Project 91. Resolve Hostnames"What's the IP address of jan.1dot1.com ?" This project shows you how to query the Domain Name System (DNS) to translate domain names and hostnames into IP addresses. The DNS is used to discover other information, too, such as which hosts handle email for a particular domain. It covers the commands host and dig. Learn What's in a (Domain) NameThe Domain Name System is a distributed database that resolves domain names and hostnames into their assigned IP addresses. Mac OS X includes a DNS server distribution called Bind that lets you set up your own DNS server (called named), but we'll be considering just how to query a DNS server, not how to set one up.
Consider a domain name such as bbc.co.uk. You can think of it as a pathname, but in reverse, rather like this. /uk/co/bbc Performing a DNS search to resolve bbc.co.uk into its IP address involves starting from the root of the DNS system and asking the root servers about uk. The root servers point to other servers that are authoritative for the domain uk and that tell you about co.uk. Those servers in turn point you to still other servers than can answer for bbc.co.uk. Hostname resolution is the responsibility of your nominated DNS servers named in the Network pane of System Preferences. The servers are most likely those of your Internet Service Provider (ISP), but it's possible to run your own. If you obtain your IP address by using DHCP (Dynamic Host Configuration Protocol), your DNS servers will be configured automatically; therefore, it's not necessary to name them in the Network pane. Look up DNS InformationTo look up the IP address of jan.1dot1.com, use host. The host command forms a DNS query and sends it to one of your nominated DNS servers for resolution. Type $ host jan.1dot1.com jan.1dot1.com is an alias for 1dot1.com. 1dot1.com has address 217.155.168.149 Tip
The first line tells us that jan.1dot1.com is the same machine as 1dot1.com. The second line gives the IP address of the machine (and both domains) as 217.155.168.149. This simple query searched for A records, which hold the IP address of a host or domain. It's equivalent to specifying the option -t (for type) followed by a designator a (for A records). $ host -t a jan.1dot1.com We can query for other information, too. We might be interested in the servers that gave us the A recordscalled the name servers for the domain. We ask for name-server information by specifying the type designator ns. $ host -t ns 1dot1.com 1dot1.com name server smeagol.mayo-family.com. 1dot1.com name server carcharoth.mayo-family.com. Tip
Other information includes the Start of Authority (SOA) record for a domain, which gives administrative information such as the time in seconds for which the domain information should be cached after being fetched. $ host -t soa 1dot1.com 1dot1.com SOA carcharoth.mayo-family.com. hostmaster.1dot1.com. 2004111505 7200 3600 604800 3600 Mail Exchange (MX) records hold the IP addresses of the hosts that handle mail for the domain. $ host -t mx 1dot1.com 1dot1.com mail is handled by 20 saruman.mayo-family.com. 1dot1.com mail is handled by 10 carcharoth.mayo-family.com. Configure DNS LookupAs you may already know, we nominate DNS servers by using System Preferences, selecting the Network pane and then the TCP/IP tab for each interface (Figure 10.1). You can also define search domains from System Preferences, which allows you to specify relative hostnames. Having defined mayo-family.com as a search domain, for example, we can name the individual hosts in that domain by specifying just their hostname. The following would be equivalent. Figure 10.1. Set DNS servers and search domains from System Preferences.$ host carcharoth carcharoth.mayo-family.com has address 217.155.168.149 $ host carcharoth.mayo-family.com carcharoth.mayo-family.com has address 217.155.168.149 If you specify a domain name with a trailing dot, the name is taken to be absolute and will never have the search path added. $ host carcharoth. Host carcharoth not found: 3(NXDOMAIN) Tip
Configure from UnixSystem Preferences maintains a Unix configuration file called /etc/resolv.conf. Display this file, and you'll see that it reflects the DNS servers and search domains set in System Preferences or configured by DHCP. $ cat /etc/resolv.conf search mayo-family.com nameserver 217.155.168.149 Learn More
