{"id":6340,"date":"2017-09-27T16:11:43","date_gmt":"2017-09-27T08:11:43","guid":{"rendered":"https:\/\/kyle.ai\/blog\/?p=6340"},"modified":"2017-09-27T16:14:22","modified_gmt":"2017-09-27T08:14:22","slug":"%e7%94%a8dig%e5%91%bd%e4%bb%a4%e8%be%a8%e5%88%abdns%e6%98%af%e5%90%a6%e8%a2%ab%e6%b1%a1%e6%9f%93","status":"publish","type":"post","link":"https:\/\/kyle.ai\/blog\/6340.html","title":{"rendered":"\u7528dig\u547d\u4ee4\u8fa8\u522bDNS\u662f\u5426\u88ab\u6c61\u67d3"},"content":{"rendered":"

\u539f\u7406<\/h1>\n

\u65e2\u7136\u8bf4\u8d77 DNS \u548c\u5176\u6c61\u67d3\u95ee\u9898\uff0c\u5c31\u4e0d\u5f97\u4e0d\u5148\u770b\u770b DNS \u7cfb\u7edf\u662f\u5982\u4f55\u5de5\u4f5c\u7684\uff0c\u8fd9\u4e2a\u81ea\u4ece\u4e0a\u4e2a\u4e16\u7eaa80\u51fa\u73b0\u7684\u65b9\u4fbf\u5927\u5bb6\u8fde\u63a5\u4e3b\u673a\u7684\u7cfb\u7edf\u7684\u786e\u662f\u6709\u95ee\u9898\u3002\u4ece Wikipedia \u4e0a\u5077\u5f20\u56fe\u5148\u3002<\/p>\n

\"563px-An_example_of_theoretical_DNS_recursion.svg_\"<\/a><\/p>\n

DNS \u89e3\u6790\u6d41\u7a0b\u56fe<\/p>\n

\u56fe\u4e2d\u53ef\u4ee5\u770b\u5230\u6211\u4eec\u7684 ISP \u7684 DNS \u670d\u52a1\u5668\u5728\u56fe\u4e2d\u53eb\u505a DNS Recurser\uff0c\u5728\u89e3\u6790\u4e00\u4e2a\u57df\u540d\u7684\u65f6\u5019\uff0c\u603b\u5171\u7ecf\u8fc7\u4e86\u4ee5\u4e0b\u7684\u6b65\u9aa4\uff0c\u56fe\u662f\u4ee5 www.wikipedia.org \u4f5c\u4e3a\u793a\u8303\u7684\uff1a<\/p>\n

    \n
  1. \u5411 root \u670d\u52a1\u5668\u83b7\u53d6\u8be5 gTLD \u7684\u7ba1\u8f96\u670d\u52a1\u5668\uff0c\u56fe\u4e2d\u4e3a org \u7ed3\u5c3e\u7684\u57df\u540d<\/li>\n
  2. root \u670d\u52a1\u5668\u8fd4\u56de org \u7684\u7ba1\u8f96\u670d\u52a1\u5668<\/li>\n
  3. \u5411 org \u7684\u7ba1\u8f96\u670d\u52a1\u5668\u67e5\u8be2\uff0c\u8c01\u6765\u8d1f\u8d23\u89e3\u6790 wikipedia.org \u8fd9\u4e2a\u57df\u540d\u7684<\/li>\n
  4. org \u7684\u7ba1\u8f96\u670d\u52a1\u5668\u8fd4\u56de\u89e3\u6790 wikipedia.org \u7684\u670d\u52a1\u5668 IP \u5730\u5740<\/li>\n
  5. \u5411 wikipedia.org \u7684\u89e3\u6790\u670d\u52a1\u5668\u53d1\u51fa\u67e5\u8be2\uff0c\u89e3\u6790 www.wikipedia.org \u7684 IP \u5730\u5740<\/li>\n
  6. \u62ff\u5230\u6700\u7ec8\u8981\u7684 IP \u5730\u5740<\/li>\n<\/ol>\n

    \u51716\u4e2a\u6b65\u9aa4\u3002\u90a3\u4e48\u5982\u679c\u5728\u6700\u540e\u4e00\u6b21\u67e5\u8be2\u7684\u65f6\u5019\uff0c\u6709\u4eba\u5047\u5192\u4e86 wikipedia.org \u7684\u89e3\u6790\u670d\u52a1\u5668\uff0c\u5219\u53ef\u4ee5\u5728\u4e2d\u95f4\u8fdb\u884c\u6b3a\u9a97\u653b\u51fb\uff0c\u81f4\u4f7f\u7528\u6237\u6700\u540e\u5f97\u5230\u7684 IP \u5730\u5740\u4e0d\u662f\u771f\u5b9e\u7684\u5730\u5740\u3002\u5982\u56fe\u6240\u793a\uff0c<\/p>\n

