為什麼dig工作正常,但直接挖掘我的NetGear路由器卻不行(同時首先也去它,因為它是我的DNS,NetGear本身已8.8.8.8設置為prim dns)。我的 NetGear 在 LAN 上有 IP 192.168.1.1。這裡我附上了完整的場景。我對幀的分析顯示,在我看來,兩個請求都透過 UDP 上的192.168.1.1連接埠傳送到路由器 NetGear 。53在其他方面沒有什麼不同,不是嗎?請幫忙。
除了不同的幀數和其他明顯的差異之外,我可以觀察到的唯一差異是
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
存在於 OK 幀中,但在失敗的資料包中缺少它(失敗 - 我的意思是 192.168.1.1 根本沒有回應)
dig cf16.eu
; <<>> DiG 9.9.2-P2 <<>> cf16.eu
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24482
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;cf16.eu. IN A
;; ANSWER SECTION:
cf16.eu. 3600 IN A 89.75.41.50
;; Query time: 10 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: Wed May 8 17:47:05 2013
;; MSG SIZE rcvd: 52
但:
dig @192.168.1.1 cf16.eu
; <<>> DiG 9.9.2-P2 <<>> @192.168.1.1 cf16.eu
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
Wireshark封包:dig cf16.eu [確定]
No. Time Source Destination Protocol Length Info
340 4.775113000 192.168.1.3 192.168.1.1 DNS 78 Standard query 0x5fa2 A cf16.eu
Frame 340: 78 bytes on wire (624 bits), 78 bytes captured (624 bits) on interface 0
Interface id: 0
WTAP_ENCAP: 1
Arrival Time: May 8, 2013 17:47:04.131360000 CEST
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1368028024.131360000 seconds
[Time delta from previous captured frame: 0.005265000 seconds]
[Time delta from previous displayed frame: 0.005265000 seconds]
[Time since reference or first frame: 4.775113000 seconds]
Frame Number: 340
Frame Length: 78 bytes (624 bits)
Capture Length: 78 bytes (624 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ip:udp:dns]
[Coloring Rule Name: UDP]
[Coloring Rule String: udp]
Ethernet II, Src: Micro-St_4b:47:dc (d4:3d:7e:4b:47:dc), Dst: Netgear_bb:b7:2c (00:1b:2f:bb:b7:2c)
Destination: Netgear_bb:b7:2c (00:1b:2f:bb:b7:2c)
Address: Netgear_bb:b7:2c (00:1b:2f:bb:b7:2c)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Source: Micro-St_4b:47:dc (d4:3d:7e:4b:47:dc)
Address: Micro-St_4b:47:dc (d4:3d:7e:4b:47:dc)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Type: IP (0x0800)
Internet Protocol Version 4, Src: 192.168.1.3 (192.168.1.3), Dst: 192.168.1.1 (192.168.1.1)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
Total Length: 64
Identification: 0xf650 (63056)
Flags: 0x00
0... .... = Reserved bit: Not set
.0.. .... = Don't fragment: Not set
..0. .... = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: UDP (17)
Header checksum: 0x0108 [correct]
[Good: True]
[Bad: False]
Source: 192.168.1.3 (192.168.1.3)
Destination: 192.168.1.1 (192.168.1.1)
[Source GeoIP: Unknown]
[Destination GeoIP: Unknown]
User Datagram Protocol, Src Port: 47841 (47841), Dst Port: domain (53)
Source port: 47841 (47841)
Destination port: domain (53)
Length: 44
Checksum: 0x4831 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Domain Name System (query)
Transaction ID: 0x5fa2
Flags: 0x0120 Standard query
0... .... .... .... = Response: Message is a query
.000 0... .... .... = Opcode: Standard query (0)
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... .0.. .... = Z: reserved (0)
.... .... ..1. .... = AD bit: Set
[Expert Info (Warn/Security): AD bit set in DNS Query]
[Message: AD bit set in DNS Query]
[Severity level: Warn]
[Group: Security]
.... .... ...0 .... = Non-authenticated data: Unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 1
Queries
cf16.eu: type A, class IN
Name: cf16.eu
Type: A (Host address)
Class: IN (0x0001)
Additional records
<Root>: type OPT
Name: <Root>
Type: OPT (EDNS0 option)
