dig 명령어 - DNS네임서버의 정보 확인





    dig란?

    dig는 Domain Information Groper의 약자로 네임서버로 부터 정보를 가져올 수 있는 툴입니다.


    dig 명령은 DNS 네임서버 구성과 도메인 설정이 완료된 후, 일반 사용자의 입장에서 설정한 도메인네임에 대한 DNS 질의응답이 정상적으로 이루어지는지를 확인 점검하는 경우에 많이 사용합니다.




     

    관련글 :

     

    도메인이란 : http://server-talk.tistory.com/76

     

    도메인과 네임서버 이해하기 : http://server-talk.tistory.com/168

     

     

     





     

     dig 명령어 패키지 설치하기




    dig 명령어 패키지 유틸리티 설치

    [root@web ~]# yum -y install bind-utils
    


    dig는 dns query lookup을 하기 위한 bind-utils 패키지에 속해 있는 유틸리티입니다.

    리눅스 배포판에서는 nslookup이 사라지고 dig로 대체될 예정이라고 합니다.





     

     dig 명령어 사용법



    dig 명령어 기본 문법


    [root@web ~]# dig [@server] [domain] [query type]
    

    server : 확인하고자할 네임서버를 지정하는 곳이며 지정하지 않을경우 리눅스 /etc/resolv.conf에 등록된 네임서버를 이용하여 루트 서버를 조회하게 됩니다.



    query-type 옵션

    a : 도메인의 아이피 정보

    any : 지정된 도메인의 모든 정보

    mx : 지정한 도메인의 메일서버 정보

    ns : 네임서버 정보

    soa : soa 정보



    도메인 조회


    명령어 : dig 도메인


    [root@web ~]# dig google.com
    
    ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.4 <<>> google.com
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26833
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
    
    ;; QUESTION SECTION:
    ;google.com.			IN	A
    
    ;; ANSWER SECTION:
    google.com.		5	IN	A	172.217.25.238
    
    ;; AUTHORITY SECTION:
    google.com.		5	IN	NS	ns2.google.com.
    google.com.		5	IN	NS	ns4.google.com.
    google.com.		5	IN	NS	ns1.google.com.
    google.com.		5	IN	NS	ns3.google.com.
    
    ;; ADDITIONAL SECTION:
    ns1.google.com.		5	IN	A	216.239.32.10
    ns2.google.com.		5	IN	A	216.239.34.10
    ns3.google.com.		5	IN	A	216.239.36.10
    ns4.google.com.		5	IN	A	216.239.38.10
    
    ;; Query time: 4 msec
    ;; SERVER: 192.168.59.2#53(192.168.59.2)
    ;; WHEN: Tue Mar 14 02:32:40 2017
    ;; MSG SIZE  rcvd: 180
    

    도메인주소를 입력하면 /etc/resolv.conf에 등록된 네임서버를 이용하여 도메인을 조회합니다. 



    특정 네임서버로 조회 DNS 조회


    명령어 : dig @8.8.8.8 google.com


    [root@web ~]# dig @8.8.8.8 google.com
    
    ; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.4 <<>> @8.8.8.8 google.com
    ; (1 server found)
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32960
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
    
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 512
    ;; QUESTION SECTION:
    ;google.com.			IN	A
    
    ;; ANSWER SECTION:
    google.com.		299	IN	A	172.217.25.238
    
    ;; Query time: 67 msec
    ;; SERVER: 8.8.8.8#53(8.8.8.8)
    ;; WHEN: 화  3월 14 12:49:22 KST 2017
    ;; MSG SIZE  rcvd: 55
    

    @네임서버주소를 넣으면  네임서버를 이용하여 도메인을 조회합니다.



    응답부분만 보기


    명령어 : dig 도메인 +short

    명령어 : dig +short 도메인


    [root@web ~]# dig +short google.com
    216.58.200.174
    



    DNS 질의 추적


    명령어 : dig 도메인 +trace


    [root@web ~]# dig google.com +trace
    
    ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.4 <<>> google.com +trace
    ;; global options: +cmd
    .			5	IN	NS	a.root-servers.net.
    .			5	IN	NS	b.root-servers.net.
    .			5	IN	NS	i.root-servers.net.
    .			5	IN	NS	l.root-servers.net.
    .			5	IN	NS	j.root-servers.net.
    .			5	IN	NS	e.root-servers.net.
    .			5	IN	NS	d.root-servers.net.
    .			5	IN	NS	f.root-servers.net.
    .			5	IN	NS	g.root-servers.net.
    .			5	IN	NS	c.root-servers.net.
    .			5	IN	NS	k.root-servers.net.
    .			5	IN	NS	m.root-servers.net.
    .			5	IN	NS	h.root-servers.net.
    ;; Received 492 bytes from 192.168.59.2#53(192.168.59.2) in 232 ms
    
