We talked about how DNS works (roughly), and the dig command. Suppose we are looking for the IP address(es) of the web server for the URI http://cs.berkeley.edu, and also the IP address(es) of the email exchangers for emails sent to xyz@cs.berkeley.edu. (The reason we don’t want to look up stuff in our own domain cse.buffalo.edu is that our DNS server knows everything about it, and thus it’s not very interesting.
The dig illustration I’m doing now is roughly the same thing that your local DNS server does when you click on http://cs.berkeley.edu
First, we don’t know the authoritative name servers for the domain cs.berkeley.edu. Hence, we need to look up those name servers first before we can ask questions about IP addresses and mail exchangers. Let’s look up the IP addresses (and names) of the (13) root name servers
hungngo@castor (~) % dig . ns ; <<>> DiG 9.4.1-P1 <<>> . ns ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 265 ;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 2 ;; QUESTION SECTION: ;. IN NS ;; ANSWER SECTION: . 143594 IN NS b.root-servers.net. . 143594 IN NS h.root-servers.net. . 143594 IN NS f.root-servers.net. . 143594 IN NS a.root-servers.net. . 143594 IN NS m.root-servers.net. . 143594 IN NS k.root-servers.net. . 143594 IN NS l.root-servers.net. . 143594 IN NS i.root-servers.net. . 143594 IN NS e.root-servers.net. . 143594 IN NS d.root-servers.net. . 143594 IN NS c.root-servers.net. . 143594 IN NS g.root-servers.net. . 143594 IN NS j.root-servers.net. ;; ADDITIONAL SECTION: j.root-servers.net. 143594 IN A 192.58.128.30 j.root-servers.net. 143594 IN AAAA 2001:503:c27::2:30 ;; Query time: 76 msec ;; SERVER: 128.205.32.14#53(128.205.32.14) ;; WHEN: Wed Sep 15 10:36:48 2010 ;; MSG SIZE rcvd: 272
Now that we know the names (and IP of j.root-servers.net) of the 13 root name servers, we can use one of them to look up the authoritative name servers for the zone edu.
hungngo@castor (~) % dig edu ns @192.58.128.30 ; <<>> DiG 9.4.1-P1 <<>> edu ns @192.58.128.30 ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 142 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 6, ADDITIONAL: 7 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;edu. IN NS ;; AUTHORITY SECTION: edu. 172800 IN NS a.edu-servers.net. edu. 172800 IN NS g.edu-servers.net. edu. 172800 IN NS f.edu-servers.net. edu. 172800 IN NS l.edu-servers.net. edu. 172800 IN NS d.edu-servers.net. edu. 172800 IN NS c.edu-servers.net. ;; ADDITIONAL SECTION: a.edu-servers.net. 172800 IN A 192.5.6.36 c.edu-servers.net. 172800 IN A 192.26.92.36 d.edu-servers.net. 172800 IN A 192.31.80.36 f.edu-servers.net. 172800 IN A 192.35.51.36 g.edu-servers.net. 172800 IN A 192.42.93.36 g.edu-servers.net. 172800 IN AAAA 2001:503:cc2c::2:36 l.edu-servers.net. 172800 IN A 192.41.162.36 ;; Query time: 126 msec ;; SERVER: 192.58.128.30#53(192.58.128.30) ;; WHEN: Wed Sep 15 10:37:03 2010 ;; MSG SIZE rcvd: 256
Now, we have a list of authoritative name servers for the edu. domain. Pick one of them and look for authoritative name servers for the berkeley.edu. domain, and then recursively for the cs.berkeley.edu. domain.
