DNS解析过程
发表于 · 归类于
技术 · 阅读完需 69 分钟 ·
阅读量 报告错误
背景:
DNS解析有很多疑问,比如说:localDNS是怎么知道根域名服务器IP的;cn.的NS记录为a.dns.cn.,这样不就造成死循环了吗;根域名服务器返回的是一个域名,然后,我又要怎么去查询?
笔记
(〇)基本知识
(1)域名类型
顶级域名后缀列表
(1)解析类型:
| 记录类型 | 作用 |
|---|
| A记录 | 记录IPv4地址 |
| CNAME记录 | 别名记录 |
| AAAA记录 | 记录IPv6地址 |
(一)DNS解析流程
(1)hosts文件查询
(2)浏览器缓存
(3)localDNS缓存
(4)根服务器->NS服务器递归查询
(二)根服务器
在IPv4中,因为历史技术网络传输限制,必须让所有的根服务器数据能包含在一个512字节的UDP包中,13台根服务器的域名分别是[a-m].root-servers.net.。其中IP地址占52字节,头部占8字节。
在IPv6中,根服务器数据包含在一个4096字节的UDP包中,所以可以容纳25个根服务器信息。
查看方法,安装named软件,cat /var/named/named.ca即可看到13台根服务器的IPv4地址和IPv6地址。也就是在递归服务器来说,凡是要请求13台根服务器地址,就直接访问这个文件,获取出域名及IP。
在IPv6中,部署在我国的4台DNS根服务器域名为bii.dns-lab.net(北京,主根),yeti-ns[1-3].dns-lab.net(3台辅根,南京、成都、广州)
该DNS服务器作为递归服务器,类似于LocalDNS。
(三)DNS服务器和dig操作
opcode: 操作码,QUERY,代表是查询操作;
status: 状态,NOERROR,代表没有错误;
id: 编号,60954,16bit数字,在dns协议中,通过编号匹配返回和查询.
flags: 标志,如果出现就表示有标志,如果不出现,就表示为设置标志:
qr query,查询标志,代表是查询操作
rd recursion desired,代表希望进行递归查询操作;
ra recursive available在返回中设置,代表查询的服务器支持递归查询操作;
aa Authoritative Answer权威回复,如果查询结果由管理域名的域名服务器而不是缓存服务器提供的,则
解析(仅供参考)
[root@aliecs runtime]# dig host.taobao.com
; <<>> DiG 9.9.4-RedHat-9.9.4-73.el7_6 <<>> host.taobao.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46904
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;host.taobao.com. IN A
;; ANSWER SECTION:
host.taobao.com. 1800 IN CNAME shop.taobao.com.
shop.taobao.com. 32 IN CNAME na61-na62.wagbridge.alibaba.taobao.com.
na61-na62.wagbridge.alibaba.taobao.com. 83 IN CNAME na61-na62.wagbridge.alibaba.taobao.com.gds.alibabadns.com.
na61-na62.wagbridge.alibaba.taobao.com.gds.alibabadns.com. 84 IN A 203.119.175.227
;; Query time: 25 msec
;; SERVER: 100.100.2.136#53(100.100.2.136)
;; WHEN: Thu Aug 29 14:20:04 CST 2019
;; MSG SIZE rcvd: 189
(四)Trace解析
[root@aliecs ~]# dig ayouleyang.cn AAAA +trace
; <<>> DiG 9.9.4-RedHat-9.9.4-74.el7_6.2 <<>> ayouleyang.cn AAAA +trace
;; global options: +cmd
. 268178 IN NS j.root-servers.net.
. 268178 IN NS i.root-servers.net.
. 268178 IN NS k.root-servers.net.
. 268178 IN NS f.root-servers.net.
. 268178 IN NS b.root-servers.net.
. 268178 IN NS l.root-servers.net.
. 268178 IN NS m.root-servers.net.
. 268178 IN NS d.root-servers.net.
. 268178 IN NS h.root-servers.net.
. 268178 IN NS a.root-servers.net.
. 268178 IN NS e.root-servers.net.
. 268178 IN NS c.root-servers.net.
. 268178 IN NS g.root-servers.net.
. 500495 IN RRSIG NS 8 0 518400 20190929170000 20190916160000 59944 . rhQQ8tC8JbevwGjhGd65tIGRUcRlBvYXzNxzgomNYmVMGli7ptx4rjBP +mOBicBCiQYXi1dAH8Br3QqwR8MAb45BL8IxS/X+jn9e7Dd7jBWZguMf Qaqk6Kr5XtAtoH6+hB2FD9MBTVYD5rXeP+cv+uo60tko76FZNfiSZgEM yBRBzBp/11WvxI+wS6jiA+3BHF6sxZC61rg0PFrckb67Nfwww0lsdJPK BSd2NgKQz64wwvC9VB+M0BtdxRPFrZ7k2enOJccHTDBF55zgDV1nDi8W s79d01jsWLjM8bnUVeCoIywtwX1N+LeUwnxVSyMxk2cJ+fkOS4PQgorj 8Tus8w==
;; Received 525 bytes from 100.100.2.136#53(100.100.2.136) in 353 ms
cn. 172800 IN NS ns.cernet.net.