    \"563px-An_example_of_theoretical_DNS_recursion.svg_1\"<\/a><\/p>\n

    \u89e3\u6790\u8bf7\u6c42\u88ab\u52ab\u6301<\/p>\n

    \u66f4\u8be6\u7ec6\u7684\u5173\u4e8e DNS \u7684\u5185\u5bb9\uff0c\u53ef\u4ee5\u81ea\u884c\u53c2\u8003 rfc1035\uff08http:\/\/tools.ietf.org\/html\/rfc1035\uff09\u3002<\/p>\n

    \u624b\u5de5\u6a21\u62df<\/h1>\n

    \u4ee5\u4e0a\u662f\u5927\u81f4\u7684\u89e3\u6790\u539f\u7406\uff0c\u6211\u4eec\u624b\u5de5\u4e00\u6b65\u4e00\u6b65\u6765\u6a21\u62df\u89e3\u6790\u7684\u6bcf\u4e2a\u6b65\u9aa4\u5427\u3002\u8fd9\u91cc\u6211\u7528\u7684\u73af\u5883\u662f\u5317\u4eac\u8054\u901a ADSL + Mac OS X 10.7 \u300eLion\u300f + \u67d0\u56fd\u5bb6 VPN \u4e00\u6761\u3002\u5de5\u5177\u7528\u5230\u4e86 dig \u548c tcpdump \u6765\u5b8c\u6210\uff0cWindows \u4e0b\u9ed8\u8ba4\u6728\u6709\u4fe9\u5de5\u5177\u4f3c\u4e4e\uff0c\u5927\u5bb6\u81ea\u884c\u5bfb\u627e\u5427\uff0c\u6216\u8005\u627e\u4e00\u4e2a GNU\/Linux \u53d1\u884c\u7248\u88c5\u4e0a\uff0c\u4e2a\u4eba\u63a8\u8350 Ubuntu\uff0c\u6709 red hat \u60c5\u8282\u7684\uff0c\u5c31 Fedora \u597d\u4e86\u3002\u9996\u5148\u7528\u8054\u901a\u7684 ADSL \u6765\u8bd5\u9a8c\u4e0b<\/p>\n

    \r\n$ dig \/\/\u76f4\u63a5\u83b7\u53d6\u6839\u670d\u52a1\u5668\u7684\u5730\u5740\r\n\r\n\r\n; <<>> DiG 9.8.3-P1 <<>>\r\n;; global options: +cmd\r\n;; Got answer:\r\n;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59858\r\n;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 3\r\n\r\n;; QUESTION SECTION:\r\n;.\t\t\t\tIN\tNS\r\n\r\n;; ANSWER SECTION:\r\n.\t\t\t205043\tIN\tNS\te.root-servers.net.\r\n.\t\t\t205043\tIN\tNS\th.root-servers.net.\r\n.\t\t\t205043\tIN\tNS\tl.root-servers.net.\r\n.\t\t\t205043\tIN\tNS\ti.root-servers.net.\r\n.\t\t\t205043\tIN\tNS\ta.root-servers.net.\r\n.\t\t\t205043\tIN\tNS\td.root-servers.net.\r\n.\t\t\t205043\tIN\tNS\tc.root-servers.net.\r\n.\t\t\t205043\tIN\tNS\tb.root-servers.net.\r\n.\t\t\t205043\tIN\tNS\tj.root-servers.net.\r\n.\t\t\t205043\tIN\tNS\tk.root-servers.net.\r\n.\t\t\t205043\tIN\tNS\tg.root-servers.net.\r\n.\t\t\t205043\tIN\tNS\tm.root-servers.net.\r\n.\t\t\t205043\tIN\tNS\tf.root-servers.net.\r\n\r\n;; ADDITIONAL SECTION:\r\nk.root-servers.net.\t604222\tIN\tAAAA\t2001:7fd::1\r\nm.root-servers.net.\t602881\tIN\tA\t202.12.27.33\r\nf.root-servers.net.\t604218\tIN\tAAAA\t2001:500:2f::f\r\n\r\n;; Query time: 11 msec\r\n;; SERVER: 202.96.134.133#53(202.96.134.133)\r\n;; WHEN: Wed Sep 27 15:56:19 2017\r\n;; MSG SIZE  rcvd: 300\r\n<\/pre>\n
    \u8fd9\u91cc\u6211\u4eec\u53ef\u4ee5\u770b\u5230\uff0c\u5168\u7403\u7684\u57df\u540d\u6839\u670d\u52a1\u5668\u5171\u6709\u4ece a \u5230 m\uff0c\u5171 13 \u7ec4\u670d\u52a1\u5668\u3002\u7ee7\u7eed\u53bb dig \u51fa\u6765\u8fd9\u4e9b\u670d\u52a1\u5668\u7684\u5730\u5740\u5427\uff0c\u968f\u4fbf\u627e\u4e00\u4e2a\u597d\u4e86<\/p>\n