UDP payload size: 4096
Higher bits in extended RCODE: 0x0
EDNS0 version: 0
Z: 0x0
Data length: 0
挖掘 192.168.1.1 cf16.eu [失敗]
No. Time Source Destination Protocol Length Info
603 7.972662000 192.168.1.3 192.168.1.1 DNS 78 Standard query 0xc755 A cf16.eu
Frame 603: 78 bytes on wire (624 bits), 78 bytes captured (624 bits) on interface 0
Interface id: 0
WTAP_ENCAP: 1
Arrival Time: May 8, 2013 17:49:36.816366000 CEST
[Time shift for this packet: 0.000000000 seconds]
Epoch Time: 1368028176.816366000 seconds
[Time delta from previous captured frame: 0.402535000 seconds]
[Time delta from previous displayed frame: 0.402535000 seconds]
[Time since reference or first frame: 7.972662000 seconds]
Frame Number: 603
Frame Length: 78 bytes (624 bits)
Capture Length: 78 bytes (624 bits)
[Frame is marked: False]
[Frame is ignored: False]
[Protocols in frame: eth:ip:udp:dns]
Ethernet II, Src: Micro-St_4b:47:dc (d4:3d:7e:4b:47:dc), Dst: Netgear_bb:b7:2c (00:1b:2f:bb:b7:2c)
Destination: Netgear_bb:b7:2c (00:1b:2f:bb:b7:2c)
Address: Netgear_bb:b7:2c (00:1b:2f:bb:b7:2c)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Source: Micro-St_4b:47:dc (d4:3d:7e:4b:47:dc)
Address: Micro-St_4b:47:dc (d4:3d:7e:4b:47:dc)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
Type: IP (0x0800)
Internet Protocol Version 4, Src: 192.168.1.3 (192.168.1.3), Dst: 192.168.1.1 (192.168.1.1)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00: Not-ECT (Not ECN-Capable Transport))
0000 00.. = Differentiated Services Codepoint: Default (0x00)
.... ..00 = Explicit Congestion Notification: Not-ECT (Not ECN-Capable Transport) (0x00)
Total Length: 64
Identification: 0xf651 (63057)
Flags: 0x00
0... .... = Reserved bit: Not set
.0.. .... = Don't fragment: Not set
..0. .... = More fragments: Not set
Fragment offset: 0
Time to live: 64
Protocol: UDP (17)
Header checksum: 0x0107 [correct]
[Good: True]
[Bad: False]
Source: 192.168.1.3 (192.168.1.3)
Destination: 192.168.1.1 (192.168.1.1)
[Source GeoIP: Unknown]
[Destination GeoIP: Unknown]
User Datagram Protocol, Src Port: 37226 (37226), Dst Port: domain (53)
Source port: 37226 (37226)
Destination port: domain (53)
Length: 44
Checksum: 0x09f5 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Domain Name System (query)
Transaction ID: 0xc755
Flags: 0x0120 Standard query
0... .... .... .... = Response: Message is a query
.000 0... .... .... = Opcode: Standard query (0)
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... .0.. .... = Z: reserved (0)
.... .... ..1. .... = AD bit: Set
[Expert Info (Warn/Security): AD bit set in DNS Query]
[Message: AD bit set in DNS Query]
[Severity level: Warn]
[Group: Security]
.... .... ...0 .... = Non-authenticated data: Unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 1
Queries
cf16.eu: type A, class IN
Name: cf16.eu
Type: A (Host address)
Class: IN (0x0001)
Additional records
<Root>: type OPT
Name: <Root>
Type: OPT (EDNS0 option)
UDP payload size: 4096
Higher bits in extended RCODE: 0x0
EDNS0 version: 0
Z: 0x0
Data length: 0
答案1
在這種情況下,您的路由器充當本機請求的 DNS 伺服器並充當未知位址的轉發器,在 8.8.8.8 伺服器上進行查詢,處理回應,然後發回指示結果的封包。如果您在沒有伺服器引用的情況下使用 dig,它將使用根區域進行解析,並且您的路由器會將查找轉發到根伺服器進行解析。
當您在 dig 中指定伺服器時,您通常會嘗試確定剛剛建立/匯入的區域是否在此伺服器上正常運作,因此不允許發生轉發,否則會隱藏您指定的伺服器上的潛在故障嘗試測試。您不是說“給我有關此網域的信息”,而是“給我該特定伺服器有關此網域的資訊”。
由於有問題的網域並不位於路由器上實際存在的區域中,因此您不會得到任何回應。
在這裡查看更多: http://en.wikipedia.org/wiki/Dig_%28command%29
當命令呼叫中未指定特定名稱伺服器時,它將使用作業系統預設解析器,通常透過 resolv.conf 檔案進行設定。不含任何參數,它會查詢 DNS 根區域。