cn. 172800 IN NS g.dns.cn.
cn. 172800 IN NS f.dns.cn.
cn. 172800 IN NS b.dns.cn.
cn. 172800 IN NS d.dns.cn.
cn. 172800 IN NS a.dns.cn.
cn. 172800 IN NS c.dns.cn.
cn. 172800 IN NS e.dns.cn.
cn. 86400 IN DS 57724 8 2 5D0423633EB24A499BE78AA22D1C0C9BA36218FF49FD95A4CDF1A4AD 97C67044
cn. 86400 IN RRSIG DS 8 1 86400 20190930050000 20190917040000 59944 . gILn4or/SX6xYErB+peeiZuKaRtO6Ti+SJ3Zb//seqeeFpfdr9EqAe41 MBqzZYdE2tpbjfT4tu1r61M/ZKiiHNNM8SDkQNIGk6H0uxIGxWpxgtkL eGibbPasUnrFN/33DjDS4WakWrcc6R6kaXAp1U52k1TFWmBRzr09tRs9 0nt5YpeEvQYNT0AUMWWbvX9L/f3nwCKfJ4IMVXweoM5uNpXxaSlDplRo ac+RWlzxhHeyWUQM8SaHOt9Mh0vULpdXlgI+rb3pQhXTRQgi98+4kh0E 3XF1hIFWM222Y9hkxkQxxvktmTvtnoc7WUX5EmWzEaX++60F/RJggKZz uS/RZg==
;; Received 704 bytes from 192.36.148.17#53(i.root-servers.net) in 331 ms
ayouleyang.cn. 86400 IN NS f1g1ns2.dnspod.net.
ayouleyang.cn. 86400 IN NS f1g1ns1.dnspod.net.
3QDAQA092EE5BELP64A74EBNB8J53D7E.cn. 21600 IN NSEC3 1 1 10 AEF123AB 3QLMP0QRNQ96G5AFGOPNB7U7IJ4MBP4B NS SOA RRSIG DNSKEY NSEC3PARAM
3QDAQA092EE5BELP64A74EBNB8J53D7E.cn. 21600 IN RRSIG NSEC3 8 2 21600 20191003083944 20190903073944 38388 cn. nBPCAciEgwp2mirCXaGWBtYbQXJbWYmWhtuCCvtbSBXRM0k1MT97kjBZ SFuMBHobaSl+ExBInvrVfgvlLEwcxuwrTzr0lMOdC8vOJWPA0JJBlN3Z gQ6/tb57tDY7PaZ6DdtNkV/CCPE3las0/hSSdNO9CuutrUYnLgPEKta4 psU=
CJRTHDI18QUG65U71KP3AG4VVS62PB8I.cn. 21600 IN NSEC3 1 1 10 AEF123AB CK4H42IGVVPNP7G5N48DNRRVC7AF3F51 CNAME RRSIG
CJRTHDI18QUG65U71KP3AG4VVS62PB8I.cn. 21600 IN RRSIG NSEC3 8 2 21600 20191003083944 20190903073944 38388 cn. OGlsfIQReAddiJd0BBntKw5qJ2yljBbkdr4IC3BB/X+HQbYJ6tDH6JxH 2peLcN2Qe7yAkhTxWSQuGL6yhrkhuzSGlvHL5VUEpYwSR8Xx7Ryi+Kk7 TRAqgQLLGSHbExM5vFO3ac5YzXtZ6N0jp3M717z+CTMcBQE/bzRLTeh9 Gno=
;; Received 587 bytes from 203.119.26.1#53(b.dns.cn) in 79 ms
ayouleyang.cn. 600 IN AAAA 240e:e9:a001:2:21e:67ff:fe88:8be5
ayouleyang.cn. 86400 IN NS f1g1ns2.dnspod.net.
ayouleyang.cn. 86400 IN NS f1g1ns1.dnspod.net.