    \r\n$ dig e.root-servers.net\r\n\r\n; <<>> DiG 9.8.3-P1 <<>> e.root-servers.net\r\n;; global options: +cmd\r\n;; Got answer:\r\n;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25194\r\n;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0\r\n\r\n;; QUESTION SECTION:\r\n;e.root-servers.net.\t\tIN\tA\r\n\r\n;; ANSWER SECTION:\r\ne.root-servers.net.\t84796\tIN\tA\t192.203.230.10\r\n\r\n;; Query time: 4 msec\r\n;; SERVER: 202.96.134.133#53(202.96.134.133)\r\n;; WHEN: Wed Sep 27 15:56:51 2017\r\n;; MSG SIZE  rcvd: 52\r\n<\/pre>\n
    \u8fd9\u91cc\u6211\u4eec\u6293\u5230\u4e86\u5176\u4e2d\u4e00\u7ec4\u7684 DNS \u6839\u670d\u52a1\u5668 e.root-servers.net \u7684\u5730\u5740\u4e3a 192.203.230.10\uff0c\u7ee7\u7eed<\/p>\n
    \r\n$ dig -t ns @192.203.230.10 com.\r\n\r\n; <<>> DiG 9.8.3-P1 <<>> -t ns @192.203.230.10 com.\r\n; (1 server found)\r\n;; global options: +cmd\r\n;; Got answer:\r\n;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 691\r\n;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 15\r\n;; WARNING: recursion requested but not available\r\n\r\n;; QUESTION SECTION:\r\n;com.\t\t\t\tIN\tNS\r\n\r\n;; AUTHORITY SECTION:\r\ncom.\t\t\t172800\tIN\tNS\ta.gtld-servers.net.\r\ncom.\t\t\t172800\tIN\tNS\tb.gtld-servers.net.\r\ncom.\t\t\t172800\tIN\tNS\tc.gtld-servers.net.\r\ncom.\t\t\t172800\tIN\tNS\td.gtld-servers.net.\r\ncom.\t\t\t172800\tIN\tNS\te.gtld-servers.net.\r\ncom.\t\t\t172800\tIN\tNS\tf.gtld-servers.net.\r\ncom.\t\t\t172800\tIN\tNS\tg.gtld-servers.net.\r\ncom.\t\t\t172800\tIN\tNS\th.gtld-servers.net.\r\ncom.\t\t\t172800\tIN\tNS\ti.gtld-servers.net.\r\ncom.\t\t\t172800\tIN\tNS\tj.gtld-servers.net.\r\ncom.\t\t\t172800\tIN\tNS\tk.gtld-servers.net.\r\ncom.\t\t\t172800\tIN\tNS\tl.gtld-servers.net.\r\ncom.\t\t\t172800\tIN\tNS\tm.gtld-servers.net.\r\n\r\n;; ADDITIONAL SECTION:\r\na.gtld-servers.net.\t172800\tIN\tA\t192.5.6.30\r\nb.gtld-servers.net.\t172800\tIN\tA\t192.33.14.30\r\nc.gtld-servers.net.\t172800\tIN\tA\t192.26.92.30\r\nd.gtld-servers.net.\t172800\tIN\tA\t192.31.80.30\r\ne.gtld-servers.net.\t172800\tIN\tA\t192.12.94.30\r\nf.gtld-servers.net.\t172800\tIN\tA\t192.35.51.30\r\ng.gtld-servers.net.\t172800\tIN\tA\t192.42.93.30\r\nh.gtld-servers.net.\t172800\tIN\tA\t192.54.112.30\r\ni.gtld-servers.net.\t172800\tIN\tA\t192.43.172.30\r\nj.gtld-servers.net.\t172800\tIN\tA\t192.48.79.30\r\nk.gtld-servers.net.\t172800\tIN\tA\t192.52.178.30\r\nl.gtld-servers.net.\t172800\tIN\tA\t192.41.162.30\r\nm.gtld-servers.net.\t172800\tIN\tA\t192.55.83.30\r\na.gtld-servers.net.\t172800\tIN\tAAAA\t2001:503:a83e::2:30\r\nb.gtld-servers.net.\t172800\tIN\tAAAA\t2001:503:231d::2:30\r\n\r\n;; Query time: 349 msec\r\n;; SERVER: 192.203.230.10#53(192.203.230.10)\r\n;; WHEN: Wed Sep 27 15:57:39 2017\r\n;; MSG SIZE  rcvd: 509\r\n<\/pre>\n
