I need to find the canonical name of three websites using nslookup.
When I do nslookup -a google.es 8.8.8.8 the answer is non authoritative but I need an authoritative answer.
What can I do to have the canonical name of "google.es", "upc.edu" and "uoc.es" with an authoritative answer using nslookup?
You're getting a non-authoritative answer because you're asking a recursive resolver (8.8.8.8) for the answer, not an authoritative server. In order to get an authoritative answer, you need to ask the server authoritative for whatever name you're looking up.
For example,. let's do google.es. I usually use dig, but here's nslookup in interactive mode.
To find the auth. servers for google.es, you can do an NS query for google.es:
$ nslookup
> set query=ns
> google.es
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
google.es nameserver = ns2.google.com.
google.es nameserver = ns1.google.com.
google.es nameserver = ns4.google.com.
google.es nameserver = ns3.google.com.
Authoritative answers can be found from:
So now we have 4 different nameservers (ns[1-4].google.com) we could choose from to get an authoritative answer. I'm gonna do ns1.google.com in this example, but you could choose whichever one.
Here's sending an A query for google.es to ns1.google.com:
> set query=A
> server ns1.google.com
Default server: ns1.google.com
Address: 2001:4860:4802:32::a#53
Default server: ns1.google.com
Address: 216.239.32.10#53
> google.es
Server: ns1.google.com
Address: 2001:4860:4802:32::a#53
Name: google.es
Address: 172.217.2.3
You may find it helpful to read the answers to this ServerFault question for more details.
Related
I'm trying to create a home automation system that watches my dog during the day while I'm at work. My goals for this project are to learn a bit about DNS, file serving, and the RaspberryPi.
My hardware setup is as so:
1 RaspberryPi (camera enabled, and planning to use this as the web server behind my home router).
1 digital ocean mini instance (ubuntu12.04 with DNS provided via BIND).
1 macbook (testing DNS with this for now, but will later be using iPhones most commonly).
I'd like to use bubby.com as the domain name. This works when I query from my digital ocean server. However, if I try from my laptop, I get back a different ip.
Tests from digital ocean instance:
dns settings (contents of /etc/resolv.conf)
nameserver x.x.x.x
nameserver 8.8.8.8
nameserver 8.8.4.4
nslookup of bubby.com
nslookup bubby.com
Server: x.x.x.x
Address: x.x.x.x#53
Name: bubby.com
Address: y.y.y.y
(1 and 2 are correct as far as I can tell)
Tests from macbook
DNS settings from wifi (retrieved from Network Preferences):
nameservers x.x.x.x, 8.8.8.8
nslookup of bubby.com
nslookup bubby.com
Server: x.x.x.x
Address: x.x.x.x#53
Non-authoritative answer:
Name: bubby.com
Address: 216.21.239.197
Could someone help me explain why I get different results from the same dns server that are showing different addresses, even though the server/address is correct for the dns server?
Update 1: Reran test of nslookup
date && nslookup bubby.com
Sat Aug 20 05:57:01 PDT 2016
Server: x.x.x.x
Address: x.x.x.x#53
Non-authoritative answer:
Name: bubby.com
Address: 216.21.239.197
Dig bubby.com from laptop
date && dig bubby.com #192.241.227.149
Sat Aug 20 06:06:27 PDT 2016
; <<>> DiG 9.8.3-P1 <<>> bubby.com #x.x.x.x
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18813
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;bubby.com. IN A
;; ANSWER SECTION:
bubby.com. 3600 IN A 216.21.239.197
;; Query time: 132 msec
;; SERVER: x.x.x.x#53(x.x.x.x)
;; WHEN: Sat Aug 20 06:06:27 2016
;; MSG SIZE rcvd: 43
Dig hubby.com from digital ocean server with dns
date && dig bubby.com #x.x.x.x
Sat Aug 20 13:12:36 UTC 2016
; <<>> DiG 9.8.1-P1 <<>> bubby.com #x.x.x.x
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38404
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;bubby.com. IN A
;; ANSWER SECTION:
bubby.com. 604800 IN A y.y.y.y
;; AUTHORITY SECTION:
bubby.com. 604800 IN NS ns.bubby.com.