;; Received 134 bytes from 111.161.57.81#53(f1g1ns2.dnspod.net) in 5 ms
(1)向递归DNS查询根服务器信息100.100.2.136,返回根服务器列表和IP(看不见)
(2)向根服务器i.root-servers.net(192.36.148.17)查询cn.的 NS 记录。
(3)向顶级域名服务器b.dns.cn(203.119.26.1)查询ayouleyang.cn.的 NS 记录。收到f1g1ns1.dnspod.net.和IP。
(4)向域名服务器f1g1ns2.dnspod.net(111.161.57.81)查询ayouleyang.cn.的 AAAA 记录。收到IP为:240e:e9:a001:2:21e:67ff:fe88:8be5。
(五)抓包
DNS客户端IP是1.204.25.92,执行了ping host.taobao.com命令。
在DNS服务器抓包得到以下结果:
[root@test named]# tcpdump -X -i eth0 -vvvv -n port 53
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
16:52:19.652007 IP (tos 0x0, ttl 116, id 13073, offset 0, flags [none], proto UDP (17), length 61)
1.204.25.92.35906 > 172.16.0.14.domain: [udp sum ok] 27187+ A? host.taobao.com. (33)
0x0000: 4500 003d 3311 0000 7411 4c59 01cc 195c E..=3...t.LY...\
0x0010: ac10 000e 8c42 0035 0029 9ec4 6a33 0100 .....B.5.)..j3..
0x0020: 0001 0000 0000 0000 0468 6f73 7406 7461 .........host.ta
0x0030: 6f62 616f 0363 6f6d 0000 0100 01 obao.com.....
1.204.25.92:35906 向 172.16.0.14:domain(DNS递归服务器) 端口查询 host.taobao.com.
16:52:19.652459 IP (tos 0x0, ttl 64, id 49508, offset 0, flags [none], proto UDP (17), length 72)
172.16.0.14.51437 > 140.205.122.34.domain: [bad udp cksum 0xb353 -> 0x8027!] 53532 [1au] A? host.taobao.com. ar: . OPT UDPsize=4096 DO (44)
0x0000: 4500 0048 c164 0000 4011 0633 ac10 000e E..H.d..@..3....
0x0010: 8ccd 7a22 c8ed 0035 0034 b353 d11c 0000 ..z"...5.4.S....
0x0020: 0001 0000 0000 0001 0468 6f73 7406 7461 .........host.ta
0x0030: 6f62 616f 0363 6f6d 0000 0100 0100 0029 obao.com.......)
0x0040: 1000 0000 8000 0000 ........
172.16.0.14:51437(DNS递归服务器) 向 140.205.122.34:domain 查询 host.taobao.com.
16:52:19.684333 IP (tos 0x68, ttl 114, id 49508, offset 0, flags [none], proto UDP (17), length 101)
140.205.122.34.domain > 172.16.0.14.51437: [no cksum] 53532*- q: A? host.taobao.com. 1/0/1 host.taobao.com. [30m] CNAME shop.taobao.com. ar: . OPT UDPsize=4096 (73)
0x0000: 4568 0065 c164 0000 7211 d3ad 8ccd 7a22 Eh.e.d..r.....z"
0x0010: ac10 000e 0035 c8ed 0051 0000 d11c 8400 .....5...Q......
0x0020: 0001 0001 0000 0001 0468 6f73 7406 7461 .........host.ta
0x0030: 6f62 616f 0363 6f6d 0000 0100 01c0 0c00 obao.com........
0x0040: 0500 0100 0007 0800 1104 7368 6f70 0674 ..........shop.t
0x0050: 616f 6261 6f03 636f 6d00 0000 2910 0000 aobao.com...)...
0x0060: 0000 0000 00 .....
16:52:19.685197 IP (tos 0x0, ttl 64, id 49333, offset 0, flags [none], proto UDP (17), length 67)
172.16.0.14.ratio-adp > 192.33.14.30.domain: [bad udp cksum 0x7a9e -> 0xe79f!] 26003 [1au] DS? taobao.com. ar: . OPT UDPsize=4096 DO (39)
0x0000: 4500 0043 c0b5 0000 4011 3f97 ac10 000e E..C....@.?.....
0x0010: c021 0e1e 0454 0035 002f 7a9e 6593 0000 .!...T.5./z.e...
0x0020: 0001 0000 0000 0001 0674 616f 6261 6f03 .........taobao.
0x0030: 636f 6d00 002b 0001 0000 2910 0000 0080 com..+....).....
0x0040: 0000 00 ...
172.16.0.14(DNS递归服务器) 向 192.33.14.30 查询 taobao.com.
16:52:19.905861 IP (tos 0x0, ttl 44, id 448, offset 0, flags [none], proto UDP (17), length 788)
192.33.14.30.domain > 172.16.0.14.ratio-adp: [udp sum ok] 26003*- q: DS? taobao.com. 0/6/1 ns: CK0POJMG874LJREF7EFN8430QVIT8BSM.com. [1d] Type50, CK0POJMG874LJREF7EFN8430QVIT8BSM.com. [1d] RRSIG, com. [15m] SOA a.gtld-servers.net. nstld.verisign-grs.com. 1563785520 1800 900 604800 86400, com. [15m] RRSIG, D9N2NBDP552JID7GKU1AT4Q7OVJ57K56.com. [1d] Type50, D9N2NBDP552JID7GKU1AT4Q7OVJ57K56.com. [1d] RRSIG ar: . OPT UDPsize=4096 DO (760)
0x0000: 4500 0314 01c0 0000 2c11 0fbc c021 0e1e E.......,....!..
