Dig란?
dig는 Domain Information Groper의 약자로 네임서버로 부터 정보를 가져올 수 있는 툴 입니다.
보통 도메인 네임에 대한 DNS 질의응답이 정상적으로 이루어지는지를 확인하는 경우에 많이 쓰입니다!
dig는 bind-utils 패키지에 속한 유틸리티이기에 해달 패키지를 먼저 설치해줘야합니다.
$ yum install bind-utils
Dig 사용법
[root@kbseo-test1 stlapp]# dig <@server> <domain> <query type>
-
query type
-
a : 네트워크 주소
-
mx : 도메인의 메일 서버 주소
-
ns : 도메인의 권한 네임서버 정보
-
soa : 도메인 zone 파일 상단의 source of authority 레코드
1. dig domain
도메인 주소로 검색을 하면 /etc/resolv.conf 에 등록된 네임서버를 이용하여 도메인을 조회합니다.
[root@kbseo-test1 stlapp]# dig google.com
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44148
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 9
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 205 IN A 172.217.161.78
;; AUTHORITY SECTION:
google.com. 161857 IN NS ns2.google.com.
google.com. 161857 IN NS ns3.google.com.
google.com. 161857 IN NS ns4.google.com.
google.com. 161857 IN NS ns1.google.com.
;; ADDITIONAL SECTION:
ns1.google.com. 161873 IN A 216.239.32.10
ns2.google.com. 161860 IN A 216.239.34.10
ns3.google.com. 162712 IN A 216.239.36.10
ns4.google.com. 161860 IN A 216.239.38.10
ns1.google.com. 161933 IN AAAA 2001:4860:4802:32::a
ns2.google.com. 161862 IN AAAA 2001:4860:4802:34::a
ns3.google.com. 162030 IN AAAA 2001:4860:4802:36::a
ns4.google.com. 161933 IN AAAA 2001:4860:4802:38::a
;; Query time: 1 msec
;; SERVER: 168.126.63.1#53(168.126.63.1)
;; WHEN: Mon Apr 27 17:07:29 KST 2020
;; MSG SIZE rcvd: 303
2. dig <네임서버> <도메인>
앞에 입력해준 네임서버를 이용하여 도메인을 조회합니다.
[root@kbseo-test1 stlapp]# dig @8.8.8.8 google.com
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> @8.8.8.8 google.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48238
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 163 IN A 172.217.31.142
;; Query time: 37 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Apr 27 17:09:56 KST 2020
;; MSG SIZE rcvd: 55
3. dig <도메인> +trace
DNS질의 추적용으로 쓰입니다.
[root@kbseo-test1 stlapp]# dig google.com +trace
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7 <<>> google.com +trace
;; global options: +cmd
. 507078 IN NS i.root-servers.net.
. 507078 IN NS g.root-servers.net.
. 507078 IN NS f.root-servers.net.
. 507078 IN NS a.root-servers.net.
. 507078 IN NS h.root-servers.net.
. 507078 IN NS c.root-servers.net.
. 507078 IN NS l.root-servers.net.
. 507078 IN NS b.root-servers.net.
. 507078 IN NS k.root-servers.net.
. 507078 IN NS e.root-servers.net.
. 507078 IN NS m.root-servers.net.
. 507078 IN NS d.root-servers.net.
. 507078 IN NS j.root-servers.net.
;; Received 811 bytes from 168.126.63.1#53(168.126.63.1) in 1 ms
com. 172800 IN NS f.gtld-servers.net.
com. 172800 IN NS i.gtld-servers.net.
com. 172800 IN NS h.gtld-servers.net.
com. 172800 IN NS c.gtld-servers.net.
com. 172800 IN NS k.gtld-servers.net.
com. 172800 IN NS l.gtld-servers.net.
com. 172800 IN NS b.gtld-servers.net.
com. 172800 IN NS m.gtld-servers.net.
com. 172800 IN NS j.gtld-servers.net.
com. 172800 IN NS g.gtld-servers.net.
com. 172800 IN NS e.gtld-servers.net.
com. 172800 IN NS d.gtld-servers.net.
com. 172800 IN NS a.gtld-servers.net.
com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
com. 86400 IN RRSIG DS 8 1 86400 20200509170000 20200426160000 48903 . dDn04wM4e7vHJI6SWe4V8ZvxxFg9xZ/PHYbwhSPoGbg39SZhhQpTSZ4v q9yuruhjs353ArcjoRQfyVSp+YArvQtWGTuItA1RlI6urwIOKcfyMYIr pacSXkpOM/xdQsLANrFoACcjsnwiwOlLJM7fYhJz7R3jybk2lJEBTkT3 DkXp69uGdw1DJJuMfX4FAuDf8hxX2TU5e3ehb1MW3I0QYvsrZnfNmmQM ZNDcClpTr0HgUM0XKdMqI1fiPiSP8ybup7wFiYhPhMKZF2UMYIcckf2i 2AWpcJvxrvWU/IVS9wmBx9u3ZvqvjRNQs3UoSQtq+SVAHsmbsv0hY+8b KWHirQ==
;; Received 1170 bytes from 192.36.148.17#53(i.root-servers.net) in 85 ms
google.com. 172800 IN NS ns2.google.com.
google.com. 172800 IN NS ns1.google.com.
google.com. 172800 IN NS ns3.google.com.
google.com. 172800 IN NS ns4.google.com.
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20200501044824 20200424033824 39844 com. ss+4rYfzkonN+jWtZMie5klKYKfxt56CTnHT1mWndz11i9jBETjlVW1Q RlRZMyuAOh9Zs656bKdIvWNWpe34q3m7TUWNA0G4cYb+SCgpU7CM25jR gd8nbHmBWl6SYY5ipeufqg0c3f3aEQZJSoCKwrOCc0aVP5huEenAkzRM 0iQayQcK5DYJjr1hN3+Sb52FpEEjq1+YMNtCCiVK13Ecdg==
S84BDVKNH5AGDSI7F5J0O3NPRHU0G7JQ.com. 86400 IN NSEC3 1 1 0 - S84CDVS9VPREADFD6KK7PDADH0M6IO8H NS DS RRSIG
S84BDVKNH5AGDSI7F5J0O3NPRHU0G7JQ.com. 86400 IN RRSIG NSEC3 8 2 86400 20200502044627 20200425033627 39844 com. j57Xg9fsDAGcaa1zScHEfPAtzYjsL/CoxrdRVLXHXkuQvl/4B2Ibrlaq gIvZTGu0A/dHk3a+Y6yCSgJkdecMT1pQTphGP2vgqEA9cnO7qPg9Cc6V PcY5AEk9Ix+DB8qqOqp9UZUwT1wdTiv/ompEs49sHieGS5u6+Eq33FNs WpkwDxQt1woeDeaT6y6TGsRUxXXXmfjUyclouu+1j3UIpA==
;; Received 836 bytes from 192.55.83.30#53(m.gtld-servers.net) in 156 ms
google.com. 300 IN A 172.217.24.142
;; Received 55 bytes from 216.239.38.10#53(ns4.google.com) in 153 ms
4. dig <도메인> +short
바쁜 현대인을 위한 응답코드만 출력
[root@kbseo-test1 stlapp]# dig google.com +short
172.217.25.206