Project91.Resolve Hostnames

Project 91. Resolve Hostnames

"What's the IP address of jan.1dot1.com ?"

This project shows you how to query the Domain Name System (DNS) to translate domain names and hostnames into IP addresses. The DNS is used to discover other information, too, such as which hosts handle email for a particular domain. It covers the commands host and dig.

Learn What's in a (Domain) Name

The Domain Name System is a distributed database that resolves domain names and hostnames into their assigned IP addresses. Mac OS X includes a DNS server distribution called Bind that lets you set up your own DNS server (called named), but we'll be considering just how to query a DNS server, not how to set one up.

Consider a domain name such as bbc.co.uk. You can think of it as a pathname, but in reverse, rather like this.

/uk/co/bbc

Performing a DNS search to resolve bbc.co.uk into its IP address involves starting from the root of the DNS system and asking the root servers about uk. The root servers point to other servers that are authoritative for the domain uk and that tell you about co.uk. Those servers in turn point you to still other servers than can answer for bbc.co.uk.

Hostname resolution is the responsibility of your nominated DNS servers named in the Network pane of System Preferences. The servers are most likely those of your Internet Service Provider (ISP), but it's possible to run your own. If you obtain your IP address by using DHCP (Dynamic Host Configuration Protocol), your DNS servers will be configured automatically; therefore, it's not necessary to name them in the Network pane.

Look up DNS Information

To look up the IP address of jan.1dot1.com, use host. The host command forms a DNS query and sends it to one of your nominated DNS servers for resolution. Type

$ host jan.1dot1.com jan.1dot1.com is an alias for 1dot1.com. 1dot1.com has address 217.155.168.149

Tip

Use the special type any to grab any (all) information available. $ host -t any 1dot1.com Option -a is similar to -t any but provides verbose output.

The first line tells us that jan.1dot1.com is the same machine as 1dot1.com. The second line gives the IP address of the machine (and both domains) as 217.155.168.149. This simple query searched for A records, which hold the IP address of a host or domain. It's equivalent to specifying the option -t (for type) followed by a designator a (for A records).

$ host -t a jan.1dot1.com

We can query for other information, too. We might be interested in the servers that gave us the A recordscalled the name servers for the domain. We ask for name-server information by specifying the type designator ns.

$ host -t ns 1dot1.com 1dot1.com name server smeagol.mayo-family.com. 1dot1.com name server carcharoth.mayo-family.com.

Tip

Request a zone transfer by typing $ host -t axfr 1dot1.com Most servers will deny this request, but the technique is useful in checking your own server configuration should you ever run a DNS server.

Other information includes the Start of Authority (SOA) record for a domain, which gives administrative information such as the time in seconds for which the domain information should be cached after being fetched.

$ host -t soa 1dot1.com 1dot1.com SOA carcharoth.mayo-family.com. hostmaster.1dot1.com. 2004111505 7200 3600 604800 3600

Mail Exchange (MX) records hold the IP addresses of the hosts that handle mail for the domain.

$ host -t mx 1dot1.com 1dot1.com mail is handled by 20 saruman.mayo-family.com. 1dot1.com mail is handled by 10 carcharoth.mayo-family.com.

Configure DNS Lookup

As you may already know, we nominate DNS servers by using System Preferences, selecting the Network pane and then the TCP/IP tab for each interface (Figure 10.1). You can also define search domains from System Preferences, which allows you to specify relative hostnames. Having defined mayo-family.com as a search domain, for example, we can name the individual hosts in that domain by specifying just their hostname. The following would be equivalent.

Figure 10.1. Set DNS servers and search domains from System Preferences.

$ host carcharoth carcharoth.mayo-family.com has address 217.155.168.149 $ host carcharoth.mayo-family.com carcharoth.mayo-family.com has address 217.155.168.149

If you specify a domain name with a trailing dot, the name is taken to be absolute and will never have the search path added.

$ host carcharoth. Host carcharoth not found: 3(NXDOMAIN)

Tip

If localhost is being treated as a relative hostname and does not resolve correctly, specify it as an absolute hostname by ending it with a dot, as in localhost..

Configure from Unix

System Preferences maintains a Unix configuration file called /etc/resolv.conf. Display this file, and you'll see that it reflects the DNS servers and search domains set in System Preferences or configured by DHCP.

$ cat /etc/resolv.conf search mayo-family.com nameserver 217.155.168.149

Learn More

Project 19 explains Unix symbolic links.

Although it's possible to maintain the file by hand, be warned that System Preferences may overwrite it should any network settings change. The file is actually a Unix symbolic link to /var/run/resolv.conf.

