Linux 故障排除命令：4 个解决 DNS 名称解析问题的工具

名称解析是将易于记忆的名称与难以记忆的 Internet 协议 (IP) 地址关联起来的过程。域名系统 (DNS) 在大多数环境中提供名称解析服务。这些内部服务器托管名称和相关 IP 地址的动态数据库。这些名称可能像主机名一样简单，也可能像完全限定域名和 Web URL 一样复杂。

DNS 服务器托管资源记录，例如授权起始 (SOA)、名称服务器 (NS) 和邮件交换 (ME)。两种最常见的记录类型是 A 记录和指针记录 (PTR)。A 记录服务转发查找请求，指定给定名称与特定 IP 地址相关。PTR 将 IP 地址映射到特定名称。当正向查找查询到达时，该名称的 A 记录会为其提供服务。当反向查找查询到达时，该 IP 地址的 PTR 会为其提供服务。

什么原因会让您怀疑名称解析存在问题？也许用户表示他们无法再访问某个​​资源（例如文件服务器或打印机），或者某个电子邮件服务器似乎不可用。用户在访问内部 Web 服务器或相关服务时可能会遇到间歇性困难。也许用户可以连接到某个服务器，但它不是正确的服务器，因此会显示意外的网页。

由于名称服务器类型繁多，尤其是在大型网络中，因此很难确定罪魁祸首。在排除故障时，查询特定名称服务器并检查其管理资源记录会很有用。

安装工具

本文比较了四种用于在 Linux 系统上测试名称解析的有用工具：

• 平
• nslookup
• 挖
• 主持人

开始之前，请确保已安装命令。该ping命令可能已在您的系统中，由软件包提供iputils，但其他命令已在系统中bindutils，并且默认情况下未安装。使用dnf或安装它们yum：

$ sudo dnf install bind-utils

如何使用 ping

基本ping命令可以帮助缩小名称解析问题的范围。这是 Linux 故障排除的基本技术。

首先，通过主机名测试连通性，假设远程主机名为 server01，其 IP 地址为 192.168.1.101：

$ ping -c 3 server01

如果此操作成功并且名称解析有效，您可能不需要继续进行此测试。如果此测试失败，请尝试ping使用远程 IP 地址的命令：

$ ping -c 3 192.168.1.101

如果此方法有效，则表示连接正常。名称解析是问题所在，因为故障就出在这里。现在您可以开始排除系统无法正确解析名称的故障。

If the ping by IP address fails, you have a network connectivity problem rather than a name resolution problem, and you can troubleshoot in that direction.

Ping helps you narrow down whether you have a name resolution issue or something else is happening.

How to use nslookup

The nslookup command has been around a while. It has two modes: non-interactive and interactive. This article focuses on non-interactive mode since it most closely resembles the functionality of dig and host.

In non-interactive mode, simply type nslookup and the destination name (or URL) you need to resolve:

$ nslookup server01

This output should display the IP address for server01, along with information about which server resolves the name. If this fails, it indicates a name resolution problem.

Perform a reverse lookup (resolving a known IP address to an unknown name) by typing:

$ nslookup 192.168.1.101

To see specific resource record types, use the -type= option. Here's an example that queries for the MX records of the example.com domain:

$ nslookup -type=MX example.com

Many administrators work on multiple platforms. Nslookup is notable for being preinstalled on Microsoft Windows, which means you can learn one troubleshooting tool and use it on two platforms.

How nslookup compares

Nslookup is the oldest of the three tools and has been on the deprecation chopping block at least once. However, it's still around. One concern about nslookup compared to host and dig is the format of its responses. It may be more difficult to extract information due to its layout. This becomes important when nslookup is used within a larger script.

How to use dig

Like the other commands in this article, dig enables you to make manual name resolution queries. It provides an immense amount of detail about the results, so many people prefer using it for significant troubleshooting tasks.

Generate forward lookups like this:

$ dig server01

Initiate a reverse lookup by using the -x option and the known IP address:

$ dig -x 192.168.1.101

Query the name server for specific record types by appending the type to the command:

$ dig example.com MX

This resolves the mail server for the example.com domain name.

As you can see, similar functionality exists within dig as nslookup.

How dig compares

Using dig provides similar information as nslookup in a more organized format that's easier to parse.

How to use host

Doing manual name resolutions with the host command are also straightforward.

Here is the basic syntax for a forward lookup:

$ host server01

Here's the syntax for a reverse lookup:

$ host 192.168.1.101

Querying for SOA records relies on the -C option:

$ host -C example.com

The -t option causes the host command to display the specified record type. The following example queries for the MX records of example.com:

$ host -t mx example.com

If you're not sure which record types you need or if you want to see them all, use the -a (any) option:

$ host -a example.com

To narrow the query's scope to either IPv4 or IPv6 records, add the -4 or -6 options to the regular syntax. This may speed up query results in large networks or provide the focused information you need for additional troubleshooting.

Like nslookup and dig, host provides both forward and reverse lookups along with resource record type queries.

How host compares

Administrators may prefer host for its simplicity. Sometimes the detailed output from dig is too distracting or provides more information than is really required. For a quick, basic response, try  host. It may also be the right solution for your scripts.

Wrapping up

To some degree, nslookup, dig, and host provide the same information and offer similar filtering options. The one you use in your next troubleshooting task may simply be the one that's installed, especially if you work with multiple distributions or have created your own Linux version. I recommend knowing how to do a basic query with all three tools.

Some command options require a DNS zone transfer, which often is not allowed by the DNS server. Be aware of this, particularly for external name resolution servers or other DNS servers you don't manage.

Finally, don't forget that ping is a good place to start. It's a quick way of determining whether name resolution is working correctly before delving deeper into manual resolution attempts that may not be part of the issue.