Linux networking commands

1. NETWORKING IN LINUX
DNS Related Commands
Sayed Ahmed
Computer Engineering, BUET, Bangladesh (Graduated on
2001 )
MSc, Computer Science, U of Manitoba, Canada
http://www.justetc.net
http://sayed.justetc.net
sayed@justetc.net

2. INTRODUCTION
 Will list mostly DNS related commands and
concepts
 At one point, will try to discuss DNS system
 At another point, will try to explain how to
configure DNS system
 Related
 Zones (Forward Zones, Reverse Zones)
 And related

3. SO WHAT IS MY BACKGROUND IN THIS AREA
 Some of my study and experience can be checked here
 http://sayed.justetc.net/skills.php#networkSkills
 Started to use Linux on 3rd year of my undergraduate study
 Used several, like Red Hat, Debian, probably one another at that point
 Yes, I also taught Linux at a training center in Bangladesh on my 3rd year in university
 On 3rd or 4th year, we have connected two buildings in our university residence and provided
services like email, and internal websites [in addition to sharing stuff]
 At that point Internet was not widespread like now
 I taught Computer Networks theory and also practical courses (both Linux and Windows) in
Bangladesh in Universities and training Institutes
 I was thought/treated to be good (at least to some degree for sure)
 However, not everything is on top of my head; also, I do not try much to keep it up; but they
should be somewhere in my brain
 I must have some sense left in my brain if I do not remember it exactly
 So if I want to do something in Linux or in Networking, I always find a way
 And planning to get back on it to some extent
 Sure, I have checked/studied lightly CCNA, CCNP stuff
 Probably, more lightly on other CISCO stuff as well
 I read a book on establishing an ISP ground up – looks like totally forgot – need to skim through to
remember the stuff

4. DNS COMMAND ANSWER TYPES
 Authoritative Answer vs Non-Authoritative
Answer
 For a DNS related Linux command
 Any answer that originates from the DNS Server
which has the complete zone file information
available for the domain is said to be authoritative
answer.
 In many cases, DNS servers will not have the
complete zone file information available for a given
domain. Instead, it maintains a cache file which has
the results of all queries performed in the past for
which it has gotten authoritative response. When a
DNS query is given, it searches the cache file, and
return the information available as “Non-Authoritative
Answer”.

5. GET DOMAIN/HOST IP ADDRESS
 Get domain/host IP address
 nslookup yahoo.com
 host -t A yahoo.com

6. NSLOOKUP
 1. nslookup – Simple Example
 nslookup followed by the domain name will
display the “A Record” ( IP Address ) of the
domain
 $ nslookup redhat.com
 Server: 192.168.19.2
 Address: 192.168.19.2#53
 Non-authoritative answer:
 Name: redhat.com
 Address: 209.132.183.181

7. NSLOOKUP AND QUERY THE MX RECORD
2. Query the MX Record using -query=mx
 MX ( Mail Exchange ) record maps a domain name to a list of mail exchange
servers for that domain. The MX record tells that all the mails sent to
“@redhat.com” should be routed to the Mail server in that domain.
 $ nslookup -query=mx redhat.com
 Server: 192.168.19.2
 Address: 192.168.19.2#53
 Non-authoritative answer:
 redhat.com mail exchanger = 10 mx2.redhat.com.
 redhat.com mail exchanger = 5 mx1.redhat.com.
 Authoritative answers can be found from:
 mx2.redhat.com internet address = 66.187.233.33
 mx1.redhat.com internet address = 209.132.183.28

8. QUERY THE NS RECORD USING -QUERY=NS
 3. Query the NS Record using -query=ns
 NS ( Name Server ) record maps a domain name to a list of DNS servers authoritative for
that domain. It will output the name serves which are associated with the given domain
 nslookup -type=ns redhat.com
 Server: 192.168.19.2
 Address: 192.168.19.2#53
 Non-authoritative answer:
 redhat.com nameserver = ns4.redhat.com.
 redhat.com nameserver = ns2.redhat.com.
 redhat.com nameserver = ns1.redhat.com.
 redhat.com nameserver = ns3.redhat.com.
 Authoritative answers can be found from:
 ns4.redhat.com internet address = 209.132.188.218
 ns2.redhat.com internet address = 209.132.183.2
 ns1.redhat.com internet address = 209.132.186.218
 ns3.redhat.com internet address = 209.132.176.100

9. QUERY THE SOA RECORD USING -QUERY=SOA
4. Query the SOA Record using -query=soa
 SOA record ( start of authority ), provides the authoritative information about the
domain, the e-mail address of the domain admin, the domain serial number,
etc…
 $ nslookup -type=soa redhat.com
 Server: 192.168.19.2
 Address: 192.168.19.2#53
 Non-authoritative answer:
 redhat.com
 origin = ns1.redhat.com
 mail addr = noc.redhat.com
 serial = 2012071601
 refresh = 300
 retry = 180
 expire = 604800
 minimum = 14400

10. ALL THE AVAILABLE DNS RECORDS USING -QUERY=ANY
 Authoritative answers can be found from:
 ns1.redhat.com internet address = 209.132.186.218
5. View available DNS records using -query=any
 We can also view all the available DNS records using -query=any option.
 $ nslookup -type=any google.com
 Server: 192.168.19.2
 Address: 192.168.19.2#53
 Non-authoritative answer:
 Name: google.com
 Address: 173.194.35.7
 Name: google.com
 Address: 173.194.35.8
 google.com nameserver = ns1.google.com.
 google.com nameserver = ns2.google.com.

