A sudden health emergency your cat or dog suffers can potentially cost thousands of dollars. If you had owned a pet insurance policy however it would significantly reduce the costs of the vet bill. When you buy pet insurance it's important to compare the pet insurance policies so you know you're getting the adequate coverage for your dog or cat.

Dig it!

Auto Date Tuesday, September 12th, 2006

Resolving domain names can be very simple, besides what is so fascinating about looking up an ip address that belongs to a domain name? Well the domain naming system is a pretty complex piece of technology that you might take for granted. There are nice tools which are able to let you interact with this domain name system, one of them is dig, which is a acronym for domain information groper.

This tool can do more then just resolve domain names to ip addresses or visa versa. Lets look more closely into the world of domain name resolution and explorer the possibilites with dig. We will quickly run through the basics and at the end look at some nice features of dig.

Basic query

Let’s get straight to work, first we will do a basic ip address lookup. Lets say we would like to know which ip address is associated with www.stevenkroon.com. I’ve got a local name server with ip address 192.168.7.254, so i’ll be performing the query on this machine.

$ dig @192.168.7.254 www.stevenkroon.com | cat -b

 1  ; <<>> DiG 9.2.4 <<>> @192.168.7.254 www.stevenkroon.com
 2  ;; global options:  printcmd
 3  ;; Got answer:
 4  ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55392
 5  ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2

 6  ;; QUESTION SECTION:
 7  ;www.stevenkroon.com.           IN      A

 8  ;; ANSWER SECTION:
 9  www.stevenkroon.com.    86376   IN      CNAME   stevenkroon.com.
10  stevenkroon.com.        86376   IN      A       80.247.216.241

11  ;; AUTHORITY SECTION:
12  stevenkroon.com.        86376   IN      NS      ns1.bitrey.nl.
13  stevenkroon.com.        86376   IN      NS      ns2.bitrey.nl.

14  ;; ADDITIONAL SECTION:
15  ns1.bitrey.nl.          86376   IN      A       80.247.216.241
16  ns2.bitrey.nl.          86376   IN      A       80.247.216.247

17  ;; Query time: 2 msec
18  ;; SERVER: 192.168.7.254#53(192.168.7.254)
19  ;; WHEN: Sun Sep 10 21:30:13 2006
20  ;; MSG SIZE  rcvd: 144

As you can see i’ve run dig through cat so we get some line numbering, which makes it easier to discuss certains parts of the output. These line numbers are not included when using dig. If you would like to read all about cat please read dog is better than cat.

As you can see the basic syntax is

dig @server hostname type

Where server is the name or ip address of the name server you want to query and name is the resource record that is to lookup and finally the type, which can be ANY, A, MX, SIG, etc. You can omit the type, in this case it will look up a “A” record. “A” stands for “Address” which is just what we are looking for, so we dont need to specify it.

Sections

DNS packets are composed of five sections

The HEADER SECTION is present in every query and response, we will talk about this section later on.

The QUESTION SECTION tell us what we are doing, if you look at line 6 and 7 of the output, you see that in our case we are looking for the A record of www.stevenkroon.com. Maybe a good way to read this is query is “We are looking for the address of www.stevenkroon.com”.

On line 8 to 10 we have the ANSWER SECTION, this tells us what we asked for. There is a twist on line 9 though, the name server looked up the address but found out that it was not a “A” record, instead it was a CNAME to a other domain name. In this case the CNAME refers to stevenkroon.com. A CNAME record maps an alias to its canonical name, so line 9 can be read as “www.stevenkroon.com maps to the ip address belonging to stevenkroon.com”. Because we were looking for the address associated with *www.stevenkroon.com the name server also tries to resolve the A record of stevenkroon.com, this is what happens on line 10. So the answers to our query is “www.stevenkroon.com has the same ip address as the domain stevenkroon.com which in turn has an ip address of 80.247.216.241″.

The AUTHORITY SECTION tells us which name servers can give is a authoritative answers to our questions. The name servers that can give us these for “www.stevenkroon.com” are listed on line 12 and 13. So this means that if we query these name servers directly we can assume the this data is correct and not outdated because of caching on local name server. We will get to this issue later on.

And the ADDITIONAL SECTION adds information that may complete information included in other sections. For instance name servers that are listed in the authority section.

Pages: 1 2 3 4 5 6 7 8

This entry was posted on Tuesday, September 12th, 2006 at 4:00 am and is filed under Shell. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.

Bookmark on del.icio.us

Comments are closed.