ping 和 nslookup 在名称解析方面有什么区别?

tag-icon tag-icon dns ping nslookup
ping 和 nslookup 在名称解析方面有什么区别?

我试图了解将主机名解析为 IP 地址时的nslookup行为差异。ping我的终端中的这个片段总结了我的困惑:

lllamnyp@lllamnyp:~/.ssh$ cat /etc/resolv.conf 
# Generated by NetworkManager
nameserver 192.168.221.131
nameserver 127.0.0.53


lllamnyp@lllamnyp:~/.ssh$ nslookup ingress-vpn.do.company.com
;; Got recursion not available from 192.168.221.131, trying next server
Server:     127.0.0.53
Address:    127.0.0.53#53

** server can't find ingress-vpn.do.company.com: NXDOMAIN


lllamnyp@lllamnyp:~/.ssh$ nslookup ingress-vpn.do.company.com 192.168.221.131
Server:     192.168.221.131
Address:    192.168.221.131#53

Name:   ingress-vpn.do.company.com
Address: 192.168.234.130


lllamnyp@lllamnyp:~/.ssh$ ping ingress-vpn.do.company.com
PING ingress-vpn.do.company.com (192.168.234.130) 56(84) bytes of data.
^C
--- ingress-vpn.do.company.com ping statistics ---

dig根据要求,这也是输出。有用:

lllamnyp@lllamnyp:~/.ssh$ dig ingress-vpn.do.company.com

; <<>> DiG 9.11.3-1ubuntu1.14-Ubuntu <<>> ingress-vpn.do.company.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55351
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: fcfdf62ef4bf6a33 (echoed)
;; QUESTION SECTION:
;ingress-vpn.do.company.com.        IN  A

;; ANSWER SECTION:
ingress-vpn.do.company.com. 30  IN  A   192.168.234.130

;; Query time: 161 msec
;; SERVER: 192.168.221.131#53(192.168.221.131)
;; WHEN: Wed Mar 10 12:10:14 MSK 2021
;; MSG SIZE  rcvd: 97

我观察到straceping 读取/etc/nsswitch.conf,而nslookup没有,但我不太熟悉它们的内部结构。

这是我的问题:

  • 如果问题是非递归服务器,为什么会nslookup <HOSTNAME>失败,但nslookup <HOSTNAME> <DNS_SERVER_IP>不会?
  • 如果问题是非递归服务器,如何ping成功解析 IP,何时nslookup无法解析?
  • 无论如何,递归与此有什么关系,当192.168.221.131 是权威域名服务器的 IP 地址do.company.com
  • ping从根本上来说,名称解析完成的 by和 by之间有什么区别nslookup

我运行的是 Ubuntu 18.04,192.168.221.131 的名称服务器是 CoreDNS 1.6。

额外细节:

令人难以置信的是,在终端的一个选项卡中执行 nslookup 并在另一个选项卡中观察 tcpdump 时,我看到了这一点:

查找:

$ nslookup ingress-vpn.do.company.com
;; Got recursion not available from 192.168.221.131, trying next server
Server:     127.0.0.53
Address:    127.0.0.53#53

** server can't find ingress-vpn.do.company.com: NXDOMAIN

TCP转储:

$ sudo tcpdump udp port 53 -i tun0 -n
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tun0, link-type RAW (Raw IP), capture size 262144 bytes
12:24:12.419836 IP 10.1.1.2.57886 > 192.168.221.131.53: 12557+ A? ingress-vpn.do.company.com. (38)
12:24:12.432512 IP 192.168.221.131.53 > 10.1.1.2.57886: 12557*- 1/0/0 A 192.168.234.130 (74)

ienslookup收到了正确的响应,但此时已经放弃了。

答案1

从根本上来说,通过 ping 和通过 nslookup 完成的名称解析有什么区别?

ping可以采用各种不同的方式来获取 IP 地址(全部在 中列出/etc/nsswitch.conf),同时nslookup只询问指定的名称服务器。

相关内容