===
"First Meeting"
I believe that the use of Nslookup students must be more than the use of dig students, so it is necessary to take some time to introduce you to dig.
Dig, and Nslookup functions are similar, are DNS query tools.
Dig, in fact, is an abbreviation, that is, domain information Groper.
Some professional DNS administrators in the tracing of DNS issues, are happy to use the dig command, is a fancy dig set flexible, output clear, powerful features.
"The simplest dig usage"
The simplest dig usage is, of course, the direct input dig press ENTER.
?
123456 |
$ dig ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.2 <<>> //Dig 命令的版本信息 ;; global options: +cmd ;; Got answer: ;; ->>HEADER< |
From the above output, you must have observed that when you use the dig command directly without any parameters and options, dig queries the default up-to-connect DNS server. NS record (root domain).
"Dig Add a Point"
Just enter dig directly, this time we add a "." To see what the difference between the results and just now:
?
123456 |
$ dig . ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.2 <<>> . ;; global options: +cmd ;; Got answer: ;; ->>HEADER< |
"I want to use Google-dns to check baidu.com's a record."
?
1234567 |
$ dig @8.8.8.8 www.baidu.com A // 命令格式为 dig @dnsserver name querytype ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.2 <<>> @8.8.8.8 www.baidu.com A ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER< |
From this example, everyone learns that the basic command format for dig is:
?
1 |
dig @dnsserver name querytype |
If you set the DNSServer to be a domain name, then dig will first query the corresponding IP address through the default up-to-connect DNS server, and then set the DNSServer as the upper-connection DNS server.
If you do not set @dnsserver, then dig will use the address in/etc/resolv.conf in turn as the upper-connection DNS server.
And for QueryType, if you read my last on the nslookup command, then you should have a knowledge of querytype, you can set the A/aaaa/ptr/mx/any equivalent, the default is to query a record.
"Some common options"
The 1-c option allows you to set the protocol type (class), including in (default), CH, and HS.
2-f option , dig support to read content from a file for batch queries, this is very thoughtful and convenient. The content of the file requires one row for a query request. Let's take a practical example:
?
1234567891011 |
$ cat Querylist // file contents, total two domain names need to be queried www.baidu.com www.sohu.com $ dig -f querylist-c in-t A // set-F parameter Start bulk query << >> DiG 9.8.2rc1-redhat-9.8.2-0.10.rc1.el6_3.2 <<>> www.baidu.com ; Global options: +cmd ; Got Answer: ->>header<> DiG 9.8.2rc1-redhat-9.8.2-0.10.rc1.el6_3.2 <<>> www.sohu.com ; Got Answer: |
3-4 and 62 options for setting only which one is used as the query Packet transport protocol, corresponding to IPV4 and IPV6 respectively.
The 4-t option , which is used to set the query type, is a by default, or can be set to a type such as MX, for example:
?
123456 |
$ dig roclinux.cn -t MX ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.2 <<>> roclinux.cn -t MX ;; global options: +cmd ;; Got answer: ;; ->>HEADER< |
The 5-q option , in fact, is a redundant option in itself, but it is also useful in complex dig commands. The-Q option allows you to explicitly set the domain name you want to query, which avoids confusion with many other parameters and options, improving the readability of the command, for example:
?
123456 |
$ dig -q www.roclinux.cn ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.2 <<>> -q www.roclinux.cn ;; global options: +cmd ;; Got answer: ;; ->>HEADER< |
The 6-x option is the reverse query option. You can query the mapping of IP addresses to domain names. To give an example:
?
123456 |
$ dig -x 193.0.14.129 ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.2 <<>> -x 193.0.14.129 ;; global options: +cmd ;; Got answer: ;; ->>HEADER< |
"Dig-specific query option"
Unlike just the options, dig also has a number of so-called "query Options", the use of this batch of options will affect the Dig query mode or output results information, so for this batch of options, dig requires explicit in front of the unified plus a "+" (plus), so that dig recognition will be more convenient, Commands are also more readable.
