|
상황 PTR 등록 요청 후 nslookup/ dig를 이용하여 질의시 요청했던 IP와 다르게 보이는 현상 |
#1. 요청내용
49.50.160.1 -> spam1.kbseo.com
49.50.160.2 -> spam2.kbseo.com
#2. 해당 답변내용
; <<>> DiG 9.10.6 <<>> @8.8.8.8 -x 49.50.160.2
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34381
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;35.160.50.49.in-addr.arpa.INPTR
;; ANSWER SECTION:
35.160.50.49.in-addr.arpa. 14399 INPTRspam2.kkbseo.com.
;; Query time: 139 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Mar 27 18:31:01 KST 2020
;; MSG SIZE rcvd: 86
; <<>> DiG 9.10.6 <<>> @8.8.8.8 -x 49.50.160.1
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22098
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;36.160.50.49.in-addr.arpa.INPTR
;; ANSWER SECTION:
36.160.50.49.in-addr.arpa. 14399 INPTRspam1.kbseo.com.
;; Query time: 82 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Mar 27 18:31:25 KST 2020
;; MSG SIZE rcvd: 86
#3. nslookup 및 dig를 이용하여 질의
#nslookup
[root@tktlkdd01 ~]# nslookup spam1.kbseo.com
Server:10.250.255.11
Address:10.250.255.11#53
Non-authoritative answer:
Name:spam1.hanatour.com
Address: 49.50.160.2
#dig
root@tktlkdd01 ~]# dig @222.122.70.251 spam1.kbseo.com
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.3 <<>> @222.122.70.251 spam1.hanatour.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18750
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 6, ADDITIONAL: 2
;; QUESTION SECTION:
;spam1.kbseo.com.INA
;; ANSWER SECTION:
spam1.hanatour.com.600INA49.50.160.2
;; Query time: 4 msec
;; SERVER: 222.122.70.251#53(222.122.70.251)
;; WHEN: Mon Apr 27 15:34:26 2020
;; MSG SIZE rcvd: 218
--> 해당내용 답변
A 레코드로 조회해서 생기는 일.
A 레코드 -> 도메인과 ip주소를 매핑한 정보
PTR 레코드 -> 역으로 ip주소를 도메인과 매핑한 정보
즉 PTR레코드 즉 ip로 조회해 봤을 시 해당 ip에 매핑된 도메인 정보가 출력
하지만 A래코드, 도메인으로 조회시 도메인과 매핑된 ip가 출력
이 과정에서 PTR등록은 정상적으로 되었지만 A레코드등록 시 반대로 등록 된 결과.
# PTR 값으로 조회
[root@tktlkdd01 ~]# dig @222.122.70.251 -x 49.50.160.2
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.3 <<>> @222.122.70.251 -x 49.50.160.35
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14642
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 0
;; QUESTION SECTION:
;35.160.50.49.in-addr.arpa. IN PTR
;; ANSWER SECTION:
35.160.50.49.in-addr.arpa. 9461 IN PTR spam2.kbseo.com.
;; AUTHORITY SECTION:
160.50.49.in-addr.arpa. 167861 IN NS ns2c1.ncloud-dns.com.
160.50.49.in-addr.arpa. 167861 IN NS ns3c1.ncloud-dns.com.
160.50.49.in-addr.arpa. 167861 IN NS ns4c1.ncloud-dns.com.
160.50.49.in-addr.arpa. 167861 IN NS ns1c1.ncloud-dns.com.
;; Query time: 3 msec
;; SERVER: 222.122.70.251#53(222.122.70.251)
;; WHEN: Mon Apr 27 16:50:21 2020
;; MSG SIZE rcvd: 166
# 도메인으로 조회
[root@tktlkdd01 ~]# dig @222.122.70.251 spam1.kbseo.com
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.3 <<>> @222.122.70.251 spam1.kbseo.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 273
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 6, ADDITIONAL: 2
;; QUESTION SECTION:
;spam1.kbseo.com. IN A
;; ANSWER SECTION:
spam1.kbseo.com. 600 IN A 49.50.160.2
;; Query time: 4 msec
;; SERVER: 222.122.70.251#53(222.122.70.251)
;; WHEN: Mon Apr 27 16:45:42 2020
;; MSG SIZE rcvd: 218