08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Linux networking commands
1. NETWORKING IN LINUX
DNS Related Commands
Sayed Ahmed
Computer Engineering, BUET, Bangladesh (Graduated on
2001 )
MSc, Computer Science, U of Manitoba, Canada
http://www.justetc.net
http://sayed.justetc.net
sayed@justetc.net
2. INTRODUCTION
Will list mostly DNS related commands and
concepts
At one point, will try to discuss DNS system
At another point, will try to explain how to
configure DNS system
Related
Zones (Forward Zones, Reverse Zones)
And related
3. SO WHAT IS MY BACKGROUND IN THIS AREA
Some of my study and experience can be checked here
http://sayed.justetc.net/skills.php#networkSkills
Started to use Linux on 3rd year of my undergraduate study
Used several, like Red Hat, Debian, probably one another at that point
Yes, I also taught Linux at a training center in Bangladesh on my 3rd year in university
On 3rd or 4th year, we have connected two buildings in our university residence and provided
services like email, and internal websites [in addition to sharing stuff]
At that point Internet was not widespread like now
I taught Computer Networks theory and also practical courses (both Linux and Windows) in
Bangladesh in Universities and training Institutes
I was thought/treated to be good (at least to some degree for sure)
However, not everything is on top of my head; also, I do not try much to keep it up; but they
should be somewhere in my brain
I must have some sense left in my brain if I do not remember it exactly
So if I want to do something in Linux or in Networking, I always find a way
And planning to get back on it to some extent
Sure, I have checked/studied lightly CCNA, CCNP stuff
Probably, more lightly on other CISCO stuff as well
I read a book on establishing an ISP ground up – looks like totally forgot – need to skim through to
remember the stuff
4. DNS COMMAND ANSWER TYPES
Authoritative Answer vs Non-Authoritative
Answer
For a DNS related Linux command
Any answer that originates from the DNS Server
which has the complete zone file information
available for the domain is said to be authoritative
answer.
In many cases, DNS servers will not have the
complete zone file information available for a given
domain. Instead, it maintains a cache file which has
the results of all queries performed in the past for
which it has gotten authoritative response. When a
DNS query is given, it searches the cache file, and
return the information available as “Non-Authoritative
Answer”.
5. GET DOMAIN/HOST IP ADDRESS
Get domain/host IP address
nslookup yahoo.com
host -t A yahoo.com
6. NSLOOKUP
1. nslookup – Simple Example
nslookup followed by the domain name will
display the “A Record” ( IP Address ) of the
domain
$ nslookup redhat.com
Server: 192.168.19.2
Address: 192.168.19.2#53
Non-authoritative answer:
Name: redhat.com
Address: 209.132.183.181
7. NSLOOKUP AND QUERY THE MX RECORD
2. Query the MX Record using -query=mx
MX ( Mail Exchange ) record maps a domain name to a list of mail exchange
servers for that domain. The MX record tells that all the mails sent to
“@redhat.com” should be routed to the Mail server in that domain.
$ nslookup -query=mx redhat.com
Server: 192.168.19.2
Address: 192.168.19.2#53
Non-authoritative answer:
redhat.com mail exchanger = 10 mx2.redhat.com.
redhat.com mail exchanger = 5 mx1.redhat.com.
Authoritative answers can be found from:
mx2.redhat.com internet address = 66.187.233.33
mx1.redhat.com internet address = 209.132.183.28
8. QUERY THE NS RECORD USING -QUERY=NS
3. Query the NS Record using -query=ns
NS ( Name Server ) record maps a domain name to a list of DNS servers authoritative for
that domain. It will output the name serves which are associated with the given domain
nslookup -type=ns redhat.com
Server: 192.168.19.2
Address: 192.168.19.2#53
Non-authoritative answer:
redhat.com nameserver = ns4.redhat.com.
redhat.com nameserver = ns2.redhat.com.
redhat.com nameserver = ns1.redhat.com.
redhat.com nameserver = ns3.redhat.com.
