How to use the dig/nslookup command to view DNS resolution steps

dig - DNS lookup utility

When a domain name access failure occurs, you can check the domain name resolution to determine whether the problem is caused by incorrect resolution.
1. No result in domain name resolution (does not exist or is on hold (not authenticated by real name, etc.)
2. The domain name is resolved to the wrong IP (blocked, hijacked, responds to the wrong result, needs to judge the resolution process)
3. The value of the corresponding CNAME record cannot be resolved
4. Some resolution is abnormal (when multiple domain name servers are configured, the resolution results of multiple servers are inconsistent. You need to confirm whether the resolution records added on the DNS server are consistent)

A simple analysis of www.baidu.com results in the following:

Write the picture description here

You can see that there are request segments and response segments, and finally two A records are parsed.

dig command for iterative query

Add +trace after the command to track the entire parsing process:
1. The root domain name server finds the top-level domain name server responsible for resolving .com
2. Find the second-level domain name server of baidu.com from the top-level domain name server
3. The secondary domain name server finds a CNAME record www.a.shifen.com corresponding to www.baidu.com
4. Find the A record corresponding to www.a.shifen.com
5. Finally, return the IP address corresponding to the A record

[root@jia3 ~]# dig www.baidu.com +trace

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6 <<>> www.baidu.com +trace
;; global options: +cmd
. 320307 IN NS a.root-servers.net.
. 320307 IN NS k.root-servers.net.
. 320307 IN NS i.root-servers.net.
. 320307 IN NS l.root-servers.net.
. 320307 IN NS b.root-servers.net.
. 320307 IN NS e.root-servers.net.
. 320307 IN NS h.root-servers.net.
. 320307 IN NS d.root-servers.net.
. 320307 IN NS g.root-servers.net.
. 320307 IN NS j.root-servers.net.
. 320307 IN NS f.root-servers.net.
. 320307 IN NS m.root-servers.net.
. 320307 IN NS c.root-servers.net.
;; Received 228 bytes from 202.106.0.20#53(202.106.0.20) in 98 ms

com. 172800 IN NS c.gtld-servers.net.
com. 172800 IN NS l.gtld-servers.net.
com. 172800 IN NS d.gtld-servers.net.
com. 172800 IN NS h.gtld-servers.net.
com. 172800 IN NS m.gtld-servers.net.
com. 172800 IN NS a.gtld-servers.net.
com. 172800 IN NS k.gtld-servers.net.
com. 172800 IN NS b.gtld-servers.net.
com. 172800 IN NS e.gtld-servers.net.
com. 172800 IN NS g.gtld-servers.net.
com. 172800 IN NS j.gtld-servers.net.
com. 172800 IN NS i.gtld-servers.net.
com. 172800 IN NS f.gtld-servers.net.
;; Received 491 bytes from 192.5.5.241#53(192.5.5.241) in 93 ms

baidu.com. 172800 IN NS dns.baidu.com.
baidu.com. 172800 IN NS ns2.baidu.com.
baidu.com. 172800 IN NS ns3.baidu.com.
baidu.com. 172800 IN NS ns4.baidu.com.
baidu.com. 172800 IN NS ns7.baidu.com.
;; Received 201 bytes from 192.48.79.30#53(192.48.79.30) in 501 ms

www.baidu.com. 1200 IN CNAME www.a.shifen.com.
a.shifen.com. 1200 IN NS ns1.a.shifen.com.
a.shifen.com. 1200 IN NS ns2.a.shifen.com.
a.shifen.com. 1200 IN NS ns5.a.shifen.com.
a.shifen.com. 1200 IN NS ns3.a.shifen.com.
a.shifen.com. 1200 IN NS ns4.a.shifen.com.
;; Received 228 bytes from 220.181.37.10#53(220.181.37.10) in 8 ms

How does the dig command return when the domain name does not exist?