0x0010: ac10 000e 0035 0454 0300 78d0 6593 8400 .....5.T..x.e...
0x0020: 0001 0000 0006 0001 0674 616f 6261 6f03 .........taobao.
0x0030: 636f 6d00 002b 0001 2043 4b30 504f 4a4d com..+...CK0POJM
0x0040: 4738 3734 4c4a 5245 4637 4546 4e38 3433 G874LJREF7EFN843
0x0050: 3051 5649 5438 4253 4dc0 1300 3200 0100 0QVIT8BSM...2...
0x0060: 0151 8000 2301 0100 0000 1465 01a0 c257 .Q..#......e...W
0x0070: 20ee 156f 6c4e 3963 6b3a da03 12d9 2a00 ...olN9ck:....*.
0x0080: 0722 0000 0000 0290 c01c 002e 0001 0001 ."..............
0x0090: 5180 0097 0032 0802 0001 5180 5d3a 8515 Q....2....Q.]:..
0x00a0: 5d31 3a2d 452c 0363 6f6d 00a5 104f e784 ]1:-E,.com...O..
0x00b0: a2df 518d 31c5 19af 90bd 688d 00b5 957c ..Q.1.....h....|
0x00c0: ac8d 361e 29d6 e887 89d0 4990 3cbd f2bd ..6.).....I.<...
0x00d0: 7ca3 d524 137a 6593 f028 babc 9a77 a915 |..$.ze..(...w..
0x00e0: a9f6 8d50 cc38 2bbf 42ed 7e3a e9b1 a7c9 ...P.8+.B.~:....
0x00f0: 1f7d bdd4 d76e 6ae3 1730 28dc 819a a151 .}...nj..0(....Q
0x0100: 5d08 6b34 1b8d a184 2fd5 4314 511d d976 ].k4..../.C.Q..v
0x0110: 2727 6d1f 6d71 4d63 4eba e0ed ec63 06bc ''m.mqMcN....c..
0x0120: ac22 c7f2 e107 bf46 319c 14c0 1300 0600 .".....F1.......
0x0130: 0100 0003 8400 3d01 610c 6774 6c64 2d73 ......=.a.gtld-s
0x0140: 6572 7665 7273 036e 6574 0005 6e73 746c ervers.net..nstl
0x0150: 640c 7665 7269 7369 676e 2d67 7273 c013 d.verisign-grs..
0x0160: 5d35 7930 0000 0708 0000 0384 0009 3a80 ]5y0..........:.
0x0170: 0001 5180 c013 002e 0001 0000 0384 0097 ..Q.............
0x0180: 0006 0801 0000 0384 5d3e b3b0 5d35 68c8 ........]>..]5h.
0x0190: 452c 0363 6f6d 0001 43ff b906 93f8 9508 E,.com..C.......
0x01a0: bc4a a4e0 ca20 78f0 af39 2379 a072 7520 .J....x..9#y.ru.
0x01b0: 628a c8e7 61ce 602c 9274 297e 4573 7175 b...a.`,.t)~Esqu
0x01c0: 1d85 3fba cb55 3941 3c6c 8978 b27d 9caf ..?..U9A<l.x.}..
0x01d0: 4cac ed9d 9ab8 0a04 d5b6 25a6 9f96 3dc4 L.........%...=.
0x01e0: e894 be85 d081 2691 7d85 8a4a 5f4e fa6a ......&.}..J_N.j
0x01f0: 28f9 9230 865e fe33 b610 e348 b9db 09ef (..0.^.3...H....
0x0200: 4b41 3eb1 5dab 3de4 f44f 0bd8 ce11 e363 KA>.].=..O.....c
0x0210: f597 6e29 bafd 9320 4439 4e32 4e42 4450 ..n)....D9N2NBDP
0x0220: 3535 324a 4944 3747 4b55 3141 5434 5137 552JID7GKU1AT4Q7
0x0230: 4f56 4a35 374b 3536 c013 0032 0001 0001 OVJ57K56...2....
0x0240: 5180 0022 0101 0000 0014 6a6e 41f7 1b6b Q.."......jnA..k
0x0250: 9c84 45da 7a24 79b2 667d 100b b410 0006 ..E.z$y.f}......
0x0260: 2000 0000 0012 c1fb 002e 0001 0001 5180 ..............Q.
0x0270: 0097 0032 0802 0001 5180 5d3e 8397 5d35 ...2....Q.]>..]5
0x0280: 38af 452c 0363 6f6d 003b 65c3 4d34 617a 8.E,.com.;e.M4az
0x0290: a88b 3c0c 195e 4541 e1f1 cdf1 8d0e 5715 ..<..^EA......W.
0x02a0: 1f28 9c0e 6d69 5ef5 8b2a c1f6 1d86 0d06 .(..mi^..*......
