Tải bản đầy đủ
[Chapter 8] 8.4 Using nslookup

[Chapter 8] 8.4 Using nslookup

Tải bản đầy đủ

[Chapter 8] 8.4 Using nslookup

By default, nslookup queries for A records, but you can use the set type command to change the query to
another resource record type, or to the special query type "ANY." ANY is used to retrieve all available
resource records for the specified host.
The following example checks MX records for almond and peanut. Note that once the query type is set to
MX, it stays MX. It doesn't revert to the default A-type query. Another set type command is required to
reset the query type.
% nslookup
Default Server: peanut.nuts.com
Address: 172.16.12.2
> set type=MX
> almond.nuts.com
Server: peanut.nuts.com
Address: 172.16.12.2
almond.nuts.com
almond.nuts.com

preference = 5, mail exchanger = almond.nuts.com
inet address = 172.16.12.1

> peanut.nuts.com
Server: peanut.nuts.com
Address: 172.16.12.2
peanut.nuts.com
peanut.nuts.com
> exit

preference = 5, mail exchanger = peanut.nuts.com
inet address = 172.16.12.2

You can use the server command to control the server used to resolve queries. This is particularly useful
for going directly to an authoritative server to check some information. The following example does just
that. In fact, this example contains several interesting commands:









First we set type=NS and get the NS records for the zoo.edu domain.
From the information returned by this query, we select a server and use the server command to
direct nslookup to use that server.
Next, using the set domain command, we set the default domain to zoo.edu. nslookup uses this
default domain name to expand the hostnames in its queries, in the same way that the resolver uses
the default domain name defined in resolv.conf.
We reset the query type to ANY. If the query type is not reset, nslookup still queries for NS
records.
Finally, we query for information about the host tiger.zoo.edu. Because the default domain is set to
zoo.edu, we simply enter tiger at the prompt.
% nslookup
Default Server: peanut.nuts.com
Address: 172.16.12.2
> set type=NS

file:///C|/mynapster/Downloads/warez/tcpip/ch08_04.htm (2 of 4) [2001-10-15 09:18:26]

[Chapter 8] 8.4 Using nslookup

> zoo.edu
Server: peanut.nuts.com
Address: 172.16.12.2
Non-authoritative answer:
zoo.edu nameserver = NOC.ZOO.EDU
zoo.edu nameserver = NI.ZOO.EDU
zoo.edu nameserver = NAMESERVER.AGENCY.GOV
Authoritative answers can be found from:
NOC.ZOO.EDU
inet address = 172.28.2.200
NI.ZOO.EDU
inet address = 172.28.2.240
NAMESERVER.AGENCY.GOV inet address = 172.21.18.31
> server NOC.ZOO.EDU
Default Server: NOC.ZOO.EDU
Address: 172.28.2.200
> set domain=zoo.edu
> set type=any
> tiger
Server: NOC.ZOO.EDU
Address: 172.28.2.200
tiger.zoo.edu
inet address = 172.28.172.8
tiger.zoo.edu
preference = 10, mail exchanger = tiger.ZOO.EDU
tiger.zoo.edu
CPU=ALPHA OS=UNIX
tiger.zoo.edu
inet address = 172.28.172.8, protocol = 6
7 21 23 25 79
tiger.ZOO.EDU
inet address = 172.28.172.8
> exit
The final example shows how to download an entire domain from an authoritative server and examine it on
your local system. The ls command requests a zone transfer and displays the contents of the zone it
receives. [12] If the zone file is more than a few lines long, redirect the output to a file, and use the view
command to examine the contents of the file. (view sorts a file and displays it using the UNIX more
command.) The combination of ls and view are helpful when tracking down a remote hostname. In the
example that follows, the ls command retrieves the big.com zone and stores the information in temp.file.
Then view is used to examine temp.file.
[12] For security reasons, many nameservers do not respond to the ls command. See the
xfrnets command in Appendix C for information on how to limit access to zone transfers.
peanut% nslookup
Default Server: peanut.nuts.com
Address: 172.16.12.2
> server minerals.big.com
Default Server: minerals.big.com
Address: 192.168.20.1

file:///C|/mynapster/Downloads/warez/tcpip/ch08_04.htm (3 of 4) [2001-10-15 09:18:26]

[Chapter 8] 8.4 Using nslookup

> ls big.com > temp.file
[minerals.big.com]
########
Received 406 records.
> view temp.file
acmite
adamite
adelite
agate
alabaster
albite
allanite
altaite
alum
aluminum
amaranth
amethyst
andorite
apatite
beryl
--More-- q
> exit

192.168.20.28
192.168.20.29
192.168.20.11
192.168.20.30
192.168.20.31
192.168.20.32
192.168.20.20
192.168.20.33
192.168.20.35
192.168.20.8
192.168.20.85
192.168.20.36
192.168.20.37
192.168.20.38
192.168.20.23

These examples show that nslookup allows you to:




Query for any specific type of standard resource record.
Directly query the authoritative servers for a domain.
Get the entire contents of a domain into a file so you can view it.