    \u4e0a\u9762\u5171\u6709\u4ece a \u5230 m\uff0c\u4e00\u6837\u662f 13 \u7ec4\u670d\u52a1\u5668\u5728\u6240\u6709\u7684 com. \u7684 gTLD \u7684\u8bb0\u5f55\u4fdd\u5b58\u3002<\/p>\n
    \r\n$ dig -t ns @192.5.6.30 twitter.com\r\n\r\n; <<>> DiG 9.8.3-P1 <<>> -t ns @192.5.6.30 twitter.com\r\n; (1 server found)\r\n;; global options: +cmd\r\n;; Got answer:\r\n;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21761\r\n;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0\r\n\r\n;; QUESTION SECTION:\r\n;twitter.com.\t\t\tIN\tNS\r\n\r\n;; ANSWER SECTION:\r\ntwitter.com.\t\t240\tIN\tA\t78.16.49.15\r\n\r\n;; Query time: 13 msec\r\n;; SERVER: 192.5.6.30#53(192.5.6.30)\r\n;; WHEN: Wed Sep 27 15:58:18 2017\r\n;; MSG SIZE  rcvd: 45\r\n<\/pre>\n
    \u8fd9\u91cc\u770b\u5230\u95ee\u9898\u4e86\u4e48\uff1f\u672c\u6765\u5e94\u8be5\u8fd4\u56de twitter.com \u7684\u5177\u4f53\u7684\u89e3\u6790\u670d\u52a1\u5668\uff0c\u4e3a\u4ec0\u4e48\u76f4\u63a5\u8fd4\u56de\u4e86\u4e00\u4e2a A \u8bb0\u5f55\uff1f\u800c\u4e14\u8fd8\u662f\u8fd9\u4e48\u8be1\u5f02\u7684\u4e00\u4e2a\u5730\u5740\uff1f\u67e5\u8be2\u4ee5\u4e0b\u8fd9\u4e2a IP \u7684\u5f52\u5c5e\u5730\uff0c\u662f\u300e\u65b0\u897f\u5170 \u5965\u514b\u5170Telstraclear\u516c\u53f8\u300f\uff0c\u5e94\u8be5\u662f\u80e1\u4e71\u7f16\u51fa\u6765\u7684\u5730\u5740\u4e86\u3002\u81f3\u6b64\u518d\u6d4b\u8bd5\u4e0b\u53bb\u610f\u4e49\u4e5f\u5c31\u4e0d\u5927\u4e86\uff0c\u5177\u4f53\u539f\u56e0\u7b49\u4f1a\u513f\u5206\u6790\u3002\u6362\u4e0a VPN \u770b\u770b\u7ed3\u679c\u5982\u4f55<\/p>\n
    \r\n$ dig\r\n\r\n# \u8fd9\u91cc\u7684\u7ed3\u679c\u5b8c\u5168\u4e00\u6837\uff0c\u6211\u4eec\u7ee7\u7eed\u9009\u62e9 e \u7684\u90a3\u7ec4\r\n\r\n\r\n$ dig e.root-servers.net\r\n\r\n# \u55ef\uff0c\u8fd9\u91cc\u4e5f\u4e00\u6837\uff0c\u7ee7\u7eed\r\n\r\n\r\n$ dig -t ns @192.203.230.10 com.\r\n\r\n# \u6ca1\u6709\u4ec0\u4e48\u65b0\u5947\u7684\uff0c\u7ee7\u7eed\u2026\r\n<\/pre>\n
    \u4ee5\u4e0a\u51e0\u6761\u7ed3\u679c\u90fd\u662f\u4e00\u6837\u7684\u8fd4\u56de<\/p>\n