Although it's possible to maintain the file by hand, be warned that System Preferences may overwrite it should any network settings change. The file is actually a Unix symbolic link to /var/run/resolv.conf. Tip
Use Reverse MappingReverse mapping is looking up a hostname from an IP address. It employs the same DNS system as forward mapping, starting from a top-level domain called arpa and a subdomain called in-addr.arpa for the Internet address space. Tip
Here's an example in which we perform a forward and then a reverse query, moving from a hostname to an IP address and back to the original hostname. $ host carcharoth.mayo-family.com carcharoth.mayo-family.com has address 217.155.168.149 $ host 217.155.168.149 149.168.155.217.in-addr.arpa domain name pointer carcharoth.mayo-family.com. The host command lets us type an IP address in the more familiar form of 217.155.168.149, although this is not a valid entry in the reverse-map DNS system. Strictly, we should have typed a domain name that looks like this. $ host 149.168.155.217.in-addr.arpa $ This format reverses the order of the familiar four-part IP address, in which the address starts with the largest network (217) and ends with an individual host (149). It uses the DNS convention of placing the host first, then subdomains, and then the largest domain. You'll notice, however, that this command elicits no response. Recall that the host command assumes we want A records unless we specify otherwise from the -t option. To obtain a hostname from an address, we need a pointer record, denoted by type designator ptr. Thus, the full command is $ host -t ptr 149.168.155.217.in-addr.arpa 149.168.155.217.in-addr.arpa domain name pointer carcharoth.mayo-family.com. Note
Dig for InformationThe dig (Domain Information Groper) command is an alternative to host. It's more comprehensive and is the preferred tool among DNS server administrators. The output from dig is more comprehensive and verbose than that from host. Let's revisit some of the examples we used to illustrate host, but this time, we'll employ dig to grope jan.1dot.com. $ dig jan.1dot1.com ; <<>> DiG 9.3.0 <<>> jan.1dot1.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5665 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2 ; QUESTION SECTION: ;jan.1dot1.com. IN A ;; ANSWER SECTION: jan.1dot1.com. 24868 IN CNAME 1dot1.com. 1dot1.com. 24868 IN A 217.155.168.149 ;; AUTHORITY SECTION: 1dot1.com. 111268 IN NS smeagol.mayo-family.com. 1dot1.com. 111268 IN NS carcharoth.mayo-family.com. ;; ADDITIONAL SECTION: smeagol.mayo-family.com. 24868 IN A 217.155.168.148 carcharoth.mayo-family.com. 46537 IN A 217.155.168.149 ... Note
As you can see, dig answered more questions than were asked. It returned related and useful information, such as the name servers for the domain and their IP addresses. Tip
Look up Additional Informationdig has many options to query for information other than A records, equivalent to the host command's -t option. Here are some examples you might like to try. $ dig ns 1dot1.com $ dig +multiline soa 1dot1.com $ dig mx 1dot1.com $ dig any 1dot1.com Tip
The dig command displays useful additional information, including the questions it asked of the DNS server. Specify the +noall option to turn off the display of additional information; then selectively switch on exactly what you want to see. In the next example, we ask for only the direct answer (option +answer) to our query for the A record of 1dot1.com. $ dig +noall +answer a 1dot1.com 1dot1.com. 86400 IN A 217.155.168.149 We can specify a particular name server rather than have dig use those specified in System Preferences. To use the (fictional) name server ns1.example.com in querying the domain apple.com, type $ dig @ns1.example.com apple.com Trace a DNS ChainTo follow the chain of DNS servers that were queried to resolve a hostname, specify the option +trace. $ dig +trace news.bbc.co.uk Use Reverse Mapping with digdig will not automatically recognize a reverse-map request unless you specify the option -x or supply the proper reverse-map address. Type either of the following. $ dig -x 217.155.168.149 $ dig ptr 149.168.155.217.in-addr.arpa |