DNS域名解析投诉方面的处理案例-201102

2017-03-27
6140

几个域名解析投诉处理过程鉴于dig 工具在DNS 解析过程的良好的能力,请大家使用dig 。1、 域名无法解析的投诉的处理过程:1) 在省网、集团、google 的DNS 上进行解析测试。--此步骤

几个域名解析投诉处理过程

鉴于dig 工具在DNS 解析过程的良好的能力,请大家使用dig 。

1、 域名无法解析的投诉的处理过程:

1) 在省网、集团、google 的DNS 上进行解析测试。--此步骤是初步判断是我省DNS 问

题还是共性问题。

省网DNS(211.140.13.188)

C:Documents and Settings�ministrator>dig @211.140.13.188 www.eglihtom.cn

; <<>>DiG 9.3.2 <<>> @211.140.13.188 www.eglihtom.cn

; (1 server found)

;; global options: printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1865

---NXDOMAIN 即没有该域名

;; flags: qrrdra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION: ----PC机发送的内容

;www.eglihtom.cn. IN A

---------查询www.eglihtom.cn 域名的A 记录。所谓A 记录即是IPV4下面域名对应的IP 地址。如果是IPV6,则显示为AAAA

;; AUTHORITY SECTION:---授权域应答部分

cn. 1 IN SOA a.dns.cn. root.cnnic.cn. 2011492

305 7200 3600 2419200 21600

----以上为授权域的应答,从这个应答看,没有eglihtom.cn 域,仅找到cn 域。 ;; Query time: 62 msec

;; SERVER: 211.140.13.188#53(211.140.13.188)

;; WHEN: Fri Feb 18 13:20:55 2011

;; MSG SIZE rcvd: 86

集团DNS (211.136.17.107)

C:Documents and Settings�ministrator>dig @211.136.17.107 www.eglihtom.cn

; <<>>DiG 9.3.2 <<>> @211.136.17.107 www.eglihtom.cn

; (1 server found)

;; global options: printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1683

;; flags: qrrdra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;;QUESTION SECTION:

;www.eglihtom.cn. IN A

;; AUTHORITY SECTION:

,

cn. 2371 IN SOA a.dns.cn. root.cnnic.cn. 2011492

272 7200 3600 2419200 21600

;; Query time: 46 msec

;; SERVER: 211.136.17.107#53(211.136.17.107)

;; WHEN: Fri Feb 18 13:21:45 2011 ;; MSG SIZE rcvd: 86

GooleDNS (8.8.8.8)

C:Documents and Settings�ministrator>dig @8.8.8.8 www.eglihtom.cn

; <<>>DiG 9.3.2 <<>> @8.8.8.8 www.eglihtom.cn

; (1 server found)

;; global options: printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1274

;; flags: qrrdra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;;QUESTION SECTION:

;www.eglihtom.cn. IN A

;;AUTHORITY SECTION:

cn. 1795 IN SOA a.dns.cn. root.cnnic.cn. 2011492

283 7200 3600 2419200 21600

;; Query time: 93 msec

;; SERVER: 8.8.8.8#53(8.8.8.8)

;; WHEN: Fri Feb 18 13:08:47 2011 ;; MSG SIZE rcvd: 86

从以上测试,可以看到www.eglihtom.cn 在三个域名服务器上解析,均得到域名不存在的应答。从这里基本可以判断该问题不是省网DNS 服务器的问题。

2) 在省网DNS 上进行跟踪测试。--此步骤为跟踪域名解析的整体过程,了解问题存在

的环节。

C:Documents and Settings�ministrator>dig @211.140.13.188 www.eglihtom.cn tra ce

---跟踪域名解析过程的命令,该命令送出后,会返回域名解析的整个过程。 ; <<>>DiG 9.3.2 <<>> @211.140.13.188 www.eglihtom.cn trace

; (1 server found)

;; global options: printcmd

. 3600000 IN NS D.ROOT-SERVERS.NET.

. 3600000 IN NS J.ROOT-SERVERS.NET.

. 3600000 IN NS E.ROOT-SERVERS.NET .

. 3600000 IN NS B.ROOT-SERVERS.NET .

,

. 3600000 IN NS K.ROOT-SERVERS.NET.

. 3600000 IN NS H.ROOT-SERVERS.NET .

. 3600000 IN NS G.ROOT-SERVERS.NET .

. 3600000 IN NS A.ROOT-SERVERS.NET.