    \r\n$ dig -t ns @192.5.6.30 twitter.com\r\n\r\n; <<>> DiG 9.8.3-P1 <<>> -t ns @192.5.6.30 twitter.com\r\n; (1 server found)\r\n;; global options: +cmd\r\n;; Got answer:\r\n;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56292\r\n;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 6, ADDITIONAL: 6\r\n;; WARNING: recursion requested but not available\r\n\r\n;; QUESTION SECTION:\r\n;twitter.com.\t\t\tIN\tNS\r\n\r\n;; AUTHORITY SECTION:\r\ntwitter.com.\t\t172800\tIN\tNS\tns3.p34.dynect.net.\r\ntwitter.com.\t\t172800\tIN\tNS\tns4.p34.dynect.net.\r\ntwitter.com.\t\t172800\tIN\tNS\tr01-01.ns.twtrdns.net.\r\ntwitter.com.\t\t172800\tIN\tNS\tr01-02.ns.twtrdns.net.\r\ntwitter.com.\t\t172800\tIN\tNS\td01-01.ns.twtrdns.net.\r\ntwitter.com.\t\t172800\tIN\tNS\td01-02.ns.twtrdns.net.\r\n\r\n;; ADDITIONAL SECTION:\r\nns3.p34.dynect.net.\t172800\tIN\tA\t208.78.71.34\r\nns4.p34.dynect.net.\t172800\tIN\tA\t204.13.251.34\r\nr01-01.ns.twtrdns.net.\t172800\tIN\tA\t205.251.195.113\r\nr01-02.ns.twtrdns.net.\t172800\tIN\tA\t205.251.197.74\r\nd01-01.ns.twtrdns.net.\t172800\tIN\tA\t208.78.70.34\r\nd01-02.ns.twtrdns.net.\t172800\tIN\tA\t204.13.250.34\r\n\r\n;; Query time: 171 msec\r\n;; SERVER: 192.5.6.30#53(192.5.6.30)\r\n;; WHEN: Wed Sep 27 16:00:31 2017\r\n;; MSG SIZE  rcvd: 270\r\n<\/pre>\n
    \u5230\u8fd9\u91cc\u7684\u7ed3\u679c\u5c31\u548c\u521a\u624d\u4e0d\u4e00\u6837\u4e86\uff0c\u53ef\u4ee5\u770b\u5230\uff0c192.5.6.30 \u8fd9\u4e2a\u670d\u52a1\u5668\u6b63\u5e38\u8fd4\u56de\u4e86\u5e94\u8be5\u8d1f\u8d23\u89e3\u6790 twitter.com \u7684\u771f\u5b9e ns \u7684\u670d\u52a1\u5668\uff0c\u65e2\u7136\u90fd\u505a\u5230\u8fd9\u91cc\u4e86\uff0c\u5c31\u7ee7\u7eed\u4e0b\u53bb\u5427\uff0c\u7ee7\u7eed\u4ece\u91cc\u9762\u968f\u4fbf\u6293\u4e00\u4e2a\u51fa\u6765<\/p>\n
    \r\n$ dig @208.78.71.34 twitter.com any\r\n;; Truncated, retrying in TCP mode.\r\n\r\n; <<>> DiG 9.8.3-P1 <<>> @208.78.71.34 twitter.com any\r\n; (1 server found)\r\n;; global options: +cmd\r\n;; Got answer:\r\n;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16674\r\n;; flags: qr aa rd; QUERY: 1, ANSWER: 28, AUTHORITY: 0, ADDITIONAL: 0\r\n;; WARNING: recursion requested but not available\r\n\r\n;; QUESTION SECTION:\r\n;twitter.com.\t\t\tIN\tANY\r\n\r\n;; ANSWER SECTION:\r\ntwitter.com.\t\t293\tIN\tSOA\tns1.p26.dynect.net. zone-admin.dyndns.com. 2007137844 3600 600 604800 60\r\ntwitter.com.\t\t13999\tIN\tNS\tns2.p34.dynect.net.\r\ntwitter.com.\t\t13999\tIN\tNS\tr01-02.ns.twtrdns.net.\r\ntwitter.com.\t\t13999\tIN\tNS\tr01-01.ns.twtrdns.net.\r\ntwitter.com.\t\t13999\tIN\tNS\td01-02.ns.twtrdns.net.\r\ntwitter.com.\t\t13999\tIN\tNS\td01-01.ns.twtrdns.net.\r\ntwitter.com.\t\t13999\tIN\tNS\tns3.p34.dynect.net.\r\ntwitter.com.\t\t13999\tIN\tNS\tns1.p34.dynect.net.\r\ntwitter.com.\t\t13999\tIN\tNS\tns4.p34.dynect.net.\r\ntwitter.com.\t\t79\tIN\tA\t199.59.148.10\r\ntwitter.com.\t\t79\tIN\tA\t199.16.156.6\r\ntwitter.com.\t\t79\tIN\tA\t199.59.150.7\r\ntwitter.com.\t\t79\tIN\tA\t199.16.156.102\r\ntwitter.com.\t\t79\tIN\tA\t199.16.156.38\r\ntwitter.com.