11. ALL THE AVAILABLE DNS RECORDS USING -QUERY=ANY
 google.com
 origin = ns1.google.com
 mail addr = dns-admin.google.com
 serial = 2012071701
 refresh = 7200
 retry = 1800
 expire = 1209600
 minimum = 300
 google.com mail exchanger = 20 alt1.aspmx.l.google.com.
 google.com mail exchanger = 30 alt2.aspmx.l.google.com.
 google.com mail exchanger = 40 alt3.aspmx.l.google.com.
 google.com mail exchanger = 50 alt4.aspmx.l.google.com.
 google.com mail exchanger = 10 aspmx-v4v6.l.google.com.
 google.com has AAAA address 2a00:1450:4002:801::1004
 Authoritative answers can be found from:
 ns4.google.com internet address = 216.239.38.10
 ns3.google.com internet address = 216.239.36.10

12. REVERSE DNS LOOKUP
 6. Reverse DNS lookup
 You can also do the reverse DNS look-up by
providing the IP Address as argument to
nslookup.
 $ nslookup 209.132.183.181
 Server: 192.168.19.2
 Address: 192.168.19.2#53
 Non-authoritative answer:
 181.183.132.209.in-addr.arpa name = origin-
www2.redhat.com.

13. USING SPECIFIC DNS SERVER
 7. Using Specific DNS server
 Instead of using default DNS server’s for querying, you can
also specify a particular name server to resolve the domain
name.
 $ nslookup redhat.com ns1.redhat.com
 Server: 209.132.186.218
 Address: 209.132.186.218#53
 Name: redhat.com
 Address: 209.132.183.181
 In the above command, we have used the
ns1.redhat.com as the DNS server. Here you may notice
that, we don’t get any “Non-authoritative answer:” header,
since ns1.redhat.com has all the zone information of
redhat.com

14. PORT FOR DNS
 8. Change the port number to connect with
 By default DNS servers uses the port number 53.
If for any reasons, the port number got changed,
then we can specify the port number using -port
option
 $ nslookup -port 56 redhat.com

15. DNS TIMEOUT
 9. Change timeout interval to wait for a reply
 You can change the default timeout to wait for a
reply using -timeout option
 $ nslookup -timeout=10 redhat.com

16. ENABLING DEBUG MODE USING -DEBUG
 10. Enabling debug mode using -debug
 You can turn on/off the debugging using -debug
option in the command line
 $ nslookup -debug redhat.com
 Server: 192.168.19.2
 Address: 192.168.19.2#53

17. ENABLING DEBUG MODE USING -DEBUG
 ------------
 QUESTIONS:
 redhat.com, type = A, class = IN
 ANSWERS:
 -> redhat.com
 internet address = 209.132.183.181
 ttl = 5
 AUTHORITY RECORDS:
 ADDITIONAL RECORDS:
 ------------
 Non-authoritative answer:
 Name: redhat.com
 Address: 209.132.183.181

18. FIND IP MAPPING
 Code:
 host 66.94.234.13
 nslookup 66.94.234.13

19. DIG
 You can also use dig
 Code:
 dig yahoo.com
 dig 66.94.234.13

20. NAMESERVER FOR YOUR HOST
 Your name server listed in /etc/resolv.conf file
 Code:
 more /etc/resolv.conf
 cat /etc/resolv.conf
 vi /etc/resolv.conf

21. HOST
 host
 This is the simplest of the DNS commands. It is a
quick way to determine the IP address of a
hostname:
 host www.linuxjournal.com
 www.linuxjournal.com has address 207.178.22.49
 www.linuxjournal.com mail is handled (pri=80)
 by www.ssc.com
 www.linuxjournal.com mail is handled (pri=10)
 by mail.ssc.com
 www.linuxjournal.com mail is handled (pri=40)
 by cascadia.a42.com

22. REVERSE LOOKUP
 Now that you know the IP address for
www.linuxjournal.com, you might want to
make sure the reverse lookup works.
 The reverse lookup checks to see if the reverse
zone file maps the IP address to the hostname:
 host 207.178.22.49 49.22.178.207.IN-ADDR.ARPA
 domain name pointer www.linuxjournal.com

23. LISTING 1. DNS INFO IN VERBOSE FORMAT WITH -A OPTION
 Listing 1. DNS Info in Verbose Format with -a Option
 host -a www.linuxjournal.com
 Trying null domain
 rcode = 0 (Success), ancount=4
 The following answer is not authoritative:
 The following answer is not verified as authe
 by the server:
 www.linuxjournal.com 19788 IN MX 80 www.ssc.com
 www.linuxjournal.com 19788 IN MX 10 mail.ssc.com
 www.linuxjournal.com 85833 IN A 207.178.22.49
 www.linuxjournal.com 19788 IN MX 40
cascadia.a42.com