. 3600000 IN NS I.ROOT-SERVERS.NET .

. 3600000 IN NS F.ROOT-SERVERS.NET.

. 3600000 IN NS L.ROOT-SERVERS.NET .

. 3600000 IN NS M.ROOT-SERVERS.NET.

. 3600000 IN NS C.ROOT-SERVERS.NET . ;; Received 244 bytes from 211.140.13.188#53(211.140.13.188) in 15 ms

---以上返回为根服务器(即dot ),任何一个域名的查询均从根开始。

cn. 172800 IN NS c.dns.cn.

cn. 172800 IN NS b.dns.cn.

cn. 172800 IN NS e.dns.cn.

cn. 172800 IN NS ns.cernet.net.

cn. 172800 IN NS a.dns.cn.

cn. 172800 IN NS d.dns.cn. ;; Received 296 bytes from 192.58.128.30#53(J.ROOT-SERVERS.NET) in 78 ms

--以上返回cn. 的NS 记录

cn. 21600 IN SOA a.dns.cn. root.cnnic.cn. 2011492 332 7200 3600 2419200 21600

--以上为cn. 的SOA 参数。 ;; Received 86 bytes from 203.119.27.1#53(c.dns.cn) in 46 ms

---结束。大家可以查看一个任何正常的域名,如果www.eglihtom.cn 存在,则下一步必然然后eglihtom.cn 域,而此时没有返回,基本可以断定不存在该域名。

在跟踪 www.eglihtom.cn 域名的解析过程中,在递归查询中,有如下提示

;; Received 296 bytes from 198.41.0.4#53(a.root-servers.net) in 281 ms cn. 21600 IN SOA a.dns.cn. root.cnnic.cn. 2011492 286 7200 3600 2419200 21600

;; Received 86 bytes from 203.119.28.1#53(d.dns.cn) in 125 ms

从这个反馈的信息看,递归解析中仅找到cn. 而没有找到eglihtom.cn. ,可以判断该域不存在;

2),在随便哪个域名注册网页(比如http://www.cndns.com/cn/domain/)对该域名进行查询,提示可以注册,说明在当前的注册数据库中,根本不存在www.eglihtom.cn 域名,故无法解析。---该步骤为核实。

2、 ksoa.tec.com.cn 域名无法解析处理说明。

1) 一般性情况确认。

省网DNS 情况确认

C:Documents and Settings�ministrator>dig @211.140.13.188 ksoa.tec.com.cn

; <<>>DiG 9.3.2 <<>> @211.140.13.188 ksoa.tec.com.cn

; (1 server found)

;; global options: printcmd

;; Got answer:

,

;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 42

;; flags: qrrdra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:

;ksoa.tec.com.cn. IN A

---查询ksoa.tec.com.cn 的A 记录 ;; AUTHORITY SECTION:

tec.com.cn. 1 IN SOA .hostmaster.nameserver. 44 2880

0 7200 604800 5

--返回找到tec.com.cn. 域

;; Query time: 250 msec

;; SERVER: 211.140.13.188#53(211.140.13.188)

;; WHEN: Fri Feb 18 13:39:16 2011

;; MSG SIZE rcvd: 89

集团DNS 情况确认

C:Documents and Settings�ministrator>dig @211.136.17.107 ksoa.tec.com.cn

; <<>>DiG 9.3.2 <<>> @211.136.17.107 ksoa.tec.com.cn

; (1 server found)

;; global options: printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 494

;; flags: qrrdra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:

;ksoa.tec.com.cn. IN A

;; AUTHORITY SECTION:

tec.com.cn. 3600 IN SOA .hostmaster.nameserver. 44 2880

0 7200 604800 5

;; Query time: 187 msec

;; SERVER: 211.136.17.107#53(211.136.17.107)

;; WHEN: Fri Feb 18 13:41:54 2011

;; MSG SIZE rcvd: 89

Google DNS情况确认

C:Documents and Settings�ministrator>dig @8.8.8.8 ksoa.tec.com.cn

; <<>>DiG 9.3.2 <<>> @8.8.8.8 ksoa.tec.com.cn

; (1 server found)

;; global options: printcmd

;; Got answer:

,

;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1182

;; flags: qrrdra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:

;ksoa.tec.com.cn. IN A

;; AUTHORITY SECTION:

tec.com.cn. 1800 IN SOA .hostmaster.nameserver. 44 2880

0 7200 604800 5

;; Query time: 218 msec

;; SERVER: 8.8.8.8#53(8.8.8.8)