0x02b0: cb54 8182 cfd3 6b75 e720 ae0f daf0 eb4b .T....ku.......K
0x02c0: eb97 0b75 d0d0 0a73 de68 b55c 6d7c 6c9f ...u...s.h.\m|l.
0x02d0: 8032 2d4b fdb9 9010 7e83 c688 bd0e 0192 .2-K....~.......
0x02e0: cfbd a37d 5c28 7eb0 8b35 99e5 5728 f55c ...}\(~..5..W(.\
0x02f0: 6d66 c8db 4f41 85e1 6cb6 7563 27dc 01d7 mf..OA..l.uc'...
0x0300: b9f7 a76d 89d0 2dff 0f00 0029 1000 0000 ...m..-....)....
0x0310: 8000 0000 ....
192.33.14.30 响应了很多数据
16:52:19.907384 IP (tos 0x0, ttl 64, id 683, offset 0, flags [none], proto UDP (17), length 72)
172.16.0.14.33425 > 106.11.35.25.domain: [bad udp cksum 0x3988 -> 0x7815!] 42063 [1au] A? shop.taobao.com. ar: . OPT UDPsize=4096 DO (44)
0x0000: 4500 0048 02ab 0000 4011 3eb8 ac10 000e E..H....@.>.....
0x0010: 6a0b 2319 8291 0035 0034 3988 a44f 0000 j.#....5.49..O..
0x0020: 0001 0000 0000 0001 0473 686f 7006 7461 .........shop.ta
0x0030: 6f62 616f 0363 6f6d 0000 0100 0100 0029 obao.com.......)
0x0040: 1000 0000 8000 0000 ........
###
16:52:19.948549 IP (tos 0x68, ttl 113, id 683, offset 0, flags [none], proto UDP (17), length 124)
106.11.35.25.domain > 172.16.0.14.33425: [no cksum] 42063*- q: A? shop.taobao.com. 1/0/1 shop.taobao.com. [2m] CNAME na61-na62.wagbridge.alibaba.taobao.com. ar: . OPT UDPsize=4096 (96)
0x0000: 4568 007c 02ab 0000 7111 0d1c 6a0b 2319 Eh.|....q...j.#.
0x0010: ac10 000e 0035 8291 0068 0000 a44f 8400 .....5...h...O..
0x0020: 0001 0001 0000 0001 0473 686f 7006 7461 .........shop.ta
0x0030: 6f62 616f 0363 6f6d 0000 0100 01c0 0c00 obao.com........
0x0040: 0500 0100 0000 7800 2809 6e61 3631 2d6e ......x.(.na61-n
0x0050: 6136 3209 7761 6762 7269 6467 6507 616c a62.wagbridge.al
0x0060: 6962 6162 6106 7461 6f62 616f 0363 6f6d ibaba.taobao.com
0x0070: 0000 0029 1000 0000 0000 0000 ...)........
16:52:19.949466 IP (tos 0x0, ttl 64, id 1631, offset 0, flags [none], proto UDP (17), length 95)
172.16.0.14.17351 > 106.11.35.26.domain: [bad udp cksum 0x39a0 -> 0x3a4e!] 64880 [1au] A? na61-na62.wagbridge.alibaba.taobao.com. ar: . OPT UDPsize=4096 DO (67)
0x0000: 4500 005f 065f 0000 4011 3aec ac10 000e E.._._..@.:.....
0x0010: 6a0b 231a 43c7 0035 004b 39a0 fd70 0000 j.#.C..5.K9..p..
0x0020: 0001 0000 0000 0001 096e 6136 312d 6e61 .........na61-na
0x0030: 3632 0977 6167 6272 6964 6765 0761 6c69 62.wagbridge.ali
0x0040: 6261 6261 0674 616f 6261 6f03 636f 6d00 baba.taobao.com.
0x0050: 0001 0001 0000 2910 0000 0080 0000 00 ......)........
请求包。
16:52:19.993238 IP (tos 0x68, ttl 113, id 1631, offset 0, flags [none], proto UDP (17), length 166)
106.11.35.26.domain > 172.16.0.14.17351: [no cksum] 64880*- q: A? na61-na62.wagbridge.alibaba.taobao.com. 1/0/1 na61-na62.wagbridge.alibaba.taobao.com. [5m] CNAME na61-na62.wagbridge.alibaba.taobao.com.gds.alibabadns.com. ar: . OPT UDPsize=4096 (138)
0x0000: 4568 00a6 065f 0000 7111 093d 6a0b 231a Eh..._..q..=j.#.
0x0010: ac10 000e 0035 43c7 0092 0000 fd70 8400 .....5C......p..
0x0020: 0001 0001 0000 0001 096e 6136 312d 6e61 .........na61-na
0x0030: 3632 0977 6167 6272 6964 6765 0761 6c69 62.wagbridge.ali
0x0040: 6261 6261 0674 616f 6261 6f03 636f 6d00 baba.taobao.com.
