模拟递归 DNS 查询过程
操作方式:使用 dig 命令,并在本地 DNS 服务器上执行递归查询。这个过程会模拟客户端向本地 DNS 服务器发起查询请求,并让本地 DNS 服务器通过迭代查询向根域名服务器和其他权威 DNS 服务器逐步解析域名。
目标:模拟递归DNS服务器查询“www.baidu.com”的A记录查询请求
使用dig查看递归日志
dig +trace www.baidu.com.
返回结果如下:
[root@iZ7xviqoy3s9n8w92l7j1oZ ~]# dig +trace www.baidu.com. a
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.15 <<>> +trace www.baidu.com. a
;; global options: +cmd
. 10 IN NS g.root-servers.net.
. 10 IN NS a.root-servers.net.
. 10 IN NS d.root-servers.net.
. 10 IN NS b.root-servers.net.
. 10 IN NS h.root-servers.net.
. 10 IN NS i.root-servers.net.
. 10 IN NS l.root-servers.net.
. 10 IN NS e.root-servers.net.
. 10 IN NS c.root-servers.net.
. 10 IN NS k.root-servers.net.
. 10 IN NS j.root-servers.net.
. 10 IN NS f.root-servers.net.
. 10 IN NS m.root-servers.net.
;; Received 433 bytes from 100.100.2.136#53(100.100.2.136) in 0 ms
com. 172800 IN NS c.gtld-servers.net.
com. 172800 IN NS f.gtld-servers.net.
com. 172800 IN NS g.gtld-servers.net.
com. 172800 IN NS h.gtld-servers.net.
com. 172800 IN NS l.gtld-servers.net.
com. 172800 IN NS b.gtld-servers.net.
com. 172800 IN NS j.gtld-servers.net.
com. 172800 IN NS e.gtld-servers.net.
com. 172800 IN NS m.gtld-servers.net.
com. 172800 IN NS a.gtld-servers.net.
com. 172800 IN NS d.gtld-servers.net.
com. 172800 IN NS k.gtld-servers.net.
com. 172800 IN NS i.gtld-servers.net.
com. 86400 IN DS 19718 13 2 8ACBB0CD28F41250A80A491389424D341522D946B0DA0C0291F2D3D7 71D7805A
com. 86400 IN RRSIG DS 8 1 86400 20240501050000 20240418040000 5613 . b2DkZF+0J5SHTn6To9cbX5Y8WP+FVvFoGCFKb7pU1HkPjZmayO6dzJeO 8hwFW94HOCpfmsnR7js9h1SfCwdZRqXgflgt5kguDtfmZC4L1pP4ajes MndQSnYJrhbUBc23Af5p2FDDrAEQA37nsggpLPHeQSR5F63nvleEFkMq ljIUfJ6uZMh8Hq+usVvhfkoZKJFltSXGd49e4wXNPavIDMaKsl21DU8X T3agWLRWuhzT88VoIuc17MJGRtj+tMHwST7RyObH61snp6X2rYt71cPT VlPQzQas9gog5Bd0c/20xeOD1XsTpKXRIE56IrRJqdHBWLrFNw2Dx+ml 6XT3Dg==
;; Received 1176 bytes from 192.112.36.4#53(g.root-servers.net) in 219 ms
baidu.com. 172800 IN NS ns2.baidu.com.
baidu.com. 172800 IN NS ns3.baidu.com.
baidu.com. 172800 IN NS ns4.baidu.com.
baidu.com. 172800 IN NS ns1.baidu.com.
baidu.com. 172800 IN NS ns7.baidu.com.
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q2D6NI4I7EQH8NA30NS61O48UL8G5 NS SOA RRSIG DNSKEY NSEC3PARAM
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 13 2 86400 20240422042504 20240415031504 4534 com. ecgUBNoIjF0/2NK5qbLLoESdr1gCp2UQeruasASkce/2OC1+tbNorpx2 zr2HsO8bFW7BEvnN11MdmPyQBU3Csg==
HPVV1UNKTCF9TD77I2AUR73709T975GH.com. 86400 IN NSEC3 1 1 0 - HPVVP23QUO0FP9R0A04URSICJPESKO9J NS DS RRSIG
HPVV1UNKTCF9TD77I2AUR73709T975GH.com. 86400 IN RRSIG NSEC3 13 2 86400 20240425050209 20240418035209 956 com. LBKVqhU5B8KXVDEOD5TP17i77qX6H/lOY7pw1DE+nuKej6AwV+f5/xTV Rw2Y5le5HJGHJKqCwuySql/hPTj0jw==
;; Received 657 bytes from 192.5.6.30#53(a.gtld-servers.net) in 3 ms
www.baidu.com. 1200 IN CNAME www.a.shifen.com.