24. LISTING 1. DNS INFO IN VERBOSE FORMAT WITH -A OPTION
 For authoritative answers, see:
 linuxjournal.com 85833 IN NS NS2.ssc.com
 linuxjournal.com 85833 IN NS cascadia.a42.com
 linuxjournal.com 85833 IN NS
NS2.RACKSPACE.com
 Additional information:
 www.ssc.com 226 IN A 207.178.22.48
 mail.ssc.com 86261 IN A 216.39.159.17
 cascadia.a42.com 72030 IN A 216.39.159.18
 NS2.ssc.com 88090 IN A 209.61.155.155
 NS2.RACKSPACE.com 172308 IN A
207.71.44.121

25. DIG
 dig (domain information groper)
 This powerful command gathers and returns DNS
information in a format the name server can use directly.
For this reason, dig is particularly useful in scripts. You
will find it easy to query specific name servers with dig,
making it a useful tool for narrowing down the source of
DNS problems.
 Suppose you have just transferred your domain name
hosting from old-host.com to new-host.com. A customer
sends you an e-mail saying he cannot reach your web
site when he is logged into his ISP. You suspect the zone
information simply has not had time to propagate. So,
you find out what the NS records are for the ISP in
question:

26. DIG
 dig ns isp-in-question.com
 ;; ANSWER SECTION:
 isp-in-question.com. 10H IN NS
ns1.hugeupstream.com.
 isp-in-question.com. 10H IN NS isp-in-
question.com.
 isp-in-question.com. 10H IN NS ns.isp-in-
question.com.
 isp-in-question.com. 10H IN NS
ns.goodnameserver.com.

27. DIG
 Then you check your company's web site
against the ISP's name servers:
 dig www.yourcompany.com @ns.isp-in-
question.com
 ;; ANSWER SECTION:
 www.yourcompany.com. 59m53s IN A
192.168.5.10

28. DIG
 Wait a minute, that is your old IP address. It appears
the DNS information has not fully propagated yet.
 Next, you decide to see if old-host.com has removed
the old zone information from their name servers. The
“any” option will retrieve all the DNS information:
 dig any www.yourcompany.com @ns.old-host.com
 ;; ANSWER SECTION:
 www.yourcompany.com. 1H IN A 192.168.200.250
 ;; AUTHORITY SECTION:
 yourcompany.com. 1H IN NS webns.new-isp.com.
 yourcompany.com. 1H IN NS srvns.new-isp.com.

29. DIG
 In this case the A record shows your new IP address for your web
server, and it shows the new authoritative name servers for your
domain name. This is the information you hoped to find.
 These are the most useful dig query types: dig any (gathers all
DNS information), dig ns (gathers name server information), dig
mx (gathers mail exchanger information) and dig a (gathers
network address information).
 The dig command can also do reverse lookups with output
formatted for the zone file:
 dig -x 192.168.200.250
 ;; ANSWER SECTION:
 250.200.168.192.in-addr.arpa.
 4h11s IN PTR www.yourcompany.com.

30. NSLOOKUP
 nslookup
 You can use this tool as a single line command,
or you can use it interactively, which
distinguishes it from the other DNS commands.
Once you have started nslookup, type set all to
list the default options. As with dig you can
choose the server (name server) you want to
query, and you can decide the type of DNS
information on which to focus.

31. .NSLOOKUPRC
 Just as you can issue commands to
nslookup interactively, you can also change
the initial defaults by starting a .nslookuprc
file. The format of the .nslookup is one
command per line:
 set type=NS
 set domain=srvns.new-host.com
 set timeout=10

32. NSLOOKUP
 Listing 2. Output with nslookup
 nslookup
 Default Server: server.randomisp.com
 Address: 172.16.53.130
 > set all
 Default Server: server.randomisp.com
 Address: 172.16.53.130
 Set options:
 nodebug defname search recurse
 nod2 novc noignoretc port=53
 querytype=A class=IN timeout=10 retry=2
 root=a.root-servers.net.
 domain=randomisp.com
 srchlist=randomisp.com

33. NSLOOKUP
 > set type=mx
 > server srvns.new-host.com
 Default Server: srvns.new-host.com
 Address: 192.168.200.145
 > yourcompany.com
 Server: webns.new-host.com
 Address: 192.168.200.144
 yourcompany.com preference = 10, mail exchanger =<
 mail.new-host.com
 yourcompany.com nameserver = srvns.new-host.com
 yourcompany.com nameserver = webns.new-host.com
 mail.new-host.com internet address = 192.168.200.72
 srvns.new-host.com internet address = 192.168.200.145
 webns.new-host.com internet address = 192.168.200.144
 > exit

34. REFERENCES
 http://www.linuxjournal.com/article/4597?page=0,0
 http://www.thegeekstuff.com/2012/07/nslookup-examples/