\t\t79\tIN\tA\t199.16.156.70\r\ntwitter.com.\t\t79\tIN\tA\t199.59.149.198\r\ntwitter.com.\t\t79\tIN\tA\t199.16.156.198\r\ntwitter.com.\t\t79\tIN\tA\t199.59.149.230\r\ntwitter.com.\t\t79\tIN\tA\t199.59.148.82\r\ntwitter.com.\t\t79\tIN\tA\t199.16.156.230\r\ntwitter.com.\t\t79\tIN\tA\t199.59.150.39\r\ntwitter.com.\t\t300\tIN\tTXT\t"v=spf1 ip4:199.16.156.0\/22 ip4:199.59.148.0\/22 ip4:8.25.194.0\/23 ip4:8.25.196.0\/23 ip4:204.92.114.203 ip4:204.92.114.204\/31 ip4:23.21.83.90 include:_spf.google.com include:_thirdparty.twitter.com -all"\r\ntwitter.com.\t\t300\tIN\tTXT\t"google-site-verification=h6dJIv0HXjLOkGAotLAWEzvoi9SxqP4vjpx98vrCvvQ"\r\ntwitter.com.\t\t600\tIN\tMX\t10 aspmx.l.google.com.\r\ntwitter.com.\t\t600\tIN\tMX\t20 alt2.aspmx.l.google.com.\r\ntwitter.com.\t\t600\tIN\tMX\t30 ASPMX3.GOOGLEMAIL.COM.\r\ntwitter.com.\t\t600\tIN\tMX\t20 alt1.aspmx.l.google.com.\r\ntwitter.com.\t\t600\tIN\tMX\t30 ASPMX2.GOOGLEMAIL.COM.\r\n\r\n;; Query time: 21 msec\r\n;; SERVER: 208.78.71.34#53(208.78.71.34)\r\n;; WHEN: Wed Sep 27 16:01:08 2017\r\n;; MSG SIZE  rcvd: 891\r\n<\/pre>\n
    \u6211\u4eec\u53ef\u4ee5\u53d1\u73b0\u6302\u4e0a VPN \u4e4b\u540e\u7684\u89e3\u6790\u6d41\u7a0b\u624d\u662f\u6b63\u786e\u65e0\u8bef\u7684\u8fc7\u7a0b\uff0c\u4f46\u662f\u4e3a\u4ec0\u4e48\u4e0d\u6302\u4e0a\u5c31\u4e0d\u80fd\u6b63\u786e\u89e3\u6790\uff1f\u81ea\u7136\u662f DNS \u670d\u52a1\u5668\u88ab\u6c61\u67d3\u4e86\u3002\u5e76\u4e14\u62e6\u622a\u7684\u65b9\u5f0f\u4f3c\u4e4e\u4e5f\u5f88\u5f31\u667a\uff0c\u53d1\u73b0 UDP 53 \u53e3\u7684\u5305\u5e26\u6709 twitter.com \u5b57\u6837\uff0c\u76f4\u63a5\u8fd4\u56de\u4e00\u4e2a\u968f\u5373\u3001\u80e1\u7f16\u51fa\u6765\u7684 IP \u5730\u5740\uff0c\u4e5f\u4e0d\u7ba1\u4eba\u5bb6\u5230\u5e95\u662f\u4e0d\u662f\u76f4\u63a5\u8981\u53bb\u67e5 twitter.com \u7684 A \u8bb0\u5f55\u3002\u4e3a\u4e86\u8bc1\u660e\u8fd9\u79cd\u731c\u60f3\uff0c\u7ee7\u7eed\u505a\u4e00\u4e9b\u8bd5\u9a8c\u5427\u3002\u4e0d\u5982\u53d1\u4e00\u4e2a\u9519\u8bef\u7684 DNS \u5305\u51fa\u53bb\uff0c\u770b\u770b\u8fd4\u56de\u4ec0\u4e48\u7ed3\u679c\u3002<\/p>\n
    \r\n$ dig @202.204.49.251 twitter.com -t ns --->> \u67e5\u8be2\u7684\u670d\u52a1\u5668\u662f 202.204.48.251\r\n\r\n; <<>> DiG 9.8.3-P1 <<>> @202.204.49.251 twitter.com -t ns\r\n; (1 server found)\r\n;; global options: +cmd\r\n;; Got answer:\r\n;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28290\r\n;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0\r\n\r\n;; QUESTION SECTION:\r\n;twitter.com.\t\t\tIN\tNS\r\n\r\n;; ANSWER SECTION:\r\ntwitter.com.\t\t64\tIN\tA\t243.185.187.39\r\n\r\n;; Query time: 24 msec\r\n;; SERVER: 202.204.49.251#53(202.204.49.251)\r\n;; WHEN: Wed Sep 27 16:02:43 2017\r\n;; MSG SIZE  rcvd: 45\r\n<\/pre>\n
