检查当前网络使用的 DNS 服务器,以及检查不同的 DNS 服务器解析域名的情况,主要使用dig和nslookup,也可以用host检查 DNS 解析情况,下面示例的命令是在 Mac OSX 电脑上运行的。
dig
dig是domain information groper的缩写,man手册上说明简单摘录如下,详细中文说明手册可参考 IBM 的文档:
dig (domain information groper) is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried. Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output. Other lookup tools tend to have less functionality than dig.
一个典型的dig调用类似:
dig @dns-server name type |
dig命令使用示例
查看当前电脑使用的 DNS 服务器地址,默认会使用/etc/resolv.conf中的配置。
dig; <<>> DiG 9.8.3-P1 <<>>;; global options: +cmd;; Got answer:;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34872;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 0;; QUESTION SECTION:;. IN NS;; ANSWER SECTION:. 6795 IN NS m.root-servers.net.. 6795 IN NS h.root-servers.net.. 6795 IN NS d.root-servers.net.. 6795 IN NS c.root-servers.net.. 6795 IN NS l.root-servers.net.. 6795 IN NS i.root-servers.net.. 6795 IN NS e.root-servers.net.. 6795 IN NS k.root-servers.net.. 6795 IN NS f.root-servers.net.. 6795 IN NS j.root-servers.net.. 6795 IN NS g.root-servers.net.. 6795 IN NS b.root-servers.net.. 6795 IN NS a.root-servers.net.;; Query time: 6 msec;; SERVER: 202.96.209.133#53(202.96.209.133);; WHEN: Thu Apr 5 13:28:22 2018;; MSG SIZE rcvd: 228 |
本机/etc/resolv.conf文件配置的内容如下:
nameserver 202.96.209.133nameserver 8.8.8.8 |
所以dig命令显示的DNS服务地址是202.96.209.133。
dig命令其他用法示例
dig命令常用的DNS record types:
- A
- AAAA
- NS
- MX
- CNAME
常用的 DNS 服务器地址:
- 1.1.1.1
- 8.8.4.4
- 8.8.8.8
- 9.9.9.9
- 75.75.75.75
- 77.88.8.7
- 208.67.222.222
- 208.67.220.220
- 223.5.5.5
- 223.6.6.6
- 114.114.114.114
- 114.114.115.115
- 180.168.255.118
- 202.96.209.5
- 202.96.209.133
最后面3个是上海电信的 DNS 服务器,可以在dig命令查询结果中查看Query time这一项数据,判断 DNS 服务器的解析速度。
dig @8.8.8.8 www.google.com A; <<>> DiG 9.8.3-P1 <<>> @8.8.8.8 www.google.com A; (1 server found);; global options: +cmd;; Got answer:;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1390;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0;; QUESTION SECTION:;www.google.com. IN A;; ANSWER SECTION:www.google.com. 122 IN A 69.171.246.9;; Query time: 6 msec;; SERVER: 8.8.8.8#53(8.8.8.8);; WHEN: Thu Apr 5 13:36:40 2018;; MSG SIZE rcvd: 48 dig @8.8.8.8 www.google.com NS; <<>> DiG 9.8.3-P1 <<>> @8.8.8.8 www.google.com NS; (1 server found);; global options: +cmd;; Got answer:;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48199;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0;; QUESTION SECTION:;www.google.com. IN NS;; ANSWER SECTION:www.google.com. 179 IN A 31.13.82.1;; Query time: 5 msec;; SERVER: 8.8.8.8#53(8.8.8.8);; WHEN: Thu Apr 5 13:37:59 2018;; MSG SIZE rcvd: 48 dig @8.8.8.8 www.google.com MX; <<>> DiG 9.8.3-P1 <<>> @8.8.8.8 www.google.com MX; (1 server found);; global options: +cmd;; Got answer:;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26775;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0;; QUESTION SECTION:;www.google.com. IN MX;; ANSWER SECTION:www.google.com. 67 IN A 243.185.187.39;; Query time: 6 msec;; SERVER: 8.8.8.8#53(8.8.8.8);; WHEN: Thu Apr 5 13:38:05 2018;; MSG SIZE rcvd: 48 dig @8.8.8.8 +short NS www.google.com31.13.73.17 dig @8.8.8.8 +short A www.google.com31.13.82.23 |
可以使用ANY类型查询对应域名尽可能多的信息:
dig @8.8.8.8 google.com ANY; <<>> DiG 9.8.3-P1 <<>> @8.8.8.8 google.com ANY; (1 server found);; global options: +cmd;; Got answer:;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3688;; flags: qr rd ra; QUERY: 1, ANSWER: 15, AUTHORITY: 0, ADDITIONAL: 0;; QUESTION SECTION:;google.com. IN ANY;; ANSWER SECTION:google.com. 299 IN A 172.217.160.78google.com. 299 IN AAAA 2404:6800:4012::200egoogle.com. 599 IN MX 50 alt4.aspmx.l.google.com.google.com. 299 IN TXT "docusign=05958488-4752-4ef2-95eb-aa7ba8a3bd0e"google.com. 21599 IN TYPE257 \# 15 00056973737565706B692E676F6F67google.com. 21599 IN NS ns2.google.com.google.com. 21599 IN NS ns4.google.com.google.com. 599 IN MX 10 aspmx.l.google.com.google.com. 59 IN SOA ns1.google.com. dns-admin.google.com. 191660339 900 900 1800 60google.com. 3599 IN TXT "v=spf1 include:_spf.google.com ~all"google.com. 599 IN MX 20 alt1.aspmx.l.google.com.google.com. 21599 IN NS ns3.google.com.google.com. 599 IN MX 40 alt3.aspmx.l.google.com.google.com. 599 IN MX 30 alt2.aspmx.l.google.com.google.com. 21599 IN NS ns1.google.com.;; Query time: 46 msec;; SERVER: 8.8.8.8#53(8.8.8.8);; WHEN: Thu Apr 5 13:52:53 2018;; MSG SIZE rcvd: 431 |
nslookup
nslookup命令默认查询A记录,可以在交互模式中设置查询记录类型。
nslookup www.google.comServer: 202.96.209.133Address: 202.96.209.133#53Non-authoritative answer:Name: www.google.comAddress: 69.63.176.15 nslookup www.google.com 1.1.1.1Server: 1.1.1.1Address: 1.1.1.1#53Non-authoritative answer:Name: www.google.comAddress: 8.7.198.45 nslookup www.google.com 8.8.8.8Server: 8.8.8.8Address: 8.8.8.8#53Non-authoritative answer:Name: www.google.comAddress: 31.13.82.1 nslookup > server www.google.com Default server: www.google.com Address: 31.13.75.18#53 > set q=A > server www.google.com Default server: www.google.com Address: 31.13.75.18#53 > set q=MX > server www.google.com Default server: www.google.com Address: 31.13.75.18#53 > set q=AAAA > server www.google.com Default server: www.google.com Address: 31.13.75.18#53 |
host
可以用指定的 DNS 服务器,查询服务器 IP 地址。
host www.google.comwww.google.com has address 69.171.244.11 host www.google.com 202.96.209.133Using domain server:Name: 202.96.209.133Address: 202.96.209.133#53Aliases:www.google.com has address 69.171.244.11 |