;; ADDITIONAL SECTION:
ns.bubby.com. 604800 IN A y.y.y.y
;; Query time: 2 msec
;; SERVER: x.x.x.x#53(x.x.x.x)
;; WHEN: Sat Aug 20 13:12:36 2016
;; MSG SIZE rcvd: 76
Update 2: DNS lookup from laptop while specifying another DNS server
date && nslookup ip.smartydns.com 87.117.205.40
Sat Aug 20 09:12:09 PDT 2016
Server: 87.117.205.40
Address: 87.117.205.40#53
Non-authoritative answer:
Name: ip.smartydns.com
Address: 82.196.5.38
Look at the dig output from your laptop, notice the AUTHORITY: 0. The reason for this is because this answer is not coming form your Digital Ocean instance (I have tested form several different locations, and I always get the same results as you get when you test from the instance itself), but from some other DNS server that is not authoritative for bubby.com.
The final smartyDNS test confirmed it: someone/something between you and and the rest of the internet (most probably your ISP or compromised home router) is acting as 'Transparent DNS proxy', intercepting your DNS queries and redirecting them to their own DNS server.
If you want to be sure, since probably only UDP/TCP port 53 is intercepted, you can try changing BIND to listen at some other port, then test from both digital Ocean instance and your laptop with dig querying that new port:
dig bubby.com #192.241.227.149 -p 5555
You should this time get the same results.
I have some DNS issues and I am trying to figure out if this is a correct I should get when I run this on VPS
getent hosts test.com
69.xx.xx.xxx server.test.com server www.test.com www test.com test testuser
for other sites the answer looks like this
getent hosts justhost.com
74.220.195.132 justhost.com
Are the first result ok? where are the values taken from?
Update:
If it helps
nslookup test.com 127.0.0.1
Server: 127.0.0.1
Address: 127.0.0.1#53
server can't find test.com: NXDOMAIN
dig #localhost test.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 56197
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;test.com. IN A
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Feb 24 14:32:24 2015
;; MSG SIZE rcvd: 41
Pinging the ns1 gives me the correct server ip
Pinging the domain name gives me the old server ip
Is this usual?
From an analysis on intoDNS (http://www.intodns.com/blackcatadvertising.com) it seems that the nameserver are not setted properly. Check both on your DNS provider (if it's not you) and on cPanel how they are setted. If you are sure that they are right as they are right now I would ask when did you created the domain? Sometime is required after the creation in order to let the DNS spread
fixed via How to fix a dig command with status: REFUSED?, basically I had to edit names.conf to have allow-query to any, and restart names
I'm new to bind9. I've fixed a lot of issues, but now I need some help.
I basically just want to bind my domain magestionfacile.fr and some subdomains to 94.23.108.206.
Here's my configuration files:
named.conf.local
zone "magestionfacile.fr" {
type master;
allow-transfer {94.23.108.206;};
file "/etc/bind/db.magestionfacile.fr";
};
db.magestionfacile.fr
;
; BIND reverse data file for broadcast zone
;
; Time To Live
$TTL 604800
; General Informations
# IN SOA magestionfacile.fr. root.magestionfacile.fr. (
10 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
; Domain TTL IN Type Value
IN NS ns354747.ovh.net.
IN NS sdns1.ovh.net.
IN NS sdns2.ovh.net.
# IN A 94.23.108.206
vmx IN A 94.23.108.206
vimexcom IN CNAME vmx.magestionfacile.fr.
ownercheck IN TXT "some_number"
The three NS directives, I'm not sure if it's the right values. I mean, I'm not even sure if only one DNS server is sufficient so...
Some tests:
odoo#yann-acer-portable:~$ nslookup magestionfacile.fr 8.8.8.8
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
Name: magestionfacile.fr
Address: 94.23.108.206
odoo#yann-acer-portable:~$ nslookup magestionfacile.fr
Server: 127.0.1.1
Address: 127.0.1.1#53
** server can't find magestionfacile.fr: SERVFAIL
odoo#yann-acer-portable:~$ ping magestionfacile.fr
ping: unknown host magestionfacile.fr
odoo#yann-acer-portable:~$ ping vmx.magestionfacile.fr
ping: unknown host vmx.magestionfacile.fr
I'm aware that usually, you need two DNS servers, right ? Can I do with one ? Thanks for the help !