    \u8fd9\u91cc\u7684\u670d\u52a1\u5668\u662f iBeiKe \u5728\u6559\u80b2\u7f51\u5185\u7684\u670d\u52a1\u5668\uff0c\u5bf9\u4e8e\u5916\u7f51\u6ca1\u6709\u5f00\u9664\u4e86 80 \u7684\u4efb\u4f55\u53e3\uff0c\u800c\u4e14\u4e5f\u6ca1\u6709 53 \u7684 UDP \u5f00\u7740\uff0c\u679c\u7136\uff0c\u591f\u5f31\u667a\uff01<\/p>\n
    tcpdump \u6293\u5305<\/h1>\n
    tcpdump \u8fd9\u4e2a\u4e1c\u897f\u867d\u7136\u53eb\u505a tcpdump\uff0c\u4f46\u662f UDP \u6293\u8d77\u6765\u4e5f\u6ca1\u6709\u95ee\u9898\uff0c\u968f\u4fbf\u6293\u6293 DNS \u7684\u89e3\u6790\u5305\uff0c\u4e0d\u9700\u8981\u4ec0\u4e48\u91cd\u578b\u6b66\u5668\uff0c\u8fd9\u79cd\u8f7b\u91cf\u7ea7\u522b\u5c31\u5f88\u597d\u7528\u4e86\u3002\u73af\u5883\u548c\u4e0a\u9762\u4e00\u6837\uff0c\u6211\u7528\u7684\u65e0\u7ebf\u7f51\u7edc\uff0c\u6240\u4ee5\u5728 Mac OS X \u7684\u63a5\u53e3\u5c31\u662f en1 \u4e86\u3002\u4e0d\u4e0a VPN \u770b\u770b\u7ed3\u679c\u5982\u4f55\u5427<\/p>\n
    \r\n$ sudo tcpdump -i en1 -vvv udp\r\n\r\n16:05:10.189549 IP (tos 0x0, ttl 64, id 51997, offset 0, flags [none], proto UDP (17), length 57)\r\n    192.168.0.86.61289 > a.gtld-servers.net.domain: [udp sum ok] 4731+ NS? twitter.com. (29)\r\n16:05:10.190103 IP (tos 0x0, ttl 255, id 51444, offset 0, flags [none], proto UDP (17), length 69)\r\n    192.168.0.86.53167 > ns.szptt.net.cn.domain: [udp sum ok] 14187+ PTR? 30.6.5.192.in-addr.arpa. (41)\r\n16:05:10.200364 IP (tos 0x0, ttl 45, id 59500, offset 0, flags [DF], proto UDP (17), length 73)\r\n\r\n# \u5047\u7684\u7ed3\u679c\u8fd4\u56de\r\n\r\n    a.gtld-servers.net.domain > 192.168.0.86.61289: [udp sum ok] 4731 q: NS? twitter.com. 1\/0\/0 twitter.com. [1m38s] A 59.24.3.173 (45)\r\n16:05:10.201166 IP (tos 0x0, ttl 197, id 55906, offset 0, flags [none], proto UDP (17), length 84)\r\n    a.gtld-servers.net.domain > 192.168.0.86.61289: [udp sum ok] 4731* q: NS? twitter.com. 1\/0\/0 twitter.com. [1m] A 59.24.3.174 (56)\r\n16:05:10.258033 IP (tos 0x0, ttl 51, id 56581, offset 0, flags [none], proto UDP (17), length 298)\r\n\r\n# \u6b63\u786e\u7684\u8fd4\u56de\r\n\r\n    a.gtld-servers.net.domain > 192.168.0.86.61289: [udp sum ok] 4731- q: NS? twitter.com. 0\/6\/6 ns: twitter.com. [2d] NS ns3.p34.dynect.net., twitter.com. [2d] NS ns4.p34.dynect.net., twitter.com. [2d] NS r01-01.ns.twtrdns.net., twitter.com. [2d] NS r01-02.ns.twtrdns.net., twitter.com. [2d] NS d01-01.ns.twtrdns.net., twitter.com. [2d] NS d01-02.ns.twtrdns.net. ar: ns3.p34.dynect.net. [2d] A 208.78.71.34, ns4.p34.dynect.net. [2d] A 204.13.251.34, r01-01.ns.twtrdns.net. [2d] A 