服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 在NSLOOKUP中使用/不使用recursion的DNS查找
Intereting Posts
Ubuntu机器之间的帐户共享 SCCM如何检查已安装的软件版本? 如何在Fedora上更改Kerberos密码 使用生成树协议的networkingstreampath 我可以使用活动目录策略来安装所有更新并重新启动服务器吗? 我如何连接到一些旧的Sun服务器? 我应该如何分区一个虚拟的Windows 2008服务器用于SQL Server 2008? 24天内有1亿个MySQL查询? 有什么可能是错的? sql邮件和ssrs 发现负责为特定IP服务PTR的服务器? socat可以用来转发一个SSH代理套接字到一个chroot? 当主控从命令行运行时,在乘客作品下运行时,puppet主REST API返回403 如何将MySQL 5.6升级到MariaDB Memcached正在放缓在VirtualBox网站 bash +如何匹配包含字符和数字的string

在NSLOOKUP中使用/不使用recursion的DNS查找

我正在玩NSLOOKUP试图了解recursionDNS查找。 我正在查找一个虚假的主机名,我似乎得到相同的结果,无论我启用或禁用recursion。

recursion: 

nslookup Default Server: UnKnown Address: ::1 > set recurse > set debug > nytimes Server: UnKnown Address: ::1 ------------ Got answer: HEADER: opcode = QUERY, id = 2, rcode = NXDOMAIN header flags: response, auth. answer, want recursion, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0 QUESTIONS: nytimes.intranet.contoso.com, type = A, class = IN AUTHORITY RECORDS: -> intranet.contoso.com ttl = 3600 (1 hour) primary name server = DNSSERVER.intranet.contoso.com responsible mail addr = hostmaster.intranet.contoso.com serial = 10301 refresh = 900 (15 mins) retry = 600 (10 mins) expire = 86400 (1 day) default TTL = 3600 (1 hour) ------------ ------------ Got answer: HEADER: opcode = QUERY, id = 3, rcode = NXDOMAIN header flags: response, auth. answer, want recursion, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0 QUESTIONS: nytimes.intranet.contoso.com, type = AAAA, class = IN AUTHORITY RECORDS: -> intranet.contoso.com ttl = 3600 (1 hour) primary name server = DNSSERVER.intranet.contoso.com responsible mail addr = hostmaster.intranet.contoso.com serial = 10301 refresh = 900 (15 mins) retry = 600 (10 mins) expire = 86400 (1 day) default TTL = 3600 (1 hour) ------------ ------------ Got answer: HEADER: opcode = QUERY, id = 4, rcode = NOERROR header flags: response, want recursion, recursion avail. questions = 1, answers = 1, authority records = 0, additional = 0 QUESTIONS: nytimes.contoso.com, type = A, class = IN ANSWERS: -> nytimes.contoso.com internet address = 74.125.226.195 ttl = 1800 (30 mins) ------------ Non-authoritative answer: ------------ Got answer: HEADER: opcode = QUERY, id = 5, rcode = NOERROR header flags: response, want recursion, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0 QUESTIONS: nytimes.contoso.com, type = AAAA, class = IN AUTHORITY RECORDS: -> contoso.com ttl = 900 (15 mins) primary name server = dns01.gpn.register.com responsible mail addr = partnersupport.register.com serial = 2002050701 refresh = 10800 (3 hours) retry = 3600 (1 hour) expire = 604800 (7 days) default TTL = 3600 (1 hour) ------------ Name: nytimes.contoso.com Address: 74.125.226.195 >

没有recursion: 

 nslookup Default Server: UnKnown Address: ::1 > set norecurse > set debug > nytimes Server: UnKnown Address: ::1 ------------ Got answer: HEADER: opcode = QUERY, id = 2, rcode = NXDOMAIN header flags: response, auth. answer, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0 QUESTIONS: nytimes.intranet.contoso.com, type = A, class = IN AUTHORITY RECORDS: -> intranet.contoso.com ttl = 3600 (1 hour) primary name server = DNSSERVER.intranet.contoso.com responsible mail addr = hostmaster.intranet.contoso.com serial = 10301 refresh = 900 (15 mins) retry = 600 (10 mins) expire = 86400 (1 day) default TTL = 3600 (1 hour) ------------ ------------ Got answer: HEADER: opcode = QUERY, id = 3, rcode = NXDOMAIN header flags: response, auth. answer, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0 QUESTIONS: nytimes.intranet.contoso.com, type = AAAA, class = IN AUTHORITY RECORDS: -> intranet.contoso.com ttl = 3600 (1 hour) primary name server = DNSSERVER.intranet.contoso.com responsible mail addr = hostmaster.intranet.contoso.com serial = 10301 refresh = 900 (15 mins) retry = 600 (10 mins) expire = 86400 (1 day) default TTL = 3600 (1 hour) ------------ ------------ Got answer: HEADER: opcode = QUERY, id = 4, rcode = NOERROR header flags: response, recursion avail. questions = 1, answers = 1, authority records = 0, additional = 0 QUESTIONS: nytimes.contoso.com, type = A, class = IN ANSWERS: -> nytimes.contoso.com internet address = 74.125.226.195 ttl = 1526 (25 mins 26 secs) ------------ Non-authoritative answer: ------------ Got answer: HEADER: opcode = QUERY, id = 5, rcode = NOERROR header flags: response, recursion avail. questions = 1, answers = 0, authority records = 1, additional = 0 QUESTIONS: nytimes.contoso.com, type = AAAA, class = IN AUTHORITY RECORDS: -> contoso.com ttl = 626 (10 mins 26 secs) primary name server = dns01.gpn.register.com responsible mail addr = partnersupport.register.com serial = 2002050701 refresh = 10800 (3 hours) retry = 3600 (1 hour) expire = 604800 (7 days) default TTL = 3600 (1 hour) ------------ Name: nytimes.contoso.com Address: 74.125.226.195 >

它看起来像使用recursion,即使我把它设置为closures。 有趣的是,如果我查找指定4.2.2.2的伪造主机名作为DNS服务器,那么recursion设置确实生效。 任何人都知道这是为什么发生?

顺便说一句我清理主机名

除了愿意为您执行recursion之外,服务器在设置了norecurse时还会返回域的权威响应。 recursion标志是否设置无关紧要。

得到的答案:HEADER:头标志: 回应授权。 回答recursion有效。