본문 바로가기
IT

DNS resolve 해보기.

okonywithkony 2023. 11. 15. 14:06
반응형

 

 

naver.com의 IP는 nslookup을 통해 알수 있다.

kkeunuk@kkeunukD6W96 ~ % nslookup naver.com
Server: 10.217.194.19
Address: 10.217.194.19#53


Non-authoritative answer:
Name: naver.com
Address: 223.130.195.200
Name: naver.com
Address: 223.130.200.104
Name: naver.com
Address: 223.130.195.95
Name: naver.com
Address: 223.130.200.107

 

 

full resolver가 권한있는 DNS 서버에 질의하여 얻는 과정을 확인해보았다.

TLD부터 2nd, 3rd domain 까지 확인 방법

 

1. 먼저 full resolver가 TLD 로 쿼리

198.41.0.4는 TLD  root domain name server 중 A root server이고, naver.com에 대한 A 리소스리코드에 대한 질의를 함.

질의 받은 A root DNS 는 .com에 대해 위임처에 위임함. (a~m.gtld-servers.net.)

a~m.gtld-servers.net에 해당 되는 IP address는 additional section에서 확인할수 있다.

kkeunuk@kkeunukD6W96 ~ % dig +norec @198.41.0.4 naver.com A


; <<>> DiG 9.10.6 <<>> +norec @198.41.0.4 naver.com A
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33015
;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 27


;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;naver.com. IN A


;; AUTHORITY SECTION:
com. 172800 IN NS e.gtld-servers.net.
com. 172800 IN NS b.gtld-servers.net.
com. 172800 IN NS j.gtld-servers.net.
com. 172800 IN NS m.gtld-servers.net.
com. 172800 IN NS i.gtld-servers.net.
com. 172800 IN NS f.gtld-servers.net.
com. 172800 IN NS a.gtld-servers.net.
com. 172800 IN NS g.gtld-servers.net.
com. 172800 IN NS h.gtld-servers.net.
com. 172800 IN NS l.gtld-servers.net.
com. 172800 IN NS k.gtld-servers.net.
com. 172800 IN NS c.gtld-servers.net.
com. 172800 IN NS d.gtld-servers.net.


;; ADDITIONAL SECTION:
e.gtld-servers.net. 172800 IN A 192.12.94.30
e.gtld-servers.net. 172800 IN AAAA 2001:502:1ca1::30
b.gtld-servers.net. 172800 IN A 192.33.14.30
b.gtld-servers.net. 172800 IN AAAA 2001:503:231d::2:30
j.gtld-servers.net. 172800 IN A 192.48.79.30
j.gtld-servers.net. 172800 IN AAAA 2001:502:7094::30
m.gtld-servers.net. 172800 IN A 192.55.83.30
m.gtld-servers.net. 172800 IN AAAA 2001:501:b1f9::30
i.gtld-servers.net. 172800 IN A 192.43.172.30
i.gtld-servers.net. 172800 IN AAAA 2001:503:39c1::30
f.gtld-servers.net. 172800 IN A 192.35.51.30
f.gtld-servers.net. 172800 IN AAAA 2001:503:d414::30
a.gtld-servers.net. 172800 IN A 192.5.6.30
a.gtld-servers.net. 172800 IN AAAA 2001:503:a83e::2:30
g.gtld-servers.net. 172800 IN A 192.42.93.30
g.gtld-servers.net. 172800 IN AAAA 2001:503:eea3::30
h.gtld-servers.net. 172800 IN A 192.54.112.30
h.gtld-servers.net. 172800 IN AAAA 2001:502:8cc::30
l.gtld-servers.net. 172800 IN A 192.41.162.30
l.gtld-servers.net. 172800 IN AAAA 2001:500:d937::30
k.gtld-servers.net. 172800 IN A 192.52.178.30
k.gtld-servers.net. 172800 IN AAAA 2001:503:d2d::30
c.gtld-servers.net. 172800 IN A 192.26.92.30
c.gtld-servers.net. 172800 IN AAAA 2001:503:83eb::30
d.gtld-servers.net. 172800 IN A 192.31.80.30
d.gtld-servers.net. 172800 IN AAAA 2001:500:856e::30


;; Query time: 103 msec
;; SERVER: 198.41.0.4#53(198.41.0.4)
;; WHEN: Wed Nov 15 13:49:31 KST 2023
;; MSG SIZE  rcvd: 834

 

 

2. full resolver로 .com DNS에  naver.com A 리소스레코드 쿼리를 하였다.

naver.com에 대해서 ns1~2.naver.com DNS 서버로 위임을 하였고, 

마찬가지로 ns1~2.naver.com에 대한 IP는 additional secition에서 확인할수 있다.

kkeunuk@kkeunukD6W96 ~ % dig +norec @192.12.94.30 naver.com A


; <<>> DiG 9.10.6 <<>> +norec @192.12.94.30 naver.com A
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43172
;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 3


;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;naver.com. IN A


;; AUTHORITY SECTION:
naver.com. 172800 IN NS ns2.naver.com.
naver.com. 172800 IN NS ns1.naver.com.


;; ADDITIONAL SECTION:
ns2.naver.com. 172800 IN A 125.209.249.6
ns1.naver.com. 172800 IN A 125.209.248.6


;; Query time: 128 msec
;; SERVER: 192.12.94.30#53(192.12.94.30)
;; WHEN: Wed Nov 15 13:52:22 KST 2023
;; MSG SIZE  rcvd: 106

 

 

3. naver.com의 IP를 알아내기위해 마지막으로 full resolver로 ns1.naver.com으로 쿼리를 날려보았다. 

flag 에 aa 마크가 보인다는건, 해당 서버에서는 A 리소스리코드에 대해 답이 있다는 표시이기도 하다. 

question에 naver.com이 있고, answer section에는 naver.com의 A리소스리코드가 있다. 

naver.com은 4개의 IP를 가지고 있다.

kkeunuk@kkeunukD6W96 ~ % dig +norec @125.209.249.6 naver.com A


; <<>> DiG 9.10.6 <<>> +norec @125.209.249.6 naver.com A
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21295
;; flags: qr aa; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1


;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;naver.com. IN A


;; ANSWER SECTION:
naver.com. 300 IN A 223.130.195.95
naver.com. 300 IN A 223.130.195.200
naver.com. 300 IN A 223.130.200.107
naver.com. 300 IN A 223.130.200.104
반응형

'IT' 카테고리의 다른 글

Regarding IKEv2 , How toTroubleshooting  (0) 2024.01.21
Analysis releate to IPSEC VPN  (0) 2023.12.13
quagga bgp  (1) 2023.11.01
libreswan으로 host간 IPSec VPN 구성  (0) 2023.11.01
Add to interface in Management Profile on Paloalto  (0) 2021.11.20

'IT' Related Articles

티스토리툴바