DNS DomainNameSystem域名系统,根据域名查出IP地址 1.dig命令可以显示整个查询的过程 root@VM-38-204-ubuntu:~# dig www.sopans.com //这一段是查询参数和统计 ; <<>> DiG 9.10.3-P4-Ubuntu <<>> www.sopans.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1899 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 //这一段是查询内容,查询www.sopans.com的A记录,A是Address意思 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;www.sopans.com. IN A //DNS服务器的答复,两条A记录,575是TTL的值(Time to live)缓存时间575秒内不用重新查询 ;; ANSWER SECTION: www.sopans.com. 575 IN A 123.206.7.231 www.sopans.com. 575 IN A 115.159.28.111 //DNS服务器的一些传输信息,本机DNS服务器是10.236.158.106,端口53,返回了75字节 ;; Query time: 58 msec ;; SERVER: 10.236.158.106#53(10.236.158.106) ;; WHEN: Wed Nov 28 21:36:03 CST 2018 ;; MSG SIZE rcvd: 75 2. +short参数只返回两条A记录IP地址 root@VM-38-204-ubuntu:~# dig www.sopans.com +short 123.206.7.231 115.159.28.111 3. 本机DNS服务器的IP地址位于/etc/resolv.conf root@VM-38-204-ubuntu:~# cat /etc/resolv.conf nameserver 10.236.158.106 nameserver 10.236.158.114 options timeout:1 rotate 4.使用@参数指定DNS服务器地址,例如指定DNS服务器地址为8.8.8.8 dig www.sopans.com @8.8.8.8 5.域名的层级结构 主机名.次级域名.顶级域名.根域名 www.sopans.com.root ,root可以省略因此会显示成www.sopans.com. 6.使用+trace参数,查看分级查询的过程, NS记录是管理该级域名的域名服务器,按每一级逐级查询的过程 root@VM-38-204-ubuntu:~# dig www.sopans.com +trace . 294897 IN NS c.root-servers.net. . 294897 IN NS d.root-servers.net. . 294897 IN NS e.root-servers.net. . 294897 IN NS f.root-servers.net. . 294897 IN NS g.root-servers.net. . 294897 IN NS h.root-servers.net. . 294897 IN NS i.root-servers.net. . 294897 IN NS a.root-servers.net. . 294897 IN NS j.root-servers.net. . 294897 IN NS k.root-servers.net. . 294897 IN NS l.root-servers.net. . 294897 IN NS m.root-servers.net. . 294897 IN NS b.root-servers.net. ;; Received 239 bytes from 10.236.158.106#53(10.236.158.106) in 0 ms com. 172800 IN NS e.gtld-servers.net. com. 172800 IN NS b.gtld-servers.net. com. 172800 IN NS j.gtld-servers.net. com. 172800 IN NS m.gtld-servers.net. com. 172800 IN NS i.gtld-servers.net. com. 172800 IN NS f.gtld-servers.net. com. 172800 IN NS a.gtld-servers.net. com. 172800 IN NS g.gtld-servers.net. com. 172800 IN NS h.gtld-servers.net. com. 172800 IN NS l.gtld-servers.net. com. 172800 IN NS k.gtld-servers.net. com. 172800 IN NS c.gtld-servers.net. com. 172800 IN NS d.gtld-servers.net. com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766 com. 86400 IN RRSIG DS 8 1 86400 20181211050000 20181128040000 2134 . FeSgJRqqq/LY82e1pAM38Eiu07pepp53zIY23OlA65VDqA4ynhKWb8Ov OKiWzHhWb= ;; Received 1174 bytes from 198.41.0.4#53(a.root-servers.net) in 224 ms sopans.com. 172800 IN NS dns2.hichina.com. sopans.com. 172800 IN NS dns1.hichina.com. CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20181202054332 20181125043332 37490 com. R+QjJnuxe+1Bs7+KvcUsTaFaNlUGt+wxLpwdpF9Mxkccm+Re8YJS2R= O7K3MHPOSL4GCSK01O8ER0LQ04KLNNUT.com. 86400 IN NSEC3 1 1 0 - O7K5ETU7SVNP269R4U7KIQRE79H62BPM NS DS RRSIG O7K3MHPOSL4GCSK01O8ER0LQ04KLNNUT.com. 86400 IN RRSIG NSEC3 8 2 86400 20181203062329 20181126051329 37490 com. OKTU40+7GCLv+yWhDXu9GEuklwOKrjTgEVYe51v8C7CgIMiBH0Cysy= ;; Received 886 bytes from 192.43.172.30#53(i.gtld-servers.net) in 362 ms www.sopans.com. 600 IN A 115.159.28.111 www.sopans.com. 600 IN A 123.206.7.231 ;; Received 75 bytes from 140.205.41.23#53(dns1.hichina.com) in 4 ms 7.ns参数和+short参数可以直接查询该级域名的NS记录 root@VM-38-204-ubuntu:~# dig ns +short sopans.com dns1.hichina.com. dns2.hichina.com. 8. A记录:地址记录,域名指向的IP地址 MX记录:邮件记录,使用邮箱时设置的服务器地址 CNAME:别名记录,当前查询的域名跳转到另一个域名, 比如www.baidu.com. 1080 IN CNAME www.a.shifen.com. 这样的好处是,当要变更www.baidu.com指向的IP地址时,只需更改www.a.shifen.com的就可以了,www.baidu.com不需要变动;一旦设置了cname,就不能设置其他记录了 NS记录:管理该级域名的域名服务器 PTR:逆向查询记录,从IP地址查询域名 9.-x参数是查询PTR记录,从IP地址反查域名 dig -x 192.30.252.153