Tip

To learn more about configuration settings that can be specified in /etc/resolv.conf, type $ man 5 resolver

Use Reverse Mapping

Reverse mapping is looking up a hostname from an IP address. It employs the same DNS system as forward mapping, starting from a top-level domain called arpa and a subdomain called in-addr.arpa for the Internet address space.

Tip

If your Mac has no active network connection, Mac OS X will remove the file /var/run/resolv.conf. This does not matter normally, but if you run your own DNS server and rely on it to resolve multiple hostnames to 127.0.0.1 (you might implement virtual hosting by using the Apache Web server) simply replace the file that was removed.

Here's an example in which we perform a forward and then a reverse query, moving from a hostname to an IP address and back to the original hostname.

$ host carcharoth.mayo-family.com carcharoth.mayo-family.com has address 217.155.168.149 $ host 217.155.168.149 149.168.155.217.in-addr.arpa domain name pointer carcharoth.mayo-family.com.

The host command lets us type an IP address in the more familiar form of 217.155.168.149, although this is not a valid entry in the reverse-map DNS system. Strictly, we should have typed a domain name that looks like this.

$ host 149.168.155.217.in-addr.arpa $

This format reverses the order of the familiar four-part IP address, in which the address starts with the largest network (217) and ends with an individual host (149). It uses the DNS convention of placing the host first, then subdomains, and then the largest domain. You'll notice, however, that this command elicits no response. Recall that the host command assumes we want A records unless we specify otherwise from the -t option. To obtain a hostname from an address, we need a pointer record, denoted by type designator ptr. Thus, the full command is

$ host -t ptr 149.168.155.217.in-addr.arpa 149.168.155.217.in-addr.arpa domain name pointer carcharoth.mayo-family.com.

Note

The older nslookup command is depreciated in favor of dig.

Dig for Information

The dig (Domain Information Groper) command is an alternative to host. It's more comprehensive and is the preferred tool among DNS server administrators. The output from dig is more comprehensive and verbose than that from host.

Let's revisit some of the examples we used to illustrate host, but this time, we'll employ dig to grope jan.1dot.com.

$ dig jan.1dot1.com ; <<>> DiG 9.3.0 <<>> jan.1dot1.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5665 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2 ; QUESTION SECTION: ;jan.1dot1.com.                 IN A ;; ANSWER SECTION: jan.1dot1.com.   24868  IN  CNAME  1dot1.com. 1dot1.com.       24868  IN  A      217.155.168.149 ;; AUTHORITY SECTION: 1dot1.com.       111268  IN  NS  smeagol.mayo-family.com. 1dot1.com.       111268  IN  NS  carcharoth.mayo-family.com. ;; ADDITIONAL SECTION: smeagol.mayo-family.com. 24868    IN  A  217.155.168.148 carcharoth.mayo-family.com. 46537 IN  A  217.155.168.149 ...

Note

Unlike host, dig does not use the search domains unless explicitly told to so do by the inclusion of the +search option. $ dig +search carcharoth

As you can see, dig answered more questions than were asked. It returned related and useful information, such as the name servers for the domain and their IP addresses.

Tip

List all the root name servers by typing $ dig @a.root-¬ servers.net ns.

Look up Additional Information

dig has many options to query for information other than A records, equivalent to the host command's -t option. Here are some examples you might like to try.

$ dig ns 1dot1.com $ dig +multiline soa 1dot1.com $ dig mx 1dot1.com $ dig any 1dot1.com

Tip

To request a domain transfer type the following (replacing 1dot1.com with the relevant domain name): $ dig 1dot1.com axfr

The dig command displays useful additional information, including the questions it asked of the DNS server. Specify the +noall option to turn off the display of additional information; then selectively switch on exactly what you want to see. In the next example, we ask for only the direct answer (option +answer) to our query for the A record of 1dot1.com.

$ dig +noall +answer a 1dot1.com 1dot1.com.        86400  IN  A  217.155.168.149

We can specify a particular name server rather than have dig use those specified in System Preferences. To use the (fictional) name server ns1.example.com in querying the domain apple.com, type

$ dig @ns1.example.com apple.com

Trace a DNS Chain

To follow the chain of DNS servers that were queried to resolve a hostname, specify the option +trace.

$ dig +trace news.bbc.co.uk

Use Reverse Mapping with dig

dig will not automatically recognize a reverse-map request unless you specify the option -x or supply the proper reverse-map address. Type either of the following.

$ dig -x 217.155.168.149 $ dig ptr 149.168.155.217.in-addr.arpa