0x0050: 0001 0001 c00c 0005 0001 0000 012c 003b .............,.;
0x0060: 096e 6136 312d 6e61 3632 0977 6167 6272 .na61-na62.wagbr
0x0070: 6964 6765 0761 6c69 6261 6261 0674 616f idge.alibaba.tao
0x0080: 6261 6f03 636f 6d03 6764 730a 616c 6962 bao.com.gds.alib
0x0090: 6162 6164 6e73 0363 6f6d 0000 0029 1000 abadns.com...)..
0x00a0: 0000 0000 0000 ......
16:52:19.994023 IP (tos 0x0, ttl 64, id 39253, offset 0, flags [none], proto UDP (17), length 114)
172.16.0.14.40487 > 140.205.67.254.domain: [bad udp cksum 0x7d59 -> 0x041e!] 58257 [1au] A? na61-na62.wagbridge.alibaba.taobao.com.gds.alibabadns.com. ar: . OPT UDPsize=4096 DO (86)
0x0000: 4500 0072 9955 0000 4011 643c ac10 000e E..r.U..@.d<....
0x0010: 8ccd 43fe 9e27 0035 005e 7d59 e391 0000 ..C..'.5.^}Y....
0x0020: 0001 0000 0000 0001 096e 6136 312d 6e61 .........na61-na
0x0030: 3632 0977 6167 6272 6964 6765 0761 6c69 62.wagbridge.ali
0x0040: 6261 6261 0674 616f 6261 6f03 636f 6d03 baba.taobao.com.
0x0050: 6764 730a 616c 6962 6162 6164 6e73 0363 gds.alibabadns.c
0x0060: 6f6d 0000 0100 0100 0029 1000 0000 8000 om.......)......
0x0070: 0000 ..
请求包。
16:52:20.019355 IP (tos 0x68, ttl 115, id 39253, offset 0, flags [none], proto UDP (17), length 130)
140.205.67.254.domain > 172.16.0.14.40487: [no cksum] 58257*- q: A? na61-na62.wagbridge.alibaba.taobao.com.gds.alibabadns.com. 1/0/1 na61-na62.wagbridge.alibaba.taobao.com.gds.alibabadns.com. [2m] A 203.119.169.6 ar: . OPT UDPsize=4096 (102)
0x0000: 4568 0082 9955 0000 7311 30c4 8ccd 43fe Eh...U..s.0...C.
0x0010: ac10 000e 0035 9e27 006e 0000 e391 8400 .....5.'.n......
0x0020: 0001 0001 0000 0001 096e 6136 312d 6e61 .........na61-na
0x0030: 3632 0977 6167 6272 6964 6765 0761 6c69 62.wagbridge.ali
0x0040: 6261 6261 0674 616f 6261 6f03 636f 6d03 baba.taobao.com.
0x0050: 6764 730a 616c 6962 6162 6164 6e73 0363 gds.alibabadns.c
0x0060: 6f6d 0000 0100 01c0 0c00 0100 0100 0000 om..............
0x0070: 7800 04cb 77a9 0600 0029 1000 0000 0000 x...w....)......
0x0080: 0000 ..
16:52:20.020093 IP (tos 0x0, ttl 64, id 4687, offset 0, flags [none], proto UDP (17), length 71)
172.16.0.14.39180 > 192.54.112.30.domain: [bad udp cksum 0xdcb7 -> 0x37e9!] 17597 [1au] DS? alibabadns.com. ar: . OPT UDPsize=4096 DO (43)
0x0000: 4500 0047 124f 0000 4011 8be4 ac10 000e E..G.O..@.......
0x0010: c036 701e 990c 0035 0033 dcb7 44bd 0000 .6p....5.3..D...
0x0020: 0001 0000 0000 0001 0a61 6c69 6261 6261 .........alibaba
0x0030: 646e 7303 636f 6d00 002b 0001 0000 2910 dns.com..+....).
0x0040: 0000 0080 0000 00 .......
16:52:20.214745 IP (tos 0x60, ttl 116, id 13079, offset 0, flags [none], proto UDP (17), length 61)
1.204.25.92.35906 > 172.16.0.14.domain: [udp sum ok] 27187+ A? host.taobao.com. (33)
0x0000: 4560 003d 3317 0000 7411 4bf3 01cc 195c E`.=3...t.K....\
0x0010: ac10 000e 8c42 0035 0029 9ec4 6a33 0100 .....B.5.)..j3..
0x0020: 0001 0000 0000 0000 0468 6f73 7406 7461 .........host.ta
0x0030: 6f62 616f 0363 6f6d 0000 0100 01 obao.com.....