Use nslookup's help command to see its other features. Turn on debugging (with set debug) and examine
the additional information this provides. As you play with this tool, you'll find many helpful features.

Previous: 8.3 Configuring
named
8.3 Configuring named

TCP/IP Network
Administration
Book Index

Next: 8.5 Summary
8.5 Summary

[ Library Home | DNS & BIND | TCP/IP | sendmail | sendmail Reference | Firewalls | Practical Security ]

file:///C|/mynapster/Downloads/warez/tcpip/ch08_04.htm (4 of 4) [2001-10-15 09:18:26]

[Chapter 8] 8.5 Summary

Previous: 8.4 Using
nslookup

Chapter 8
Configuring DNS Name
Service

Next: 9. Configuring
Network Servers

8.5 Summary
Domain Name Service (DNS) is an important user service that should be used on every system
connected to the Internet. UNIX implementations of DNS are based on the Berkeley Internet Name
Domain (BIND) software. BIND provides both a DNS client and a DNS server.
The BIND client issues name queries and is implemented as library routines. It is called the resolver.
The resolver is configured in the resolv.conf file. All systems run the resolver.
The BIND server answers name queries and it runs as a daemon. It is called named. named is
configured by the named.boot file, which defines where the server gets the domain database
information and the type of server being configured. The server types are primary, secondary and
caching servers. Because all servers are caching servers, a single configurtaion often encompasses
more than one server type.
The original domain database source files are found on the primary server. The domain database file
is called a zone file. The zone file is constructed from standard resources records (RR) that are defined
in RFCs. The RRs share a common structure and are used to define all DNS database information.
The DNS server can be tested using nslookup. This test tool is included with the BIND release.
In this chapter we have seen how to configure and test domain name service. In the next chapter we
configure several other services.

Previous: 8.4 Using
nslookup
8.4 Using nslookup

TCP/IP Network
Administration
Book Index

Next: 9. Configuring
Network Servers
9. Configuring Network
Servers

[ Library Home | DNS & BIND | TCP/IP | sendmail | sendmail Reference | Firewalls | Practical Security ]

file:///C|/mynapster/Downloads/warez/tcpip/ch08_05.htm [2001-10-15 09:18:27]

file:///C|/mynapster/Downloads/warez/tcpip/ch09_01.htm

Previous: 8.5 Summary

Chapter 9

Next: 9.2 Line Printer
Daemon

9. Configuring Network Servers
Contents:
The Network File System
Line Printer Daemon
Network Information Service
A BOOTP Server
DHCP
Managing Distributed Servers
Mail Servers
Summary
Now our attention turns to configuring network servers. As with name service, these servers are not strictly
required for the network to operate, but they provide services that are central to the network's purpose.
There are many network services - many more than can be covered in this chapter. We concentrate on servers
that provide "computer-to-computer" services. [1] The services covered in this chapter are:
[1] Notably absent is sendmail. It requires so much discussion, it has its own chapter (Chapter 10,
sendmail )!







The Network File System (NFS)
The Line Printer Daemon (LPD)
The Network Information Service (NIS)
The Bootstrap Protocol (BOOTP)
Dynamic Host Configuration Protocol (DHCP)
The Post Office Protocol (POP)

We begin with NFS, which is the server that provides file sharing on UNIX networks.

9.1 The Network File System
The Network File System (NFS) allows directories and files to be shared across a network. It was originally
developed by Sun Microsystems, but is now supported by virtually all UNIX implementations and many nonUNIX operating systems. Through NFS, users and programs can access files located on remote systems as if they
were local files. In a perfect NFS environment, the user neither knows nor cares where files are actually stored.

file:///C|/mynapster/Downloads/warez/tcpip/ch09_01.htm (1 of 13) [2001-10-15 09:18:29]