Authoritative answers can be found from:
ns4.redhat.com internet address = 209.132.188.218
ns2.redhat.com internet address = 209.132.183.2
ns1.redhat.com internet address = 209.132.186.218
ns3.redhat.com internet address = 209.132.176.100
9. QUERY THE SOA RECORD USING -QUERY=SOA
4. Query the SOA Record using -query=soa
SOA record ( start of authority ), provides the authoritative information about the
domain, the e-mail address of the domain admin, the domain serial number,
etc…
$ nslookup -type=soa redhat.com
Server: 192.168.19.2
Address: 192.168.19.2#53
Non-authoritative answer:
redhat.com
origin = ns1.redhat.com
mail addr = noc.redhat.com
serial = 2012071601
refresh = 300
retry = 180
expire = 604800
minimum = 14400
10. ALL THE AVAILABLE DNS RECORDS USING -QUERY=ANY
Authoritative answers can be found from:
ns1.redhat.com internet address = 209.132.186.218
5. View available DNS records using -query=any
We can also view all the available DNS records using -query=any option.
$ nslookup -type=any google.com
Server: 192.168.19.2
Address: 192.168.19.2#53
Non-authoritative answer:
Name: google.com
Address: 173.194.35.7
Name: google.com
Address: 173.194.35.8
google.com nameserver = ns1.google.com.
google.com nameserver = ns2.google.com.
11. ALL THE AVAILABLE DNS RECORDS USING -QUERY=ANY
google.com
origin = ns1.google.com
mail addr = dns-admin.google.com
serial = 2012071701
refresh = 7200
retry = 1800
expire = 1209600
minimum = 300
google.com mail exchanger = 20 alt1.aspmx.l.google.com.
google.com mail exchanger = 30 alt2.aspmx.l.google.com.
google.com mail exchanger = 40 alt3.aspmx.l.google.com.
google.com mail exchanger = 50 alt4.aspmx.l.google.com.
google.com mail exchanger = 10 aspmx-v4v6.l.google.com.
google.com has AAAA address 2a00:1450:4002:801::1004
Authoritative answers can be found from:
ns4.google.com internet address = 216.239.38.10
ns3.google.com internet address = 216.239.36.10
12. REVERSE DNS LOOKUP
6. Reverse DNS lookup
You can also do the reverse DNS look-up by
providing the IP Address as argument to
nslookup.
$ nslookup 209.132.183.181
Server: 192.168.19.2
Address: 192.168.19.2#53
Non-authoritative answer:
181.183.132.209.in-addr.arpa name = origin-
www2.redhat.com.
13. USING SPECIFIC DNS SERVER
7. Using Specific DNS server
Instead of using default DNS server’s for querying, you can
also specify a particular name server to resolve the domain
name.
$ nslookup redhat.com ns1.redhat.com
Server: 209.132.186.218
Address: 209.132.186.218#53
Name: redhat.com
Address: 209.132.183.181
In the above command, we have used the
ns1.redhat.com as the DNS server. Here you may notice
that, we don’t get any “Non-authoritative answer:” header,
since ns1.redhat.com has all the zone information of
redhat.com
14. PORT FOR DNS
8. Change the port number to connect with
By default DNS servers uses the port number 53.
If for any reasons, the port number got changed,
then we can specify the port number using -port
option
$ nslookup -port 56 redhat.com
15. DNS TIMEOUT
9. Change timeout interval to wait for a reply
You can change the default timeout to wait for a
reply using -timeout option
$ nslookup -timeout=10 redhat.com
16. ENABLING DEBUG MODE USING -DEBUG
10. Enabling debug mode using -debug
You can turn on/off the debugging using -debug
option in the command line
$ nslookup -debug redhat.com
Server: 192.168.19.2
Address: 192.168.19.2#53
17. ENABLING DEBUG MODE USING -DEBUG
------------
QUESTIONS:
redhat.com, type = A, class = IN
ANSWERS:
-> redhat.com
internet address = 209.132.183.181
ttl = 5
AUTHORITY RECORDS:
ADDITIONAL RECORDS:
------------
Non-authoritative answer:
Name: redhat.com
Address: 209.132.183.181
19. DIG
You can also use dig
Code:
dig yahoo.com
dig 66.94.234.13
20. NAMESERVER FOR YOUR HOST
Your name server listed in /etc/resolv.conf file
Code:
more /etc/resolv.conf
cat /etc/resolv.conf
vi /etc/resolv.conf
21. HOST
host
This is the simplest of the DNS commands. It is a
quick way to determine the IP address of a
hostname:
host www.linuxjournal.com
www.linuxjournal.com has address 207.178.22.49
www.linuxjournal.com mail is handled (pri=80)
by www.ssc.com
www.linuxjournal.com mail is handled (pri=10)
by mail.ssc.com
www.linuxjournal.com mail is handled (pri=40)
by cascadia.a42.com
22. REVERSE LOOKUP
Now that you know the IP address for
www.linuxjournal.com, you might want to
make sure the reverse lookup works.
