nanoscopic wiki

User Tools

Site Tools

You are here: start » pages » howtos » diagnose » how-to-diagnose-dns-with-dig
pages:howtos:diagnose:how-to-diagnose-dns-with-dig

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
pages:howtos:diagnose:how-to-diagnose-dns-with-dig [2024/05/06 18:03] – [Determine the DNS Server holding a RDNS (PTR) Record] mischerhpages:howtos:diagnose:how-to-diagnose-dns-with-dig [2024/05/07 13:30] (current) – [How to interpret DIG output] mischerh
Line 14: Line 14:
   * @a.ns14.net: specifying the DNS server to query   * @a.ns14.net: specifying the DNS server to query
   * nanoscopic.de: the name to query for   * nanoscopic.de: the name to query for
 +
 +If no type is specified, dig queries for an "A"-record. If not told to query a specific name server, dig will try each of the servers listed in the systems /etc/resolv.conf. Have a look at the [[https://linux.die.net/man/1/dig | dig manual page]] for more options.
 +
 +<sxh bash; gutter: false>
 +dig wiretrip.de
 +</sxh>
 +<code>
 +; <<>> DiG 9.18.26 <<>> wiretrip.de
 +;; global options: +cmd
 +;; Got answer:
 +;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43783
 +;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
 +
 +;; OPT PSEUDOSECTION:
 +; EDNS: version: 0, flags:; udp: 1424
 +;; QUESTION SECTION:
 +;wiretrip.de.                   IN      A
 +
 +;; ANSWER SECTION:
 +wiretrip.de.            3600    IN      A       159.69.16.204
 +
 +;; Query time: 13 msec
 +;; SERVER: 192.168.1.1#53(192.168.1.1) (UDP)
 +;; WHEN: Tue May 07 15:18:42 CEST 2024
 +;; MSG SIZE  rcvd: 56
 +</code>
 +
  
  
Line 104: Line 131:
 Works for IPv4 and IPV6 addresses Works for IPv4 and IPV6 addresses
 <sxh bash; gutter: false> <sxh bash; gutter: false>
-IPADDR="2a01:4f8:c0c:fa5c::1"; IPADDR="$( dig -x $IPADDR | egrep '^;.*PTR$' | cut -c 2- | awk '{print $1}' )"; dig in ns $IPADDR;+IPADDR="80.147.157.18"; IPADDR="$( dig -x $IPADDR | egrep '^;.*PTR$' | cut -c 2- | awk '{print $1}' )"; dig in ns $IPADDR;
 </sxh> </sxh>
 <code> <code>
-; <<>> DiG 9.18.26 <<>> in ns 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.c.5.a.f.c.0.c.0.8.f.4.0.1.0.a.2.ip6.arpa.+; <<>> DiG 9.18.26 <<>> in ns 18.157.147.80.in-addr.arpa.
 ;; global options: +cmd ;; global options: +cmd
 ;; Got answer: ;; Got answer:
-;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50675+;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29955
 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
  
Line 116: Line 143:
 ; EDNS: version: 0, flags:; udp: 1424 ; EDNS: version: 0, flags:; udp: 1424
 ;; QUESTION SECTION: ;; QUESTION SECTION:
-;1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.c.5.a.f.c.0.c.0.8.f.4.0.1.0.a.2.ip6.arpa. IN NS+;18.157.147.80.in-addr.arpa.    IN      NS
  
 ;; AUTHORITY SECTION: ;; AUTHORITY SECTION:
-c.5.a.f.c.0.c.0.8.f.4.0.1.0.a.2.ip6.arpa. 3540 IN SOA ns1.your-server.de. dns.hetzner.com2020062010 14400 1800 604800 86400+157.147.80.in-addr.arpa. 3600   IN      SOA     pns.dtag.de. dns.telekom.de2024050700 86400 7200 3600000 3600
  
-;; Query time: msec+;; Query time: 39 msec
 ;; SERVER: 192.168.1.1#53(192.168.1.1) (UDP) ;; SERVER: 192.168.1.1#53(192.168.1.1) (UDP)
-;; WHEN: Mon May 06 19:49:14 CEST 2024 +;; WHEN: Tue May 07 14:55:38 CEST 2024 
-;; MSG SIZE  rcvd: 170+;; MSG SIZE  rcvd: 114
 </code> </code>
  
-<wrap hi>The **DNS server**, serving the **PTR record** for **2a01:4f8:c0c:fa5c::1** (nanoscopic.de), is **ns1.your-server.de**.</wrap> +The **DNS server**, serving the **PTR record** for **80.147.157.18** (nanoscopic.de), is **pns.dtag.de**.
-===== How to interpret DIG output =====+
  