SERVFAIL means that the nameserver for one reason or another could not produce a valid answer to the question. For more information, you need to look in the nameserver log file (although if what you posted up there is the entire zone file, the problem likely is a missing $ORIGIN).
I recently transferred the domain(v3foods.in) from godaddy to big rock because there was an issue for violating the rules which I didn't do wantedly. So I paid the fine and transferred the domain. Now when I try to link with the same old hosting it is not linking up. It is showing like A record not found which I entered and maintained for more than 48hrs. I feel like I made a mistake somewhere so can someone help me.
So you can query for the NS like this :
nslookup -q=ns v3foods.in
reply is :
Server: 8.8.8.8
Address: 8.8.8.8#53
Non-authoritative answer:
v3foods.in nameserver = dns3.bigrock.in.
v3foods.in nameserver = dns1.bigrock.in.
v3foods.in nameserver = dns4.bigrock.in.
v3foods.in nameserver = dns2.bigrock.in.
Your Ping Data is now pointing to this Host
ping v3foods.in
PING v3foods.in (23.229.248.68) 56(84) bytes of data.
64 bytes from ip-23-229-248-68.ip.secureserver.net (23.229.248.68): icmp_req=1 ttl=56 time=68.8 ms
This is also the A record
Your Dig is now set for a very long time(in my opinion if you dont pay for DNS query set this to 5 min..)
dig v3foods.in
; <<>> DiG 9.8.1-P1 <<>> v3foods.in
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36816
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;v3foods.in. IN A
;; ANSWER SECTION:
v3foods.in. 21595 IN A 23.229.248.68
;; Query time: 17 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Dec 22 17:50:13 2014
;; MSG SIZE rcvd: 44
And this is the result from the NameServer at bigrock.in
> v3foods.in
Server: dns3.bigrock.in
Address: 67.15.253.219#53
Name: v3foods.in
Address: 23.229.248.68
>
If you can login into your hosting server run : ifconfig
this will show you the hosting External IP the format you will get will be eth0 - > inet addr: SERVER EXTERNAL IP
It seem like a straight A record Issue point to the right IP .. hope this help
Okay, at the moment i have my domain's host file which was generated by the Webmin control panel. I have a box to myself with several IPs and i want to make use of more than one. I don't fully understand everything to do with host files but I know enough to get by.
Can anyone suggest how i would go about changing the below host file to make my two name servers and mail server have their own IPs and then my domains and sub domains share another?
$ttl 120
# IN SOA ns1.example.com. webmaster.example.com. (
1283718781
1D
120
7D
120 )
example.com. IN NS ns1.example.com.
example.com. IN A 192.168.0.1
www.example.com. IN A 192.168.0.1
ftp.example.com. IN A 192.168.0.1
m.example.com. IN A 192.168.0.1
localhost.example.com. IN A 127.0.0.1
webmail.example.com. IN A 192.168.0.1
admin.example.com. IN A 192.168.0.1
mail.example.com. IN A 192.168.0.1
example.com. IN MX 5 mail.example.com.
example.com. IN NS ns2.example.com.
[edit]
Just to add, can you also suggest any improvements because at present initial loading of the website is slow, i did a dns test from an online tool and resolving was taking a long while. After the first page load the site's home page then loads in less than 2 seconds, presumably because stuff has been cached after the first load.
please and thanks in advance for any help.
I'm not sure if I understood your question but I would use following zone file for example.com domain:
$ttl 120
# IN SOA ns1.example.com. webmaster.example.com. (
2010091401 ; Serial format YYYYmmddXX where XX is 01-99
1D
120
7D
120 )
IN NS ns1.example.com.
IN NS ns2.example.com.
IN MX 5 mail.example.com.
IN A 192.168.0.1
ns1 IN A 192.168.xxx.xxx ; ns1 ip
ns2 IN A 192.168.xxx.xxx ; ns2 ip
www IN A 192.168.0.1
ftp IN A 192.168.0.1
m IN A 192.168.0.1
webmail IN A 192.168.0.1
admin IN A 192.168.0.1
mail IN A 192.168.0.1
localhost IN A 127.0.0.1