    com.			172800	IN	NS	g.gtld-servers.net.
    com.			172800	IN	NS	a.gtld-servers.net.
    com.			172800	IN	NS	c.gtld-servers.net.
    com.			172800	IN	NS	j.gtld-servers.net.
    com.			172800	IN	NS	m.gtld-servers.net.
    com.			172800	IN	NS	b.gtld-servers.net.
    com.			172800	IN	NS	i.gtld-servers.net.
    com.			172800	IN	NS	h.gtld-servers.net.
    com.			172800	IN	NS	d.gtld-servers.net.
    com.			172800	IN	NS	f.gtld-servers.net.
    com.			172800	IN	NS	k.gtld-servers.net.
    com.			172800	IN	NS	l.gtld-servers.net.
    com.			172800	IN	NS	e.gtld-servers.net.
    ;; Received 488 bytes from 199.7.91.13#53(199.7.91.13) in 700 ms
    
    google.com.		172800	IN	NS	ns2.google.com.
    google.com.		172800	IN	NS	ns1.google.com.
    google.com.		172800	IN	NS	ns3.google.com.
    google.com.		172800	IN	NS	ns4.google.com.
    ;; Received 164 bytes from 192.43.172.30#53(192.43.172.30) in 139 ms
    
    google.com.		300	IN	A	216.58.200.206
    ;; Received 44 bytes from 216.239.32.10#53(216.239.32.10) in 59 ms
    

    +trace 옵션은 요청한 도메인의 대한 전과정을 추적한 결과를 보여주는 옵션입니다.



    MX 레코드 확인


    명령어 : dig mx google.com


    [root@web ~]# dig  mx google.com 
    
    ; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.4 <<>> mx google.com
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45386
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 4, ADDITIONAL: 13
    
    ;; QUESTION SECTION:
    ;google.com.			IN	MX
    
    ;; ANSWER SECTION:
    google.com.		5	IN	MX	20 alt1.aspmx.l.google.com.
    google.com.		5	IN	MX	50 alt4.aspmx.l.google.com.
    google.com.		5	IN	MX	30 alt2.aspmx.l.google.com.
    google.com.		5	IN	MX	40 alt3.aspmx.l.google.com.
    google.com.		5	IN	MX	10 aspmx.l.google.com.
    
    ;; AUTHORITY SECTION:
    google.com.		5	IN	NS	ns2.google.com.
    google.com.		5	IN	NS	ns4.google.com.
    google.com.		5	IN	NS	ns3.google.com.
    google.com.		5	IN	NS	ns1.google.com.
    
    ;; ADDITIONAL SECTION:
    ASPMX.l.google.com.	5	IN	A	74.125.203.26
    alt1.ASPMX.l.google.com. 5	IN	A	74.125.30.27
    alt2.ASPMX.l.google.com. 5	IN	A	173.194.193.26
    ALT3.ASPMX.l.google.com. 5	IN	A	173.194.219.27
    ALT4.ASPMX.l.google.com. 5	IN	A	173.194.68.27
    ns1.google.com.		5	IN	A	216.239.32.10
    ns2.google.com.		5	IN	A	216.239.34.10
    ns3.google.com.		5	IN	A	216.239.36.10
    ns4.google.com.		5	IN	A	216.239.38.10
    ASPMX.l.google.com.	5	IN	AAAA	2404:6800:4008:c07::1b
    alt1.ASPMX.l.google.com. 5	IN	AAAA	2607:f8b0:4003:c03::1b
    alt2.ASPMX.l.google.com. 5	IN	AAAA	2607:f8b0:4001:c0f::1a
    ALT3.ASPMX.l.google.com. 5	IN	AAAA	2607:f8b0:4002:c03::1a
    
    ;; Query time: 66 msec
    ;; SERVER: 192.168.59.2#53(192.168.59.2)
    ;; WHEN: Tue Mar 14 03:10:32 2017
    ;; MSG SIZE  rcvd: 490
    

    mx 옵션은 mx(메일레코드)가 잘설정이 되었는지 확인할수 있는 옵션입니다.

    Posted by 서버이야기