205.251.195.113, r01-02.ns.twtrdns.net. [2d] A 205.251.197.74, d01-01.ns.twtrdns.net. [2d] A 208.78.70.34, d01-02.ns.twtrdns.net. [2d] A 204.13.250.34 (270)\r\n16:05:10.429786 IP (tos 0x0, ttl 51, id 0, offset 0, flags [none], proto UDP (17), length 73)\r\n\r\n    a.gtld-servers.net.domain > 192.168.0.86.61289: [udp sum ok] 4731 q: NS? twitter.com. 1\/0\/0 twitter.com. [3m29s] A 78.16.49.15 (45)\r\n16:05:10.718695 IP (tos 0x0, ttl 59, id 0, offset 0, flags [DF], proto UDP (17), length 101)\r\n    ns.szptt.net.cn.domain > 192.168.0.86.53167: [udp sum ok] 14187 q: PTR? 30.6.5.192.in-addr.arpa. 1\/0\/0 30.6.5.192.in-addr.arpa. [1d] PTR a.gtld-servers.net. (73)\r\n16:05:11.124993 IP (tos 0x0, ttl 4, id 27621, offset 0, flags [none], proto UDP (17), length 157)\r\n    192.168.0.119.63409 > 239.255.255.250.ssdp: [udp sum ok] UDP, length 129\r\n16:05:11.125357 IP (tos 0x0, ttl 1, id 29662, offset 0, flags [none], proto UDP (17), length 304)\r\n    192.168.0.149.50587 > 239.255.255.250.ssdp: [udp sum ok] UDP, length 276\r\n16:05:11.227349 IP (tos 0x0, ttl 4, id 27623, offset 0, flags [none], proto UDP (17), length 157)\r\n    192.168.0.119.63409 > 239.255.255.250.ssdp: [udp sum ok] UDP, length 129\r\n<\/pre>\n
    \u5514\uff0c\u6709\u4eba\u62a2\u5728\u6b63\u786e\u7684\u5305\u4e4b\u524d\u8dd1\u6765\u4e86\u3002\u4f60\u4e3a\u4ec0\u4e48\u8fd9\u4e48\u79ef\u6781\u5462\uff1f\u4e3a\u4ec0\u4e48\u5462\u2026<\/p>\n
    \u8f6c\u81ea\uff1ahttps:\/\/2.botu.me\/post\/2763.html<\/p>\n","protected":false},"excerpt":{"rendered":"
    \u539f\u7406 \u65e2\u7136\u8bf4\u8d77 DNS \u548c\u5176\u6c61\u67d3\u95ee\u9898\uff0c\u5c31\u4e0d\u5f97\u4e0d\u5148\u770b\u770b DNS \u7cfb\u7edf\u662f\u5982\u4f55\u5de5\u4f5c\u7684\uff0c\u8fd9\u4e2a\u81ea\u4ece\u4e0a\u4e2a\u4e16\u7eaa80\u51fa\u73b0\u7684\u65b9\u4fbf […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-6340","post","type-post","status-publish","format-standard","hentry","category-skill"],"_links":{"self":[{"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/posts\/6340","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/comments?post=6340"}],"version-history":[{"count":2,"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/posts\/6340\/revisions"}],"predecessor-version":[{"id":6344,"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/posts\/6340\/revisions\/6344"}],"wp:attachment":[{"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/media?parent=6340"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/categories?post=6340"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kyle.ai\/blog\/wp-json\/wp\/v2\/tags?post=6340"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}