For example, the domain name www.not-exists-domain.com does not exist.
The whole process is as follows:
1. Return the server address of the .com top-level domain from the root domain name
2. The second-level domain name does not exist when the .com top-level domain is searched, and an SOA record is returned

[root@jia3 ~]# dig www.not-exists-domain.com +trace

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.30.rc1.el6 <<>> www.not-exists-domain.com +trace
;; global options: +cmd
. 319714 IN NS b.root-servers.net.
. 319714 IN NS e.root-servers.net.
. 319714 IN NS h.root-servers.net.
. 319714 IN NS d.root-servers.net.
. 319714 IN NS g.root-servers.net.
. 319714 IN NS j.root-servers.net.
. 319714 IN NS f.root-servers.net.
. 319714 IN NS m.root-servers.net.
. 319714 IN NS c.root-servers.net.
. 319714 IN NS a.root-servers.net.
. 319714 IN NS k.root-servers.net.
. 319714 IN NS i.root-servers.net.
. 319714 IN NS l.root-servers.net.
;; Received 228 bytes from 202.106.0.20#53(202.106.0.20) in 105 ms

com. 172800 IN NS e.gtld-servers.net.
com. 172800 IN NS c.gtld-servers.net.
com. 172800 IN NS j.gtld-servers.net.
com. 172800 IN NS l.gtld-servers.net.
com. 172800 IN NS k.gtld-servers.net.
com. 172800 IN NS g.gtld-servers.net.
com. 172800 IN NS m.gtld-servers.net.
com. 172800 IN NS a.gtld-servers.net.
com. 172800 IN NS i.gtld-servers.net.
com. 172800 IN NS h.gtld-servers.net.
com. 172800 IN NS b.gtld-servers.net.
com. 172800 IN NS f.gtld-servers.net.
com. 172800 IN NS d.gtld-servers.net.
;; Received 503 bytes from 192.112.36.4#53(192.112.36.4) in 228 ms

com. 900 IN SOA a.gtld-servers.net. nstld.verisign-grs.com. 1524576381 1800 900 604800 86400
;; Received 116 bytes from 192.12.94.30#53(192.12.94.30) in 333 ms

nslookup - query Internet name servers interactively

nslookup can be used in two ways: interactive and non-interactive.

Write the picture description here

nslookup can also specify a domain name server for resolution. The command format is as follows:

nslookup www.baidu.com 8.8.8.8 (domain name server address)

Write the picture description here

The above is the full content of this article. I hope it will be helpful for everyone’s study. I also hope that everyone will support 123WORDPRESS.COM.

You may also be interested in:

Win2003 DNS server configuration method [illustration]
Win7+xp command line to modify IP and DNS in one click
Win2003 server set up DNS server configuration diagram tutorial (more detailed)
Windows 2003 DNS server configuration (illustration and text)
Nginx DNS resolver configuration example
Windows Server 2008 R2 DNS Server Configuration Graphic Tutorial
Batch code for obtaining network card names (with scripts for modifying IP, gateway, and DNS)
Get various response times of the site (DNS resolution time, response time, transmission time)
Batch processing, VBS to automatically set IP, default gateway, DNS, WINS, IE proxy (full)
A simple example of using Java to implement DNS domain name resolution

<<: Analysis of idea compiler vue indentation error problem scenario

>>: Detailed explanation of the solution to forget the password in MySQL 5.7

A brief introduction to the command line tool mycli for operating MySQL database

How to use the dig/nslookup command to view DNS resolution steps

A brief introduction to the command line tool mycli for operating MySQL database

Analysis of the principle of Mybatis mapper dynamic proxy

Implementing long shadow of text in less in CSS3

Implementing a web calculator with native JavaScript

Detailed explanation of the time representation example of the Linux time subsystem

Vue.js style layout Flutter business development common skills

10 HTML table-related tags

Detailed process of zabbix monitoring process and port through agent

uniapp Sample code for implementing global sharing of WeChat mini-programs

How to load third-party component libraries on demand in Vue3

Recommend

Difference between var and let in JavaScript

MySQL query method with multiple conditions

MySQL 8.0.13 decompression version installation and configuration method graphic tutorial

Python MySQL database table modification and query

Vue custom instructions to achieve pop-up window drag four-side stretching and diagonal stretching effect

Vue+echarts realizes stacked bar chart

Detailed explanation of MySQL database binlog cleanup command

Detailed explanation of the role of key in React

Detailed explanation of common operations of Docker images and containers

Lambda expression principles and examples

How to implement Docker container self-start

Linux automatic login example explanation

MySQL incremental backup and breakpoint recovery script example

MySQL 5.7.24 installation and configuration graphic tutorial

Introducing ECharts into the Vue project