;; Received 72 bytes from 111.45.3.226#53(ns4.baidu.com) in 3 ms
手动模拟学习
1. 根域查询:
首先,进行了一个根域查询,询问根域的NS记录,以获取根域服务器的地址。结果显示了13个根域服务器的地址,它们是全球DNS体系的顶级服务器。
[root@iZ7xviqoy3s9n8w92l7j1oZ ~]# dig . ns
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.15 <<>> . ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28387
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;. IN NS
;; ANSWER SECTION:
. 7 IN NS b.root-servers.net.
. 7 IN NS i.root-servers.net.
. 7 IN NS h.root-servers.net.
. 7 IN NS l.root-servers.net.
. 7 IN NS c.root-servers.net.
. 7 IN NS g.root-servers.net.
. 7 IN NS k.root-servers.net.
. 7 IN NS f.root-servers.net.
. 7 IN NS m.root-servers.net.
. 7 IN NS d.root-servers.net.
. 7 IN NS j.root-servers.net.
. 7 IN NS a.root-servers.net.
. 7 IN NS e.root-servers.net.
;; Query time: 0 msec
;; SERVER: 100.100.2.136#53(100.100.2.136)
;; WHEN: 四 4月 18 14:01:05 CST 2024
;; MSG SIZE rcvd: 433
1. 查询根域服务器的A记录:
向其中一个根域服务器(a.root-servers.net)查询其A记录,以获取其IP地址。结果显示了a.root-servers.net的IP地址为198.41.0.4。
[root@iZ7xviqoy3s9n8w92l7j1oZ ~]# dig a.root-servers.net. a
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.15 <<>> a.root-servers.net. a
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45132
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;a.root-servers.net. IN A
;; ANSWER SECTION:
a.root-servers.net. 3 IN A 198.41.0.4
;; Query time: 0 msec
;; SERVER: 100.100.2.136#53(100.100.2.136)
;; WHEN: 四 4月 18 14:01:49 CST 2024
;; MSG SIZE rcvd: 52
3.查询百度域名的A记录:
使用获取到的根域服务器的IP地址(198.41.0.4),查询了www.baidu.com的A记录。由于没有递归查询的选项,只返回了该域名的NS记录,指向了.com顶级域的权威DNS服务器。
[root@iZ7xviqoy3s9n8w92l7j1oZ ~]# dig @198.41.0.4 www.baidu.com a
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.15 <<>> @198.41.0.4 www.baidu.com a
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26633
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 27
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.baidu.com. IN A
;; AUTHORITY SECTION:
com. 172800 IN NS e.gtld-servers.net.
com. 172800 IN NS b.gtld-servers.net.
com. 172800 IN NS j.gtld-servers.net.
com. 172800 IN NS m.gtld-servers.net.
com. 172800 IN NS i.gtld-servers.net.
com. 172800 IN NS f.gtld-servers.net.
com. 172800 IN NS a.gtld-servers.net.
com. 172800 IN NS g.gtld-servers.net.
com. 172800 IN NS h.gtld-servers.net.
com. 172800 IN NS l.gtld-servers.net.
com. 172800 IN NS k.gtld-servers.net.
com. 172800 IN NS c.gtld-servers.net.
com. 172800 IN NS d.gtld-servers.net.