 +
 +For IPv6 addresses, e.g. 2003:a:b1c:f420:be24:11ff:feb3:a94f, replace the last four hexadecimal digits with a zero: 2003:a:b1c:f420:be24:11ff:feb3:0.
 +
 +
 +===== Query the RDNS server of a Network Segment for current PTR data =====
 +
 +To get current RDNS data, use @<HOSTNAME_OF_RDNS_SERVER>.
 +<sxh bash; gutter: false>
 +dig @pns.dtag.de -x 2003:a:b1c:f420:be24:11ff:feb3:a94f
 +</sxh>
 +<code>
 +; <<>> DiG 9.18.26 <<>> @pns.dtag.de -x 2003:a:b1c:f420:be24:11ff:feb3:a94f
 +; (2 servers found)
 +;; global options: +cmd
 +;; Got answer:
 +;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57046
 +;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
 +;; WARNING: recursion requested but not available
 +
 +;; OPT PSEUDOSECTION:
 +; EDNS: version: 0, flags:; udp: 1232
 +; COOKIE: 0df13100e908f31301000000663a234b9c80aa6cf1625885 (good)
 +;; QUESTION SECTION:
 +;f.4.9.a.3.b.e.f.f.f.1.1.4.2.e.b.0.2.4.f.c.1.b.0.a.0.0.0.3.0.0.2.ip6.arpa. IN PTR
 +
 +;; ANSWER SECTION:
 +f.4.9.a.3.b.e.f.f.f.1.1.4.2.e.b.0.2.4.f.c.1.b.0.a.0.0.0.3.0.0.2.ip6.arpa. 86400 IN PTR mail.ignion.de.
 +
 +;; Query time: 9 msec
 +;; SERVER: 2003:40:8000::100#53(pns.dtag.de) (UDP)
 +;; WHEN: Tue May 07 14:49:15 CEST 2024
 +;; MSG SIZE  rcvd: 157
 +</code>
 +
 +===== How to inspect a SPF Record =====
 +
 +Determine the authoritative DNS server
 +<sxh bash; gutter: false>
 +dig -t SOA mx.wiretrip.de
 +</sxh>
 +<code>
 +; <<>> DiG 9.18.26 <<>> -t soa wiretrip.de
 +;; global options: +cmd
 +;; Got answer:
 +;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58644
 +;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
 +
 +;; OPT PSEUDOSECTION:
 +; EDNS: version: 0, flags:; udp: 1424
 +;; QUESTION SECTION:
 +;wiretrip.de.                   IN      SOA
 +
 +;; ANSWER SECTION:
 +wiretrip.de.            43200   IN      SOA     a.ns14.net. domains.wiretrip.de. 2024050305 43200 14400 604800 43200
 +
 +;; Query time: 139 msec
 +;; SERVER: 192.168.1.1#53(192.168.1.1) (UDP)
 +;; WHEN: Tue May 07 15:08:24 CEST 2024
 +;; MSG SIZE  rcvd: 94
 +</code>
 +
 +Then query the authoritative DNS server for current data:
 +<sxh bash; gutter: false>
 +dig @a.ns14.net -t TXT wiretrip.de
 +</sxh>
 +
 +<code>
 +; <<>> DiG 9.18.26 <<>> @a.ns14.net -t TXT wiretrip.de
 +; (2 servers found)
 +;; global options: +cmd
 +;; Got answer:
 +;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48047
 +;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
 +;; WARNING: recursion requested but not available
 +
 +;; OPT PSEUDOSECTION:
 +; EDNS: version: 0, flags:; udp: 1232
 +;; QUESTION SECTION:
 +;wiretrip.de.                   IN      TXT
 +
 +;; ANSWER SECTION:
 +wiretrip.de.            43200   IN      TXT     "v=spf1 ip4:159.69.16.204 ip4:80.147.157.18 ip6:2a01:4f8:c0c:fa5c::1 ip6:2003:a:b1c:f420:f0ce:b1ff:fe08:3162 -all"
 +wiretrip.de.            43200   IN      TXT     "YweIdum3Gyt2qOzYU44Q"
 +
 +;; Query time: 16 msec
 +;; SERVER: 62.116.159.231#53(a.ns14.net) (UDP)
 +;; WHEN: Tue May 07 15:09:38 CEST 2024
 +;; MSG SIZE  rcvd: 198
 +</code>
 +
 +<sxh bash; gutter: false>
 +dig @a.ns14.net -t TXT wiretrip.de | grep spf
 +</sxh>
 +<code>
 +wiretrip.de.            43200   IN      TXT     "v=spf1 ip4:159.69.16.204 ip4:80.147.157.18 ip6:2a01:4f8:c0c:fa5c::1 ip6:2003:a:b1c:f420:f0ce:b1ff:fe08:3162 -all"
 +</code>
 +===== How to interpret DIG output =====
 +FIXME
 +  * https://ns1.com/blog/decoding-dig-output
  
 ---- ----
 ~~DISCUSSION~~ ~~DISCUSSION~~
  
pages/howtos/diagnose/how-to-diagnose-dns-with-dig.1715018628.txt.gz · Last modified: 2024/05/06 18:03 by mischerh