หน้าเว็บ

วันพฤหัสบดีที่ 23 พฤษภาคม พ.ศ. 2556

การตรวจสอบ DNS Server เบื้องต้น

คำสั่ง
nslookup
server   <IP DNS Server ที่ต้องการตรวจสอบ>
set type=any                  ; ตรวจสอบข้อมูล zone file
set type=mx                   ; ตรวจสอบข้อมูล ที่ชี้ไป mail server



รายละเอียดความหมายต่างๆ

DNS Resource Records

The rest of the records in a zone file are usually BIND resource records. They define the nature of the DNS information in your zone files that's presented to querying DNS clients. They all have the general format:
Name    Class    Type    Data
There are different types of records for mail (MX), forward lookups (A), reverse lookups (PTR), aliases (CNAME) and overall zone definitions, Start of Authority (SOA). The data portion is formatted according to the record type and may consist of several values separated by spaces. Similarly, the name is also subject to interpretation based on this factor.

The SOA Record

The first resource record is the Start of Authority (SOA) record, which contains general administrative and control information about the domain. It has the format:
Name Class Type Name-Server Email-Address Serial-No Refresh Retry Expiry Minimum-TTL
The record can be long, and will sometimes wrap around on your screen. For the sake of formatting, you can insert new line characters between the fields as long as you insert parenthesis at the beginning and end of the insertion to alert BIND that part of the record will straddle multiple lines. You can also add comments to the end of each new line separated by a semicolon when you do this. Here is an example:
@       IN      SOA     ns1.my-site.com. hostmaster.my-site.com. (
                       2004100801      ; serial #
                       4H              ; refresh
                       1H              ; retry
                       1W              ; expiry
                       1D )            ; minimum
Table 18.4 explains what each field in the record means.

Table 18.4 The SOA Record Format

Field Description
Name The root name of the zone. The “@” sign is a shorthand reference to the current origin (zone) in the /etc/named.conf file for that particular database file.
Class There are a number of different DNS classes. Home/SOHO will be limited to the IN or Internet class used when defining IP address mapping information for BIND. Other classes exist for non Internet protocols and functions but are very rarely used.
Type The type of DNS resource record. In the example, this is an SOA resource record. Other types of records exist, which I’ll cover later.
Name-server Fully qualified name of your primary name server. Must be followed by a period.
Email-address The e-mail address of the name server administrator. The regular @ in the e-mail address must be replaced with a period instead. The e-mail address must also be followed by a period.
Serial-no A serial number for the current configuration. You can use the date format YYYYMMDD with an incremented single digit number tagged to the end. This will allow you to do multiple edits each day with a serial number that both increments and reflects the date on which the change was made.
Refresh Tells the slave DNS server how often it should check the master DNS server. Slaves aren’t usually used in home / SOHO environments.
Retry The slave’s retry interval to connect the master in the event of a connection failure. Slaves aren’t usually used in home / SOHO environments.
Expiry Total amount of time a slave should retry to contact the master before expiring the data it contains. Future references will be directed towards the root servers. Slaves aren’t usually used in home/SOHO environments.
Minimum-TTL There are times when remote clients will make queries for subdomains that don’t exist. Your DNS server will respond with a no domain or NXDOMAIN response that the remote client caches. This value defines the caching duration your DNS includes in this response.
So in the example, the primary name server is defined as ns1.my-site.com with a contact e-mail address of hostmaster@my-site.com. The serial number is 2004100801 with refresh, retry, expiry, and minimum values of 4 hours, 1 hour, 1 week, and 1 day, respectively.

NS, MX, A And CNAME Records

Like the SOA record, the NS, MX, A, PTR and CNAME records each occupy a single line with a very similar general format. Table 18.5 outlines the way they are laid out.

Table 18.5 NS, MX, A, PTR and CNAME Record Formats

Record Type Name Field Class Field2 Type Field Data Field
NS Usually blank1 IN NS IP address or CNAME of the name server
MX Domain to be used for mail. Usually the same as the domain of the zone file itself. IN MX Mail server DNS name
A Name of a server in the domain IN A IP address of server
CNAME Server name alias IN CNAME "A" record name for the server
PTR Last octet of server’s IP address IN PTR Fully qualified server name
  1. If the search key to a DNS resource record is blank it reuses the search key from the previous record which in this case of is the SOA @ sign.
  2. For most home / SOHO scenarios, the Class field will always be IN or Internet. You should also be aware that IN is the default Class, and BIND will assume a record is of this type unless otherwise stated.
If you don't put a period at the end of a host name in a SOA, NS, A, or CNAME record, BIND will automatically tack on the zone file's domain name to the name of the host. So, BIND assumes an A record with www refers to www.my-site.com. This may be acceptable in most cases, but if you forget to put the period after the domain in the MX record for my-site.com, BIND attaches the my-site.com at the end, and you will find your mail server accepting mail only for the domain my-site.com.mysite.com.