16:52:20.229622 IP (tos 0x0, ttl 51, id 27788, offset 0, flags [none], proto UDP (17), length 792)
192.54.112.30.domain > 172.16.0.14.39180: [udp sum ok] 17597*- q: DS? alibabadns.com. 0/6/1 ns: CK0POJMG874LJREF7EFN8430QVIT8BSM.com. [1d] Type50, CK0POJMG874LJREF7EFN8430QVIT8BSM.com. [1d] RRSIG, com. [15m] SOA a.gtld-servers.net. nstld.verisign-grs.com. 1563785520 1800 900 604800 86400, com. [15m] RRSIG, IT4VUBFNNQHBDB3JT0SLM7E2VT6TLH2L.com. [1d] Type50, IT4VUBFNNQHBDB3JT0SLM7E2VT6TLH2L.com. [1d] RRSIG ar: . OPT UDPsize=4096 DO (764)
0x0000: 4500 0318 6c8c 0000 3311 3bd6 c036 701e E...l...3.;..6p.
0x0010: ac10 000e 0035 990c 0304 206e 44bd 8400 .....5.....nD...
0x0020: 0001 0000 0006 0001 0a61 6c69 6261 6261 .........alibaba
0x0030: 646e 7303 636f 6d00 002b 0001 2043 4b30 dns.com..+...CK0
0x0040: 504f 4a4d 4738 3734 4c4a 5245 4637 4546 POJMG874LJREF7EF
0x0050: 4e38 3433 3051 5649 5438 4253 4dc0 1700 N8430QVIT8BSM...
0x0060: 3200 0100 0151 8000 2301 0100 0000 1465 2....Q..#......e
0x0070: 01a0 c257 20ee 156f 6c4e 3963 6b3a da03 ...W...olN9ck:..
0x0080: 12d9 2a00 0722 0000 0000 0290 c020 002e ..*.."..........
0x0090: 0001 0001 5180 0097 0032 0802 0001 5180 ....Q....2....Q.
0x00a0: 5d3a 8515 5d31 3a2d 452c 0363 6f6d 00a5 ]:..]1:-E,.com..
0x00b0: 104f e784 a2df 518d 31c5 19af 90bd 688d .O....Q.1.....h.
0x00c0: 00b5 957c ac8d 361e 29d6 e887 89d0 4990 ...|..6.).....I.
0x00d0: 3cbd f2bd 7ca3 d524 137a 6593 f028 babc <...|..$.ze..(..
0x00e0: 9a77 a915 a9f6 8d50 cc38 2bbf 42ed 7e3a .w.....P.8+.B.~:
0x00f0: e9b1 a7c9 1f7d bdd4 d76e 6ae3 1730 28dc .....}...nj..0(.
0x0100: 819a a151 5d08 6b34 1b8d a184 2fd5 4314 ...Q].k4..../.C.
0x0110: 511d d976 2727 6d1f 6d71 4d63 4eba e0ed Q..v''m.mqMcN...
0x0120: ec63 06bc ac22 c7f2 e107 bf46 319c 14c0 .c...".....F1...
0x0130: 1700 0600 0100 0003 8400 3d01 610c 6774 ..........=.a.gt
0x0140: 6c64 2d73 6572 7665 7273 036e 6574 0005 ld-servers.net..
0x0150: 6e73 746c 640c 7665 7269 7369 676e 2d67 nstld.verisign-g
0x0160: 7273 c017 5d35 7930 0000 0708 0000 0384 rs..]5y0........
0x0170: 0009 3a80 0001 5180 c017 002e 0001 0000 ..:...Q.........
0x0180: 0384 0097 0006 0801 0000 0384 5d3e b3b0 ............]>..
0x0190: 5d35 68c8 452c 0363 6f6d 0001 43ff b906 ]5h.E,.com..C...
0x01a0: 93f8 9508 bc4a a4e0 ca20 78f0 af39 2379 .....J....x..9#y
0x01b0: a072 7520 628a c8e7 61ce 602c 9274 297e .ru.b...a.`,.t)~
0x01c0: 4573 7175 1d85 3fba cb55 3941 3c6c 8978 Esqu..?..U9A<l.x
0x01d0: b27d 9caf 4cac ed9d 9ab8 0a04 d5b6 25a6 .}..L.........%.
0x01e0: 9f96 3dc4 e894 be85 d081 2691 7d85 8a4a ..=.......&.}..J
0x01f0: 5f4e fa6a 28f9 9230 865e fe33 b610 e348 _N.j(..0.^.3...H
0x0200: b9db 09ef 4b41 3eb1 5dab 3de4 f44f 0bd8 ....KA>.].=..O..
0x0210: ce11 e363 f597 6e29 bafd 9320 4954 3456 ...c..n)....IT4V
0x0220: 5542 464e 4e51 4842 4442 334a 5430 534c UBFNNQHBDB3JT0SL
0x0230: 4d37 4532 5654 3654 4c48 324c c017 0032 M7E2VT6TLH2L...2
0x0240: 0001 0001 5180 0022 0101 0000 0014 974a ....Q..".......J
0x0250: 1aca 3261 bf94 c564 8504 059b 1bfa fe89 ..2a...d........