Dig a total of 42 query options, involving all aspects of DNS information, so many query options, this article will not be one by one to repeat, will only pick out the most commonly used in several key explanations.
"TCP instead of UDP"
It is well known that the interaction in the DNS query process is UDP-based. If you want to use TCP, you need this:
?
123456 |
$ dig +tcp www.baidu.com ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.2 <<>> +tcp www.baidu.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER< |
"Append Domain by default"
If you look directly at the example, you should be able to understand the concept of "Default Domain", and you can understand the role of +domain=somedomain:
?
123456 |
dig +domain=baidu.com image ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6_3.2 <<>> +domain=baidu.com image ;; global options: +cmd ;; Got answer: ;; ->>HEADER< |
"Tracking dig whole process"
Dig is a very famous query option is +trace, when using this query option, dig will be tracking from the root domain until the query to the final result, and the entire process information output.
?
1234567891011121314151617181920212223242526272829303132333435 |
$
dig +trace roclinux.cn ; <<>> DiG 9.2.4 <<>> +trace roclinux.cn
;; global options: printcmd
. 335937 IN NS l.root-servers.net.
. 335937 IN NS b.root-servers.net.
. 335937 IN NS d.root-servers.net.
. 335937 IN NS k.root-servers.net.
. 335937 IN NS h.root-servers.net.
. 335937 IN NS j.root-servers.net.
. 335937 IN NS a.root-servers.net.
. 335937 IN NS e.root-servers.net.
. 335937 IN NS c.root-servers.net.
. 335937 IN NS m.root-servers.net.
. 335937 IN NS g.root-servers.net.
. 335937 IN NS i.root-servers.net.
. 335937 IN NS f.root-servers.net.
;; Received 400 bytes from 10.23.0.231
#53(10.23.0.231) in 0 ms //从本地DNS查找到根域DNS列表 cn. 172800 IN NS c.dns.cn.
cn. 172800 IN NS a.dns.cn.
cn. 172800 IN NS b.dns.cn.
cn. 172800 IN NS e.dns.cn.
cn. 172800 IN NS ns.cernet.net.
cn. 172800 IN NS d.dns.cn.
;; Received 292 bytes from 192.228.79.201
#53(b.root-servers.net) in 460 ms //选择了b.root-servers.net这台根域DNS来查找cn.域DNS列表 roclinux.cn. 21600 IN NS ns11.edong.com.
roclinux.cn. 21600 IN NS ns12.edong.com.
;; Received 76 bytes from 203.119.27.1
#53(c.dns.cn) in 0 ms //选择了c.dns.cn这台cn.域DNS服务器来查找roclinux.cn的DNS列表
roclinux.cn. 3600 IN A 116.255.245.206
roclinux.cn. 3600 IN NS ns12.edong.com.
roclinux.cn. 3600 IN NS ns11.edong.com.
;; Received 124 bytes from 61.147.124.145
#53(ns11.edong.com) in 104 ms //最终查找到A记录
|
"Thin dig Output"
1 If you use +nocmd, you can save output dig version information.
2 with +short, only the most streamlined CNAME information and a record will be exported, and none of the others will be output. Just like this:
?
1234 |
$ dig +short www.baidu.com www.a.shifen.com. 119.75.218.77 119.75.217.56 |
3 using +nocomment, you can save the details of the output dig annotation information.
4 If you use +nostat, the final statistic will not be output. When +nocmd, +nocomment and +nostat are used, this is the case:
?
12345 |
$ Dig +nocmd +nocomment +nostat www.baidu.com ; www.baidu.com. in A www.baidu.com. 260 in cname Www.a.shifen.com. www.a.shifen.com. 244 in a 119.75.217.56 www.a.shifen.com. 244 in a 119.75.218.77 |
Linux command dig command to dig out DNS secrets