I am doing:
dig #example.com hostname.example.com | grep ANSWER:
which return me following output
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
How can I use pipe to get the count of answer in variable.
var=$(dig #example.com hostname.example.com | grep ANSWER:|....?...)
Use awk. You can then loop through the columns, find the one with ANSWER:, and print the next column after it.
var=$(dig #example.com hostname.example.com |
awk '/ANSWER/ { for (i = 1; i < NF-1; i++) if ($i == "ANSWER:") { print $(i+1); break } }'
You can use awk like this:
dig #8.8.8.8 www.example.com | awk '/ANSWER:/{print $2}' RS=,
The key here is to use , as the input record separator. Look how the input records appear to awk when using RS=,:
; <<>> DiG 9.10.3-P4-Ubuntu <<>> #8.8.8.8 www.example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY
status: NOERROR
id: 49711
;; flags: qr rd ra ad; QUERY: 1
ANSWER: 1 <----- Look here! The ANSWER: is a separate record
AUTHORITY: 0
ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0
flags:; udp: 512
;; QUESTION SECTION:
;www.example.com. IN A
;; ANSWER SECTION:
www.example.com. 74953 IN A 93.184.216.34
;; Query time: 43 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Tue Jun 27 03:40:13 CEST 2017
;; MSG SIZE rcvd: 60
The ANSWER: N section is a separate record. Now we can simply filter the /ANSWER:/ record by regex and print the second column of that row using print $2.
PS: A sed alternative would be:
dig #8.8.8.8 www.example.com | sed -rn '/(.*ANSWER: )([0-9]+)(.*)/s//\2/p'
Related
I am running a bunch of services inside a AWS EKS cluster. Using below service as an example.
$ k get svc redis -n production
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
redis ClusterIP 10.100.215.197 <none> 6379/TCP 2y73d
When I use dig to find out the reverse dns record, it shows below:
root#server-684c765d78-6z4wv:/app# dig -x 10.100.215.197
; <<>> DiG 9.16.37-Debian <<>> -x 10.100.215.197
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15985
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 784136d1092b3acc (echoed)
;; QUESTION SECTION:
;197.215.100.10.in-addr.arpa. IN PTR
;; ANSWER SECTION:
197.215.100.10.in-addr.arpa. 5 IN PTR redis.production.svc.cluster.local.
;; Query time: 0 msec
;; SERVER: 10.100.0.10#53(10.100.0.10)
;; WHEN: Sun Feb 05 05:04:40 UTC 2023
;; MSG SIZE rcvd: 143
However, if I add a record type parameter any, it shows
root#server-684c765d78-6z4wv:/app# dig -x 10.100.215.197 any
; <<>> DiG 9.16.37-Debian <<>> -x 10.100.215.197 any
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10130
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;197.215.100.10.in-addr.arpa. IN ANY
;; ANSWER SECTION:
197.215.100.10.in-addr.arpa. 30 IN PTR ip-10-100-215-197.us-east-2.compute.internal.
;; Query time: 4 msec
;; SERVER: 10.100.0.10#53(10.100.0.10)
;; WHEN: Sun Feb 05 05:04:42 UTC 2023
;; MSG SIZE rcvd: 141
My question is why it shows two different results redis.production.svc.cluster.local. and ip-10-100-215-197.us-east-2.compute.internal.? and what are their relation?
I was able to start an unbound server and now can succecifuly use the dig command but can't use any other command due to name resolution failing.