;; WHEN: Fri Feb 18 13:42:39 2011

;; MSG SIZE rcvd: 89

2) 跟踪解析过程 C:Documents and Settings�ministrator>dig @211.140.13.188 ksoa.tec.com.cn trace

; <<>>DiG 9.3.2 <<>> @211.140.13.188 ksoa.tec.com.cn trace

; (1 server found)

;; global options: printcmd

. 3600000 IN NS D.ROOT-SERVERS.NET. . 3600000 IN NS G.ROOT-SERVERS.NET . . 3600000 IN NS K.ROOT-SERVERS.NET. . 3600000 IN NS I.ROOT-SERVERS.NET . . 3600000 IN NS L.ROOT-SERVERS.NET . . 3600000 IN NS A.ROOT-SERVERS.NET. . 3600000 IN NS H.ROOT-SERVERS.NET . . 3600000 IN NS J.ROOT-SERVERS.NET. . 3600000 IN NS C.ROOT-SERVERS.NET . . 3600000 IN NS B.ROOT-SERVERS.NET . . 3600000 IN NS F.ROOT-SERVERS.NET. . 3600000 IN NS E.ROOT-SERVERS.NET . . 3600000 IN NS M.ROOT-SERVERS.NET. ;; Received 228 bytes from 211.140.13.188#53(211.140.13.188) in 31 ms

cn.172800 IN NS e.dns.cn.

cn. 172800 IN NS b.dns.cn.

cn. 172800 IN NS a.dns.cn.

cn. 172800 IN NS ns.cernet.net. cn. 172800 IN NS d.dns.cn.

cn. 172800 IN NS c.dns.cn.

,

;; Received 296 bytes from 128.8.10.90#53(D.ROOT-SERVERS.NET) in 250 ms

tec.com.cn. 21600 IN NS ns1.dns-diy.com.

tec.com.cn. 21600 IN NS ns2.dns-diy.com.

--可以看到tec.com.cn. 的NS 记录为ns1.dns-diy.com,ns2.dns-diy.com ,即tec.com.cn 域的授权DNS 为ns1.dns-diy.com 和ns2.dns-diy.com

;; Received 80 bytes from 203.119.29.1#53(e.dns.cn) in 46 ms

tec.com.cn. 3600 IN SOA .hostmaster.nameserver. 44 2880

0 7200 604800 5

;; Received 89 bytes from 218.85.139.33#53(ns1.dns-diy.com) in 93 ms

以上过程可以看到,我们省网DNS 已经找到了tec.com.cn 的授权DNS ,但是授权DNS 返回NXDOMAIN 信息给我们。那么基本可以断定是授权DNS 配置出问题。

3) 核实

C:Documents and Settings�ministrator>dig @211.140.13.188 ns1.dns-diy.cn

; <<>>DiG 9.3.2 <<>> @211.140.13.188 ns1.dns-diy.cn

; (1 server found)

;; global options: printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 642

;; flags: qrrdra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:

;ns1.dns-diy.cn. IN A

;; AUTHORITY SECTION:

dns-diy.cn. 1 IN SOA . hostmaster.nameserver. 5 28800

7200 604800 5

;; Query time: 140 msec

;; SERVER: 211.140.13.188#53(211.140.13.188)

;; WHEN: Fri Feb 18 13:48:18 2011

;; MSG SIZE rcvd: 88

C:Documents and Settings�ministrator>dig @211.140.13.188 ns2.dns-diy.cn

; <<>>DiG 9.3.2 <<>> @211.140.13.188 ns2.dns-diy.cn

; (1 server found)

,

;; global options: printcmd ;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1977

;; flags: qrrdra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:

;ns2.dns-diy.cn. IN A

;; AUTHORITY SECTION:

dns-diy.cn. 1 IN SOA . hostmaster.nameserver. 5 28800

7200 604800 5

;; Query time: 125 msec

;; SERVER: 211.140.13.188#53(211.140.13.188)

;; WHEN: Fri Feb 18 13:48:29 2011

;; MSG SIZE rcvd: 88

---连授权域都找不到,比较晕。

跟踪授权域域名的解析过程。

C:Documents and Settings�ministrator>dig @211.140.13.188 ns2.dns-diy.cn trace

; <<>>DiG 9.3.2 <<>> @211.140.13.188 ns2.dns-diy.cn trace

; (1 server found)

