DNS NS 记录未显示在 nslookup 中

DNS NS 记录未显示在 nslookup 中

我有一个域名(使用 Namecheap)。我为子域添加了 4 条 NS 记录,并将它们指向 AWS Route 53。一切正常。

当我执行 nslookup 时,无论使用什么工具,我都看不到我添加的 NS 记录在响应中返回。这是正常的吗?

在此处输入图片描述 在此处输入图片描述

答案1

您也可以公开域名;只需不到一分钟的侦察就能找到它。

从这里来看,两者的记录似乎都很好……

  • 带痕迹的 DiG

     $ dig alt.*********r.com. NS @8.8.8.8 +trace
    
     ; OMITTED . AND com. LEVELS
    
     *********r.com.         172800  IN      NS      dns1.registrar-servers.com.
     *********r.com.         172800  IN      NS      dns2.registrar-servers.com.
     ; OMITTED NSEC3 & RRSIG RECORDS
     ;; Received 740 bytes from 2001:503:a83e::2:30#53(a.gtld-servers.net) in 36 ms
    
     alt.*********r.com.     300     IN      NS      ns-1204.awsdns-22.org.
     alt.*********r.com.     300     IN      NS      ns-190.awsdns-23.com.
     alt.*********r.com.     300     IN      NS      ns-2015.awsdns-59.co.uk.
     alt.*********r.com.     300     IN      NS      ns-666.awsdns-19.net.
     ;; Received 184 bytes from 2610:a1:1025::200#53(dns2.registrar-servers.com) in 24 ms
    
     alt.*********r.com.     300     IN      NS      ns-1204.awsdns-22.org.
     alt.*********r.com.     300     IN      NS      ns-190.awsdns-23.com.
     alt.*********r.com.     300     IN      NS      ns-2015.awsdns-59.co.uk.
     alt.*********r.com.     300     IN      NS      ns-666.awsdns-19.net.
     ;; Received 184 bytes from 2600:9000:5302:9a00::1#53(ns-666.awsdns-19.net) in 20 ms
    
  • 查找工具

     > nslookup -querytype=NS alt.*********r.com 8.8.8.8
     Server:  dns.google
     Address:  8.8.8.8
    
     Non-authoritative answer:
     alt.*********r.com      nameserver = ns-1204.awsdns-22.org
     alt.*********r.com      nameserver = ns-190.awsdns-23.com
     alt.*********r.com      nameserver = ns-2015.awsdns-59.co.uk
     alt.*********r.com      nameserver = ns-666.awsdns-19.net
    

从截图来看你查询的是 的记录,ANY *********r.com而不是其子域名的记录alt.*********r.com。当然,这不会给你NS子域名的记录。

了解两者之间的区别

>nslookup -querytype=ANY *********r.com 8.8.8.8
Server:  dns.google
Address:  8.8.8.8

Non-authoritative answer:
*********r.com
        primary name server = dns1.registrar-servers.com
        responsible mail addr = hostmaster.registrar-servers.com
        serial  = 1593846211
        refresh = 43200 (12 hours)
        retry   = 3600 (1 hour)
        expire  = 604800 (7 days)
        default TTL = 3601 (1 hour 1 sec)
*********r.com  nameserver = dns1.registrar-servers.com
*********r.com  nameserver = dns2.registrar-servers.com
*********r.com  MX preference = 1, mail exchanger = aspmx.l.google.com
*********r.com  MX preference = 10, mail exchanger = aspmx2.googlemail.com
*********r.com  MX preference = 10, mail exchanger = aspmx3.googlemail.com
*********r.com  MX preference = 5, mail exchanger = alt1.aspmx.l.google.com
*********r.com  MX preference = 5, mail exchanger = alt2.aspmx.l.google.com
*********r.com  text =

        "v=spf1 include:_spf.google.com ~all"
*********r.com  internet address = 198.185.159.144
*********r.com  internet address = 198.49.23.145
*********r.com  internet address = 198.185.159.145
*********r.com  internet address = 198.49.23.144

和(尽管你真的应该使用-querytype=NS而不是ANYRFC 8482

>nslookup -querytype=ANY alt.*********r.com 8.8.8.8
Server:  dns.google
Address:  8.8.8.8

Non-authoritative answer:
alt.*********r.com      internet address = 205.251.219.115
alt.*********r.com      internet address = 205.251.219.98
alt.*********r.com      internet address = 205.251.219.122
alt.*********r.com      internet address = 205.251.219.2
alt.*********r.com      nameserver = ns-1204.awsdns-22.org
alt.*********r.com      nameserver = ns-190.awsdns-23.com
alt.*********r.com      nameserver = ns-2015.awsdns-59.co.uk
alt.*********r.com      nameserver = ns-666.awsdns-19.net
alt.*********r.com
        primary name server = ns-190.awsdns-23.com
        responsible mail addr = awsdns-hostmaster.amazon.com
        serial  = 1
        refresh = 7200 (2 hours)
        retry   = 900 (15 mins)
        expire  = 1209600 (14 days)
        default TTL = 86400 (1 day)

相关内容