The reverse lookup checks to see if the reverse
zone file maps the IP address to the hostname:
host 207.178.22.49 49.22.178.207.IN-ADDR.ARPA
domain name pointer www.linuxjournal.com
23. LISTING 1. DNS INFO IN VERBOSE FORMAT WITH -A OPTION
Listing 1. DNS Info in Verbose Format with -a Option
host -a www.linuxjournal.com
Trying null domain
rcode = 0 (Success), ancount=4
The following answer is not authoritative:
The following answer is not verified as authe
by the server:
www.linuxjournal.com 19788 IN MX 80 www.ssc.com
www.linuxjournal.com 19788 IN MX 10 mail.ssc.com
www.linuxjournal.com 85833 IN A 207.178.22.49
www.linuxjournal.com 19788 IN MX 40
cascadia.a42.com
24. LISTING 1. DNS INFO IN VERBOSE FORMAT WITH -A OPTION
For authoritative answers, see:
linuxjournal.com 85833 IN NS NS2.ssc.com
linuxjournal.com 85833 IN NS cascadia.a42.com
linuxjournal.com 85833 IN NS
NS2.RACKSPACE.com
Additional information:
www.ssc.com 226 IN A 207.178.22.48
mail.ssc.com 86261 IN A 216.39.159.17
cascadia.a42.com 72030 IN A 216.39.159.18
NS2.ssc.com 88090 IN A 209.61.155.155
NS2.RACKSPACE.com 172308 IN A
207.71.44.121
25. DIG
dig (domain information groper)
This powerful command gathers and returns DNS
information in a format the name server can use directly.
For this reason, dig is particularly useful in scripts. You
will find it easy to query specific name servers with dig,
making it a useful tool for narrowing down the source of
DNS problems.
Suppose you have just transferred your domain name
hosting from old-host.com to new-host.com. A customer
sends you an e-mail saying he cannot reach your web
site when he is logged into his ISP. You suspect the zone
information simply has not had time to propagate. So,
you find out what the NS records are for the ISP in
question:
26. DIG
dig ns isp-in-question.com
;; ANSWER SECTION:
isp-in-question.com. 10H IN NS
ns1.hugeupstream.com.
isp-in-question.com. 10H IN NS isp-in-
question.com.
isp-in-question.com. 10H IN NS ns.isp-in-
question.com.
isp-in-question.com. 10H IN NS
ns.goodnameserver.com.
27. DIG
Then you check your company's web site
against the ISP's name servers:
dig www.yourcompany.com @ns.isp-in-
question.com
;; ANSWER SECTION:
www.yourcompany.com. 59m53s IN A
192.168.5.10
28. DIG
Wait a minute, that is your old IP address. It appears
the DNS information has not fully propagated yet.
Next, you decide to see if old-host.com has removed
the old zone information from their name servers. The
“any” option will retrieve all the DNS information:
dig any www.yourcompany.com @ns.old-host.com
;; ANSWER SECTION:
www.yourcompany.com. 1H IN A 192.168.200.250
;; AUTHORITY SECTION:
yourcompany.com. 1H IN NS webns.new-isp.com.
yourcompany.com. 1H IN NS srvns.new-isp.com.
29. DIG
In this case the A record shows your new IP address for your web
server, and it shows the new authoritative name servers for your
domain name. This is the information you hoped to find.
These are the most useful dig query types: dig any (gathers all
DNS information), dig ns (gathers name server information), dig
mx (gathers mail exchanger information) and dig a (gathers
network address information).
The dig command can also do reverse lookups with output
formatted for the zone file:
dig -x 192.168.200.250
;; ANSWER SECTION:
250.200.168.192.in-addr.arpa.
4h11s IN PTR www.yourcompany.com.
30. NSLOOKUP
nslookup
You can use this tool as a single line command,
or you can use it interactively, which
distinguishes it from the other DNS commands.
Once you have started nslookup, type set all to
list the default options. As with dig you can
choose the server (name server) you want to
query, and you can decide the type of DNS
information on which to focus.
31. .NSLOOKUPRC
Just as you can issue commands to
nslookup interactively, you can also change
the initial defaults by starting a .nslookuprc
file. The format of the .nslookup is one
command per line:
set type=NS
set domain=srvns.new-host.com
set timeout=10