我有一个域名(使用 Namecheap)。我为子域添加了 4 条 NS 记录,并将它们指向 AWS Route 53。一切正常。
当我执行 nslookup 时,无论使用什么工具,我都看不到我添加的 NS 记录在响应中返回。这是正常的吗?
升
答案1
您也可以公开域名;只需不到一分钟的侦察就能找到它。
从这里来看,两者的记录似乎都很好……
带痕迹的 DiG
$ dig alt.*********r.com. NS @8.8.8.8 +trace ; OMITTED . AND com. LEVELS *********r.com. 172800 IN NS dns1.registrar-servers.com. *********r.com. 172800 IN NS dns2.registrar-servers.com. ; OMITTED NSEC3 & RRSIG RECORDS ;; Received 740 bytes from 2001:503:a83e::2:30#53(a.gtld-servers.net) in 36 ms alt.*********r.com. 300 IN NS ns-1204.awsdns-22.org. alt.*********r.com. 300 IN NS ns-190.awsdns-23.com. alt.*********r.com. 300 IN NS ns-2015.awsdns-59.co.uk. alt.*********r.com. 300 IN NS ns-666.awsdns-19.net. ;; Received 184 bytes from 2610:a1:1025::200#53(dns2.registrar-servers.com) in 24 ms alt.*********r.com. 300 IN NS ns-1204.awsdns-22.org. alt.*********r.com. 300 IN NS ns-190.awsdns-23.com. alt.*********r.com. 300 IN NS ns-2015.awsdns-59.co.uk. alt.*********r.com. 300 IN NS ns-666.awsdns-19.net. ;; Received 184 bytes from 2600:9000:5302:9a00::1#53(ns-666.awsdns-19.net) in 20 ms查找工具
> nslookup -querytype=NS alt.*********r.com 8.8.8.8 Server: dns.google Address: 8.8.8.8 Non-authoritative answer: alt.*********r.com nameserver = ns-1204.awsdns-22.org alt.*********r.com nameserver = ns-190.awsdns-23.com alt.*********r.com nameserver = ns-2015.awsdns-59.co.uk alt.*********r.com nameserver = ns-666.awsdns-19.net
从截图来看你查询的是 的记录,ANY *********r.com而不是其子域名的记录alt.*********r.com。当然,这不会给你NS子域名的记录。
了解两者之间的区别
>nslookup -querytype=ANY *********r.com 8.8.8.8
Server: dns.google
Address: 8.8.8.8
Non-authoritative answer:
*********r.com
primary name server = dns1.registrar-servers.com
responsible mail addr = hostmaster.registrar-servers.com
serial = 1593846211
refresh = 43200 (12 hours)
retry = 3600 (1 hour)
expire = 604800 (7 days)
default TTL = 3601 (1 hour 1 sec)
*********r.com nameserver = dns1.registrar-servers.com
*********r.com nameserver = dns2.registrar-servers.com
*********r.com MX preference = 1, mail exchanger = aspmx.l.google.com
*********r.com MX preference = 10, mail exchanger = aspmx2.googlemail.com
*********r.com MX preference = 10, mail exchanger = aspmx3.googlemail.com
*********r.com MX preference = 5, mail exchanger = alt1.aspmx.l.google.com
*********r.com MX preference = 5, mail exchanger = alt2.aspmx.l.google.com
*********r.com text =
"v=spf1 include:_spf.google.com ~all"
*********r.com internet address = 198.185.159.144
*********r.com internet address = 198.49.23.145
*********r.com internet address = 198.185.159.145
*********r.com internet address = 198.49.23.144
和(尽管你真的应该使用-querytype=NS而不是ANY,RFC 8482)
>nslookup -querytype=ANY alt.*********r.com 8.8.8.8
Server: dns.google
Address: 8.8.8.8
Non-authoritative answer:
alt.*********r.com internet address = 205.251.219.115
alt.*********r.com internet address = 205.251.219.98
alt.*********r.com internet address = 205.251.219.122
alt.*********r.com internet address = 205.251.219.2
alt.*********r.com nameserver = ns-1204.awsdns-22.org
alt.*********r.com nameserver = ns-190.awsdns-23.com
alt.*********r.com nameserver = ns-2015.awsdns-59.co.uk
alt.*********r.com nameserver = ns-666.awsdns-19.net
alt.*********r.com
primary name server = ns-190.awsdns-23.com
responsible mail addr = awsdns-hostmaster.amazon.com
serial = 1
refresh = 7200 (2 hours)
retry = 900 (15 mins)
expire = 1209600 (14 days)
default TTL = 86400 (1 day)