;; ADDITIONAL SECTION:
e.gtld-servers.net. 172800 IN A 192.12.94.30
e.gtld-servers.net. 172800 IN AAAA 2001:502:1ca1::30
b.gtld-servers.net. 172800 IN A 192.33.14.30
b.gtld-servers.net. 172800 IN AAAA 2001:503:231d::2:30
j.gtld-servers.net. 172800 IN A 192.48.79.30
j.gtld-servers.net. 172800 IN AAAA 2001:502:7094::30
m.gtld-servers.net. 172800 IN A 192.55.83.30
m.gtld-servers.net. 172800 IN AAAA 2001:501:b1f9::30
i.gtld-servers.net. 172800 IN A 192.43.172.30
i.gtld-servers.net. 172800 IN AAAA 2001:503:39c1::30
f.gtld-servers.net. 172800 IN A 192.35.51.30
f.gtld-servers.net. 172800 IN AAAA 2001:503:d414::30
a.gtld-servers.net. 172800 IN A 192.5.6.30
a.gtld-servers.net. 172800 IN AAAA 2001:503:a83e::2:30
g.gtld-servers.net. 172800 IN A 192.42.93.30
g.gtld-servers.net. 172800 IN AAAA 2001:503:eea3::30
h.gtld-servers.net. 172800 IN A 192.54.112.30
h.gtld-servers.net. 172800 IN AAAA 2001:502:8cc::30
l.gtld-servers.net. 172800 IN A 192.41.162.30
l.gtld-servers.net. 172800 IN AAAA 2001:500:d937::30
k.gtld-servers.net. 172800 IN A 192.52.178.30
k.gtld-servers.net. 172800 IN AAAA 2001:503:d2d::30
c.gtld-servers.net. 172800 IN A 192.26.92.30
c.gtld-servers.net. 172800 IN AAAA 2001:503:83eb::30
d.gtld-servers.net. 172800 IN A 192.31.80.30
d.gtld-servers.net. 172800 IN AAAA 2001:500:856e::30
;; Query time: 192 msec
;; SERVER: 198.41.0.4#53(198.41.0.4)
;; WHEN: 四 4月 18 14:02:50 CST 2024
;; MSG SIZE rcvd: 838
4.查询.com顶级域的权威DNS服务器:
查询了.com顶级域的权威DNS服务器,获取了www.baidu.com的NS记录,指向了百度的DNS服务器
[root@iZ7xviqoy3s9n8w92l7j1oZ ~]# dig @192.12.94.30 www.baidu.com a
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.15 <<>> @192.12.94.30 www.baidu.com a
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 3002
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 5, ADDITIONAL: 10
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.baidu.com. IN A
;; AUTHORITY SECTION:
baidu.com. 172800 IN NS ns2.baidu.com.
baidu.com. 172800 IN NS ns3.baidu.com.
baidu.com. 172800 IN NS ns4.baidu.com.
baidu.com. 172800 IN NS ns1.baidu.com.
baidu.com. 172800 IN NS ns7.baidu.com.
;; ADDITIONAL SECTION:
ns2.baidu.com. 172800 IN A 220.181.33.31
ns3.baidu.com. 172800 IN A 153.3.238.93
ns3.baidu.com. 172800 IN A 36.155.132.78
ns4.baidu.com. 172800 IN A 111.45.3.226
ns4.baidu.com. 172800 IN A 14.215.178.80
ns1.baidu.com. 172800 IN A 110.242.68.134
5.查询百度的DNS服务器:
使用百度的DNS服务器之一的IP地址(220.181.33.31),再次查询了www.baidu.com的A记录。结果显示了www.baidu.com是一个CNAME,指向了www.a.shifen.com。
[root@iZ7xviqoy3s9n8w92l7j1oZ ~]# dig @220.181.33.31 www.baidu.com a
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.15 <<>> @220.181.33.31 www.baidu.com a
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39745
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;www.baidu.com. IN A
;; ANSWER SECTION:
www.baidu.com. 1200 IN CNAME www.a.shifen.com.
;; Query time: 40 msec
;; SERVER: 220.181.33.31#53(220.181.33.31)
;; WHEN: 四 4月 18 14:04:19 CST 2024
;; MSG SIZE rcvd: 72
[root@iZ7xviqoy3s9n8w92l7j1oZ ~]#
6.查询www.a.shifen.com的A记录:
接着,查询了www.a.shifen.com的A记录,结果返回了该域名的NS记录,指向了百度的NS服务器
[root@iZ7xviqoy3s9n8w92l7j1oZ ~]# dig @192.12.94.30 www.a.shifen.com. a
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.15 <<>> @192.12.94.30 www.a.shifen.com. a
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30155
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 7
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.a.shifen.com. IN A
;; AUTHORITY SECTION:
shifen.com. 172800 IN NS dns.baidu.com.
shifen.com. 172800 IN NS ns2.baidu.com.
shifen.com. 172800 IN NS ns3.baidu.com.
shifen.com. 172800 IN NS ns4.baidu.com.
