C0C9BA36218FF49FD95A4CDF1A4AD 97C67044
cn. 86400 IN RRSIG DS 8 1 86400 20210221220000 20210208210000 42351 . GwTWf8uiWRrKdOv1c/hPIjoSQB9xuFML/YoBreSgjhSdSXdR9b9IqFHl jEz4UCdmzkMjPGCeW8jGKWN2KNkokEDIR1ncwGeDzAOS/E36QHVKUFup XuxEQ0lLzTfoiuzFE DI0JJKgmZ9TqMoZhf7R81eDAZjNLD o88HQrPZ uX8h3RV9GswD89xX9ATaQ/eScOznL0A r5OiXiRr58rExjIGnl1xXYot lt3cnk29wyKyYhV4BKOshqzvJ9fFXWxnLtGh6hfJ4u2VK4eIudLDyP86 kU p3feVgvLeKfAUEQTgnGB6nXyzKwjMvL58Bc6CjFRyxC rVx1cmZ7k GJSzdA==
;; Received 698 bytes from 192.58.128.30#53(j.root-servers.net) in 289 ms
dhcp.cn. 86400 IN NS ns4.dns.com.
dhcp.cn. 86400 IN NS ns3.dns.com.
3QDAQA092EE5BELP64A74EBNB8J53D7E.cn. 21600 IN NSEC3 1 1 10 AEF123AB 3QLMP0QRNQ96G5AFGOPNB7U7IJ4MBP4B NS SOA RRSIG DNSKEY NSEC3PARAM
3QDAQA092EE5BELP64A74EBNB8J53D7E.cn. 21600 IN RRSIG NSEC3 8 2 21600 20210219232103 20210120223121 38388 cn. egUUHUBM1MRpZ6a3A50udRCPlvehcsFUYkqe9O8BdT9Gc4YJvOlN2oCZ zE0 QH GAirPz1VYbi7svl6b0bqg6gYVuOQzSH50uJ8unztca6oXv 40 EGnLPJ4Xg9NSldwVoJUO6y3gNywq2M9idMogQtoIVgkHUlJytmbC5c3s /S4=
PMKLHTU44AB8KHG3RA0HGM2F32M9I89I.cn. 21600 IN NSEC3 1 1 10 AEF123AB PMT8A7297V9R4G5IGI7A1I74LVDQNHPS NS DS RRSIG
PMKLHTU44AB8KHG3RA0HGM2F32M9I89I.cn. 21600 IN RRSIG NSEC3 8 2 21600 20210220014744 20210121005312 38388 cn. g3Ixt94PwvzKSshMEQMF8cUkrDK JvBdJztbMCxRw43F0vxG3fnuaIEN L9SwksSGQ h/WtyBeAdKoZOUV cd/FHaG3ggX4zMdHi7o5tLsDwHXwwv OtiGGOBiQUsDiAJgiNHkrHSXJPwW6eEXxP/eed4d8CQw8wtW Rs ynTu ppE=
;; Received 570 bytes from 203.119.29.1#53(e.dns.cn) in 208 ms
dhcp.cn. 600 IN A 159.75.190.197
dhcp.cn. 86400 IN NS ns3.dns.com.
dhcp.cn. 86400 IN NS ns4.dns.com.
;; Received 102 bytes from 119.167.180.139#53(ns3.dns.com) in 35 msreference
- 1 sparkdev. Linux dig
- 2 sysgeek.cn 如何使用Dig命令在Linux中查询DNS记录
- 3 k8s入门教程. dig