0x0260: 12df 0006 2000 0000 0012 c1ff 002e 0001 ................
0x0270: 0001 5180 0097 0032 0802 0001 5180 5d3e ..Q....2....Q.]>
0x0280: 7bc3 5d35 30db 452c 0363 6f6d 006c 3637 {.]50.E,.com.l67
0x0290: fa4c cf0a 957a 1c02 7cad e015 25a7 fa52 .L...z..|...%..R
0x02a0: 40f6 c7c8 3d27 e2f5 78c5 a673 a7be 9587 @...='..x..s....
0x02b0: 2255 bb5b 209d 1e2a d110 1c31 33d7 b9bd "U.[...*...13...
0x02c0: b931 b791 189f d950 d3df 9aba 3b9a 5e7e .1.....P....;.^~
0x02d0: 8fb8 38e3 548c 1fb2 5489 c4a2 093a e726 ..8.T...T....:.&
0x02e0: d294 3d30 594f fa76 8a48 cdc0 985f a8db ..=0YO.v.H..._..
0x02f0: 6e6f a2a0 7a20 eaf9 c188 ee1a f76a 080b no..z........j..
0x0300: fe1e 2217 e652 97ac 5359 a6b6 5600 0029 .."..R..SY..V..)
0x0310: 1000 0000 8000 0000 ........
16:52:20.230833 IP (tos 0x0, ttl 64, id 62229, offset 0, flags [none], proto UDP (17), length 306)
172.16.0.14.domain > 1.204.25.92.35906: [bad udp cksum 0xc875 -> 0xc857!] 27187 q: A? host.taobao.com. 4/2/4 host.taobao.com. [30m] CNAME shop.taobao.com., shop.taobao.com. [2m] CNAME na61-na62.wagbridge.alibaba.taobao.com., na61-na62.wagbridge.alibaba.taobao.com. [5m] CNAME na61-na62.wagbridge.alibaba.taobao.com.gds.alibabadns.com., na61-na62.wagbridge.alibaba.taobao.com.gds.alibabadns.com. [2m] A 203.119.169.6 ns: alibabadns.com. [1d23h26m20s] NS ns2.alibabadns.com., alibabadns.com. [1d23h26m20s] NS ns1.alibabadns.com. ar: ns1.alibabadns.com. [1d23h23m29s] A 140.205.122.66, ns1.alibabadns.com. [1d23h23m29s] A 198.11.138.254, ns2.alibabadns.com. [1d23h23m29s] A 140.205.67.254, ns2.alibabadns.com. [1d23h23m29s] A 106.11.35.18 (278)
0x0000: 4500 0132 f315 0000 4011 bf5f ac10 000e E..2....@.._....
0x0010: 01cc 195c 0035 8c42 011e c875 6a33 8180 ...\.5.B...uj3..
0x0020: 0001 0004 0002 0004 0468 6f73 7406 7461 .........host.ta
0x0030: 6f62 616f 0363 6f6d 0000 0100 01c0 0c00 obao.com........
0x0040: 0500 0100 0007 0800 0704 7368 6f70 c011 ..........shop..
0x0050: c02d 0005 0001 0000 0078 001e 096e 6136 .-.......x...na6
0x0060: 312d 6e61 3632 0977 6167 6272 6964 6765 1-na62.wagbridge
0x0070: 0761 6c69 6261 6261 c011 c040 0005 0001 .alibaba...@....
0x0080: 0000 012c 0038 096e 6136 312d 6e61 3632 ...,.8.na61-na62
0x0090: 0977 6167 6272 6964 6765 0761 6c69 6261 .wagbridge.aliba
0x00a0: 6261 0674 616f 6261 6f03 636f 6d03 6764 ba.taobao.com.gd
0x00b0: 730a 616c 6962 6162 6164 6e73 c018 c06a s.alibabadns...j
0x00c0: 0001 0001 0000 0078 0004 cb77 a906 c095 .......x...w....
0x00d0: 0002 0001 0002 9b1c 0006 036e 7332 c095 ...........ns2..
0x00e0: c095 0002 0001 0002 9b1c 0006 036e 7331 .............ns1
0x00f0: c095 c0d0 0001 0001 0002 9a71 0004 8ccd ...........q....
0x0100: 7a42 c0d0 0001 0001 0002 9a71 0004 c60b zB.........q....
0x0110: 8afe c0be 0001 0001 0002 9a71 0004 8ccd ...........q....
0x0120: 43fe c0be 0001 0001 0002 9a71 0004 6a0b C..........q..j.
0x0130: 2312 #.
参考文档:
根域名的知识
linux中dig命令返回结果解释
根服务器为什么只能有13个
根域名服务器为什么只有13台
DNS为什么查询根域名服务器只返回13个IP地址
万字长文DNS协议!