;; global options: printcmd

. 3600000 IN NS D.ROOT-SERVERS.NET. . 3600000 IN NS G.ROOT-SERVERS.NET . . 3600000 IN NS K.ROOT-SERVERS.NET. . 3600000 IN NS I.ROOT-SERVERS.NET . . 3600000 IN NS L.ROOT-SERVERS.NET . . 3600000 IN NS A.ROOT-SERVERS.NET. . 3600000 IN NS H.ROOT-SERVERS.NET . . 3600000 IN NS J.ROOT-SERVERS.NET. . 3600000 IN NS C.ROOT-SERVERS.NET . . 3600000 IN NS B.ROOT-SERVERS.NET . . 3600000 IN NS F.ROOT-SERVERS.NET. . 3600000 IN NS E.ROOT-SERVERS.NET . . 3600000 IN NS M.ROOT-SERVERS.NET. ;; Received 228 bytes from 211.140.13.188#53(211.140.13.188) in 31 ms

cn. 172800 IN NS d.dns.cn.

cn. 172800 IN NS a.dns.cn.

cn. 172800 IN NS c.dns.cn.

,

cn. 172800 IN NS b.dns.cn.

cn. 172800 IN NS ns.cernet.net. cn. 172800 IN NS e.dns.cn.

;; Received 295 bytes from 128.8.10.90#53(D.ROOT-SERVERS.NET) in 265 ms

dns-diy.cn. 21600 IN NS ns2.dns-diy.com. dns-diy.cn. 21600 IN NS ns1.dns-diy.com. ;; Received 79 bytes from 203.119.25.1#53(a.dns.cn) in 140 ms

dns-diy.cn. 3600 IN SOA . hostmaster.nameserver. 5 28800

7200 604800 5

;; Received 88 bytes from 218.107.207.23#53(ns2.dns-diy.com) in 78 ms

---解析ns1.dns-diy.com

C:Documents and Settings�ministrator>dig @211.140.13.188 ns2.dns-diy.com

; <<>>DiG 9.3.2 <<>> @211.140.13.188 ns2.dns-diy.com

; (1 server found)

;; global options: printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 592

;; flags: qrrdra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:

;ns2.dns-diy.com. IN A

;; ANSWER SECTION:

ns2.dns-diy.com. 600 IN A 218.107.207.23 ns2.dns-diy.com. 600 IN A 218.5.74.111

--幸好,终于有能解析出IP 的域名了。

;; Query time: 31 msec

;; SERVER: 211.140.13.188#53(211.140.13.188)

;; WHEN: Fri Feb 18 13:50:21 2011

;; MSG SIZE rcvd: 65

---在ns2.dns-diy.cn 的授权域上解析该域

C:Documents and Settings�ministrator>dig @218.107.207.23 ns2.dns-diy.cn ---这个IP 就是上一步解析得到的IP

; <<>>DiG 9.3.2 <<>> @218.107.207.23 ns2.dns-diy.cn

; (1 server found)

;; global options: printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 112

;; flags: qraard; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

,

---好吧,现在可以确定是授权域直接给出NXDOMAIN 的问题,那么可以确定是授权域配置问题了。

;; QUESTION SECTION:

;ns2.dns-diy.cn. IN A

;; AUTHORITY SECTION:

dns-diy.cn. 3600 IN SOA . hostmaster.nameserver. 5 28800

7200 604800 5

;; Query time: 109 msec

;; SERVER: 218.107.207.23#53(218.107.207.23)

;; WHEN: Fri Feb 18 13:50:49 2011

;; MSG SIZE rcvd: 88

标签:

相关推荐

ps怎么将照片中的草地颜色变绿 ps画笔工具的草怎么弄出来? 2023-05-16 ppt页脚操作步骤 ppt页脚怎么放到左下角? 2023-05-16 cad里面粘贴到原坐标步骤 cad如何对应原坐标? 2023-05-16 nova4e手机设置免打扰在哪里 华为手机电话静音怎么才能让电话响? 2023-05-16 手机迅雷删除的链接哪里找 什么软件可以打开迅雷文件? 2023-05-16 支付宝怎么关闭手机账号转账模式 支付宝怎么关闭自动收款啊? 2023-05-16 微信上女人发二个小绿人啥意思 做快递员的你有何感受? 2023-05-16 怎样从电脑上下载歌曲到u盘免费 电脑酷我音乐怎么下到u盘? 2023-05-16