$ dig one.one.one.one
; <<>> DiG 9.16.1-Ubuntu <<>> one.one.one.one
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37768
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;one.one.one.one. IN A
;; ANSWER SECTION:
one.one.one.one. 286 IN A 1.1.1.1
one.one.one.one. 286 IN A 1.0.0.1
;; Query time: 0 msec
;; SERVER: ::1#53(::1)
;; WHEN: Mon May 23 15:37:34 JST 2022
;; MSG SIZE rcvd: 76
$ ping one.one.one.one
ping: one.one.one.one: Temporary failure in name resolution
needed to add loopback address to /etc/resolv.conf
I have two mirrored forward DNS server(for simplifying, named f1, f2) which forward some domain request to my authoritative DNS server(also named a1, a2), I added some new domain to my authoritative DNS server, but when I nslookup the new domain from f1 or f2, I got Non-existent domain error like the following. If I nslookup from a1 or a2, it worked.
C:\Users\Liu.D.H>nslookup www.yqsbfiles.ynu.edu.cn
Server: ynu-public-dns-a.ynu.edu.cn
Address: 113.55.13.51
*** ynu-public-dns-a.ynu.edu.cn can't find www.yqsbfiles.ynu.edu.cn: Non-existent domain
C:\Users\Liu.D.H>
I also used dig to get more debug info.
C:\Users\Liu.D.H>dig www.yqsbfiles.ynu.edu.cn #113.55.13.52
; <<>> DiG 9.10.6 <<>> www.yqsbfiles.ynu.edu.cn #113.55.13.52
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 28130
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.yqsbfiles.ynu.edu.cn. IN A
;; AUTHORITY SECTION:
ynu.edu.cn. 9936 IN SOA pridns.ynu.edu.cn. root.pridns.ynu.edu.cn. 2016062301 10800 3600 604800 86400
;; Query time: 0 msec
;; SERVER: 113.55.13.52#53(113.55.13.52)
;; WHEN: Fri Jun 08 10:44:35 China Standard Time 2018
;; MSG SIZE rcvd: 101
C:\Users\Liu.D.H>
But the strange thing was that if I did rndc flush on one of f1 or f2, then I can request successfully.
C:\Users\Liu.D.H>dig www.yqsbfiles.ynu.edu.cn #113.55.13.51
; <<>> DiG 9.10.6 <<>> www.yqsbfiles.ynu.edu.cn #113.55.13.51
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4168
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 5
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.yqsbfiles.ynu.edu.cn. IN A
;; ANSWER SECTION:
www.yqsbfiles.ynu.edu.cn. 86400 IN CNAME lb-http.ynu.edu.cn.
lb-http.ynu.edu.cn. 86393 IN A 202.203.208.41
;; AUTHORITY SECTION:
ynu.edu.cn. 86391 IN NS secdns.ynu.edu.cn.
ynu.edu.cn. 86391 IN NS pridns.ynu.edu.cn.
;; ADDITIONAL SECTION:
pridns.ynu.edu.cn. 86396 IN A 202.203.208.33
pridns.ynu.edu.cn. 86396 IN AAAA 2001:250:2800:2::33
secdns.ynu.edu.cn. 86391 IN A 202.203.208.34
secdns.ynu.edu.cn. 86391 IN AAAA 2001:250:2800:2::34
;; Query time: 2 msec
;; SERVER: 113.55.13.51#53(113.55.13.51)
;; WHEN: Fri Jun 08 10:43:02 China Standard Time 2018
;; MSG SIZE rcvd: 221
C:\Users\Liu.D.H>
I noticed that this two dig output had something different in AUTHORITY SECTION.
Any help would be appreciated. Thanks in advance.
You need to register the Authoritative Domain name server with the domain registrar for your new domain pointing to a1 and a2. After that it will work fine.
Here is my zone file:
$TTL 1H
# IN SOA ns.e164.arpa. hostmaster.e164.arpa. (
199802151 ; serial, todays date + todays serial #
8H ; refresh, seconds
2H ; retry, seconds
4W ; expire, seconds
1D ) ; minimum, seconds
;
NS ns ; Inet Address of name server
;
;
2.8.0.2.0.8.0.0.8.5.6.1.9.4.e164.arpa. NAPTR 0 0 "u" "E2U+sip" "!^.*$!sip:+49165800802082#ibcf.core.test;user=phone!" .
