nslookup
nslookup can be used to query the ip for the speicific domain
$nslookup ec2-54-250-240-85.ap-northeast-1.compute.amazonaws.com
Server: 4.2.2.1
Address: 4.2.2.1#53
Non-authoritative answer:
Name: ec2-54-250-240-85.ap-northeast-1.compute.amazonaws.com
Address: 54.250.240.85Non-authoritative annswer means this is queried against local dns cache.
Dig
dig is used more often since it can provide more details
$dig ec2-54-250-240-85.ap-northeast-1.compute.amazonaws.com
; <<>> DiG 9.16.37-Debian <<>> ec2-54-250-240-85.ap-northeast-1.compute.amazonaws.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40257
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;ec2-54-250-240-85.ap-northeast-1.compute.amazonaws.com. IN A
;; ANSWER SECTION:
ec2-54-250-240-85.ap-northeast-1.compute.amazonaws.com. 86179 IN A 54.250.240.85
;; Query time: 32 msec
;; SERVER: 4.2.2.1#53(4.2.2.1)
;; WHEN: Sun Jan 07 08:42:03 UTC 2024
;; MSG SIZE rcvd: 99The HEADER section is the information received from server.
The Question section is the information sent to the dns server
The Query time section which is also STATISTICS section shows metadata about the query. In which, SERVER is the IP address and port of the responding DNS server . And if its loopback address, it means there is dns address translate settings locally.
The ANSWER section is the answer we care about, it means domain has a ttl of 86179, and after that dns cache will be updated. and then IN means its internet A-type dns record, 54 is the ip its got resolved to. The SERVER in the query section is the DNS server this result is gotten from, which is the dns server address, we can specify it by @ params
$dig @119.29.29.29 ec2-54-250-240-85.ap-northeast-1.compute.amazonaws.com
; <<>> DiG 9.16.37-Debian <<>> @114.114.114.114 ec2-54-250-240-85.ap-northeast-1.compute.amazonaws.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 58069
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;ec2-54-250-240-85.ap-northeast-1.compute.amazonaws.com. IN A
;; ANSWER SECTION:
ec2-54-250-240-85.ap-northeast-1.compute.amazonaws.com. 1550 IN A 54.250.240.85
;; Query time: 200 msec
;; SERVER: 114.114.114.114#53(114.114.114.114)
;; WHEN: Sun Jan 07 08:44:27 UTC 2024
;; MSG SIZE rcvd: 99the @<ip> args specifies the dns server used to resolve the query domain
dig can also perform reverse dns resolve by -x option like below
$dig -x 54.250.240.85
; <<>> DiG 9.16.37-Debian <<>> -x 54.250.240.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36795
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;85.240.250.54.in-addr.arpa. IN PTR
;; ANSWER SECTION:
85.240.250.54.in-addr.arpa. 300 IN PTR ec2-54-250-240-85.ap-northeast-1.compute.amazonaws.com.
;; Query time: 120 msec
;; SERVER: 4.2.2.1#53(4.2.2.1)
;; WHEN: Sun Jan 07 08:46:14 UTC 2024
;; MSG SIZE rcvd: 123if you think the answer is too complicated, you can add +noall +answer to the cmd to access detailed information in the answers section
$dig -x 54.250.240.85 +noall +answer
85.240.250.54.in-addr.arpa. 300 IN PTR ec2-54-250-240-85.ap-northeast-1.compute.amazonaws.com.There are other params like +trace providing the trace information about the query.
traceroute
this uses ICMP to get the route from the sender to the receiver
traceroute ec2-54-250-240-85.ap-northeast-1.compute.amazonaws.com
traceroute to ec2-54-250-240-85.ap-northeast-1.compute.amazonaws.com (54.250.240.85), 30 hops max, 60 byte packets
1 10.0.2.2 (10.0.2.2) 0.132 ms 0.098 ms 0.057 ms
2 * * *
...
30 * * *By default it will be 30 hops. The * means the router didn’t send back the response therefore cannot determine the router information about that hop. the 10.0.2.2 means the router adress.
Leave a Reply