;; ADDITIONAL SECTION:
dns.baidu.com. 172800 IN A 110.242.68.134
ns2.baidu.com. 172800 IN A 220.181.33.31
ns3.baidu.com. 172800 IN A 153.3.238.93
ns3.baidu.com. 172800 IN A 36.155.132.78
ns4.baidu.com. 172800 IN A 111.45.3.226
ns4.baidu.com. 172800 IN A 14.215.178.80
;; Query time: 115 msec
;; SERVER: 192.12.94.30#53(192.12.94.30)
;; WHEN: 四 4月 18 14:05:22 CST 2024
;; MSG SIZE rcvd: 219
[root@iZ7xviqoy3s9n8w92l7j1oZ ~]#
7.进一步查询百度的NS服务器:
使用百度的NS服务器之一的IP地址(110.242.68.134),再次查询了www.a.shifen.com的A记录。结果返回了www.a.shifen.com的NS记录,指向了a.shifen.com域的NS服务器。
[root@iZ7xviqoy3s9n8w92l7j1oZ ~]# dig @110.242.68.134 www.a.shifen.com. a
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.15 <<>> @110.242.68.134 www.a.shifen.com. a
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50986
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 5, ADDITIONAL: 10
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;www.a.shifen.com. IN A
;; AUTHORITY SECTION:
a.shifen.com. 1200 IN NS ns1.a.shifen.com.
a.shifen.com. 1200 IN NS ns3.a.shifen.com.
a.shifen.com. 1200 IN NS ns5.a.shifen.com.
a.shifen.com. 1200 IN NS ns2.a.shifen.com.
a.shifen.com. 1200 IN NS ns4.a.shifen.com.
;; ADDITIONAL SECTION:
ns5.a.shifen.com. 1200 IN A 180.76.76.95
ns4.a.shifen.com. 1200 IN A 14.215.177.229
ns4.a.shifen.com. 1200 IN A 111.20.4.28
ns3.a.shifen.com. 600 IN A 36.155.132.12
ns3.a.shifen.com. 600 IN A 153.3.238.162
ns2.a.shifen.com. 1200 IN A 220.181.33.32
ns1.a.shifen.com. 1200 IN A 110.242.68.42
ns5.a.shifen.com. 600 IN AAAA 240e:bf:b801:1006:0:ff:b04f:346b
ns5.a.shifen.com. 600 IN AAAA 240e:940:603:a:0:ff:b08d:239d
;; Query time: 35 msec
;; SERVER: 110.242.68.134#53(110.242.68.134)
;; WHEN: 四 4月 18 14:05:53 CST 2024
;; MSG SIZE rcvd: 303
8.查询a.shifen.com域的NS服务器:
查询了a.shifen.com域的NS服务器,获取了www.a.shifen.com的A记录,其中包括了几个A记录,指向了不同的IP地址。
[root@iZ7xviqoy3s9n8w92l7j1oZ ~]# dig @180.76.76.95 www.a.shifen.com. a
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.15 <<>> @180.76.76.95 www.a.shifen.com. a
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5174
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 5, ADDITIONAL: 10
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;www.a.shifen.com. IN A
;; ANSWER SECTION:
www.a.shifen.com. 300 IN A 183.2.172.185
www.a.shifen.com. 300 IN A 183.2.172.42
;; AUTHORITY SECTION:
a.shifen.com. 1200 IN NS ns5.a.shifen.com.
a.shifen.com. 1200 IN NS ns1.a.shifen.com.
a.shifen.com. 1200 IN NS ns2.a.shifen.com.
a.shifen.com. 1200 IN NS ns3.a.shifen.com.
a.shifen.com. 1200 IN NS ns4.a.shifen.com.
;; ADDITIONAL SECTION:
ns1.a.shifen.com. 300 IN A 110.242.68.42
ns2.a.shifen.com. 600 IN A 220.181.33.32
ns3.a.shifen.com. 300 IN A 36.155.132.12
ns3.a.shifen.com. 300 IN A 153.3.238.162
ns4.a.shifen.com. 300 IN A 14.215.177.229
ns4.a.shifen.com. 300 IN A 111.20.4.28
ns5.a.shifen.com. 600 IN A 180.76.76.95
ns5.a.shifen.com. 600 IN AAAA 240e:bf:b801:1006:0:ff:b04f:346b
ns5.a.shifen.com. 600 IN AAAA 240e:940:603:a:0:ff:b08d:239d
;; Query time: 9 msec
;; SERVER: 180.76.76.95#53(180.76.76.95)
;; WHEN: 四 4月 18 14:06:17 CST 2024
;; MSG SIZE rcvd: 335
模拟递归 DNS 查询过程
http://psj.ac.cn:80/archives/152c46a1-d98e-4360-b834-7efe2424ef1d