2.8.0.2.0.8.0.0.8.5.6.1.9.4.e164.arpa. NAPTR 0 0 "u" "E2U+sip" "!^.*$!sip:+49165800802082#ibcf.core.test!" .
3.2.1.0.5.5.5.5.1.2.1.e164.arpa. NAPTR 0 0 "u" "E2U+pstn:tel" "!^.*$!tel:+1-215-555-0123;npdi;rn=+1-215-555-0199!" .
3.2.1.0.5.5.5.5.1.2.1.e164.arpa. NAPTR 10 100 "u" "E2U+pstn:sip" "!^.*$!sip:+1-215-555-0123;npdi;rn=+1-215-555-0199#ibcf.core.test;user=phone!".
;
;
; A records:
;
ns A 10.10.240.4
localhost A 127.0.0.1
ns AAAA 3001:10:240::4
Then i run:
dig naptr 3.2.1.0.5.5.5.5.1.2.1.e164.arpa #127.0.0.1
it works ok, the result is:
; <<>> DiG 9.9.4-P2 <<>> naptr 3.2.1.0.5.5.5.5.1.2.1.e164.arpa #127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40018
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 1, ADDITIONAL: 3
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;3.2.1.0.5.5.5.5.1.2.1.e164.arpa. IN NAPTR
;; ANSWER SECTION:
3.2.1.0.5.5.5.5.1.2.1.e164.arpa. 3600 IN NAPTR 10 100 "u" "E2U+pstn:sip" "!^.*$!sip:+1-215-555-0123\;npdi\;rn=+1-215-555-0199#ibcf.core.test\;user=phone!" .
3.2.1.0.5.5.5.5.1.2.1.e164.arpa. 3600 IN NAPTR 0 0 "u" "E2U+pstn:tel" "!^.*$!tel:+1-215-555-0123\;npdi\;rn=+1-215-555-0199!" .
;; AUTHORITY SECTION:
e164.arpa. 3600 IN NS ns.e164.arpa.
;; ADDITIONAL SECTION:
ns.e164.arpa. 3600 IN A 10.10.240.4
ns.e164.arpa. 3600 IN AAAA 3001:10:240::4
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Sep 19 10:42:20 CEST 2016
;; MSG SIZE rcvd: 313
My Question:
I have a lot of address like (3.2.1.0.5.5.5.5.1.2.1.e164.arpa.) to lookup, but i don't want write every record in this zone file.
Do dns support regex for zone configure file?
just like:
3.*.e164.arpa. NAPTR 10 100 "u" "E2U+pstn:sip" "!^.*$!sip:+1-215-555-0123;npdi;rn=+1-215-555-0199#ibcf.core.test;user=phone!".
The first char is 3 will match this rule.
Background: I've setup a site on Squarespace, got a domain on domain.com, used domain.com's DNS manager to create CNAME for squarespace (like they recommend).
I changed the nameservers yesterday to slicehost (a failed experiment) and back to domain.com's tonight. Now when I run a dig, I get the following:
; <<>> DiG 9.6.0-APPLE-P2 <<>> veganhopeworkshop.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 54930
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;veganhopeworkshop.com. IN A
;; Query time: 300 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Tue Jun 15 23:23:02 2010
;; MSG SIZE rcvd: 39
Does the "status: SERVFAIL" indicate anything wrong about my configuration?
At the time of writing (09:30 GMT on 16th June) none of the three name servers at domain.com (ns1, ns2 and ns3.domain.com) are correctly serving your zone.
% dig +norec #ns3.domain.com. veganhopeworkshop.com ns
; <<>> DiG 9.6.0-APPLE-P2 <<>> +norec #ns3.domain.com. veganhopeworkshop.com ns
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52861
;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 13
;; QUESTION SECTION:
;veganhopeworkshop.com. IN NS
...
So, in the first instance, you need to talk to them to find out why not.