hungngo@castor (~) % dig berkeley.edu ns @192.5.6.36 ; <<>> DiG 9.4.1-P1 <<>> berkeley.edu ns @192.5.6.36 ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1266 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 6, ADDITIONAL: 8 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;berkeley.edu. IN NS ;; AUTHORITY SECTION: berkeley.edu. 172800 IN NS phloem.uoregon.edu. berkeley.edu. 172800 IN NS adns1.berkeley.edu. berkeley.edu. 172800 IN NS adns2.berkeley.edu. berkeley.edu. 172800 IN NS ns.v6.berkeley.edu. berkeley.edu. 172800 IN NS sns-pb.isc.org. berkeley.edu. 172800 IN NS aodns1.berkeley.edu. ;; ADDITIONAL SECTION: phloem.uoregon.edu. 172800 IN A 128.223.32.35 phloem.uoregon.edu. 172800 IN AAAA 2001:468:d01:20::80df:2023 adns1.berkeley.edu. 172800 IN A 128.32.136.3 adns2.berkeley.edu. 172800 IN A 128.32.136.14 ns.v6.berkeley.edu. 172800 IN A 128.32.136.6 ns.v6.berkeley.edu. 172800 IN AAAA 2607:f140:ffff:fffe::6 aodns1.berkeley.edu. 172800 IN A 192.35.225.133 aodns1.berkeley.edu. 172800 IN AAAA 2607:f010:3f8:8000:214:4fff:fe45:e6a2 ;; Query time: 46 msec ;; SERVER: 192.5.6.36#53(192.5.6.36) ;; WHEN: Wed Sep 15 10:39:49 2010 ;; MSG SIZE rcvd: 332
and then
hungngo@castor (~) % dig cs.berkeley.edu ns @128.223.32.35 ; <> DiG 9.4.1-P1 <> cs.berkeley.edu ns @128.223.32.35 ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1678 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 6, ADDITIONAL: 7 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;cs.berkeley.edu. IN NS ;; AUTHORITY SECTION: cs.berkeley.edu. 3600 IN NS adns2.berkeley.edu. cs.berkeley.edu. 3600 IN NS ns.EECS.berkeley.edu. cs.berkeley.edu. 3600 IN NS cgl.UCSF.edu. cs.berkeley.edu. 3600 IN NS vangogh.cs.berkeley.edu. cs.berkeley.edu. 3600 IN NS ns.cs.berkeley.edu. cs.berkeley.edu. 3600 IN NS adns1.berkeley.edu. ;; ADDITIONAL SECTION: ns.cs.berkeley.edu. 3600 IN A 169.229.60.61 ns.EECS.berkeley.edu. 3600 IN A 169.229.60.153 adns1.berkeley.edu. 172800 IN A 128.32.136.3 adns1.berkeley.edu. 3600 IN AAAA 2607:f140:ffff:fffe::3 adns2.berkeley.edu. 172800 IN A 128.32.136.14 adns2.berkeley.edu. 3600 IN AAAA 2607:f140:ffff:fffe::e vangogh.cs.berkeley.edu. 3600 IN A 128.32.112.208 ;; Query time: 74 msec ;; SERVER: 128.223.32.35#53(128.223.32.35) ;; WHEN: Wed Sep 15 10:42:10 2010 ;; MSG SIZE rcvd: 293
Finally, we can query one authoritative name server for cs.berkeley.edu for its IP address:
hungngo@castor (~) % dig cs.berkeley.edu a @169.229.60.61 ; <> DiG 9.4.1-P1 <> cs.berkeley.edu a @169.229.60.61 ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 947 ;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 6, ADDITIONAL: 3 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;cs.berkeley.edu. IN A ;; ANSWER SECTION: cs.berkeley.edu. 86400 IN A 169.229.60.161 cs.berkeley.edu. 86400 IN A 169.229.60.27 ;; AUTHORITY SECTION: cs.berkeley.edu. 86400 IN NS cgl.UCSF.edu. cs.berkeley.edu. 86400 IN NS adns1.berkeley.edu. cs.berkeley.edu. 86400 IN NS adns2.berkeley.edu. cs.berkeley.edu. 86400 IN NS vangogh.cs.berkeley.edu. cs.berkeley.edu. 86400 IN NS ns.cs.berkeley.edu. cs.berkeley.edu. 86400 IN NS ns.EECS.berkeley.edu. ;; ADDITIONAL SECTION: ns.cs.berkeley.edu. 86400 IN A 169.229.60.61 ns.EECS.berkeley.edu. 86400 IN A 169.229.60.153 vangogh.cs.berkeley.edu. 86400 IN A 128.32.112.208 ;; Query time: 86 msec ;; SERVER: 169.229.60.61#53(169.229.60.61) ;; WHEN: Wed Sep 15 10:43:36 2010 ;; MSG SIZE rcvd: 237
Ah hah! So there are two IP addresses which supposedly point to some webserver(s) for the URI http://cs.berkeley.edu. Now, we know how to test a web server already: just telnet to port 80.
[hungngo@saigon] ~ $ telnet 169.229.60.27 80 Trying 169.229.60.27... Connected to mx2.eecs.berkeley.edu. Escape character is '^]'. GET /index.html http/1.1 host: cs.berkeley.edu HTTP/1.1 301 Moved Permanently Location: http://www.cs.berkeley.edu/index.html Server: none Connection: close Content-Type: text/html; charset=iso-8859-1 Connection closed by foreign host.
Ah hah! So cs.berkeley.edu has been moved to www.cs.berkeley.edu Are these two addresses the same? Namely, is the IP for www.cs.berkeley.edu one of the two IP addresses we found above?
hungngo@saigon] ~ $ dig www.cs.berkeley.edu ; <> DiG 9.6.0-APPLE-P2 <> www.cs.berkeley.edu ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41785 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 6, ADDITIONAL: 5 ;; QUESTION SECTION: ;www.cs.berkeley.edu. IN A ;; ANSWER SECTION: www.cs.berkeley.edu. 15830 IN CNAME web2.EECS.berkeley.edu. web2.EECS.berkeley.edu. 86400 IN A 128.32.244.172
NO. The actual web server is actually at 128.32.139.48, which runs on some host named web2.EECS.berkeley.edu. The other two addresses we found above (namely 169.229.60.161 and 169.229.60.27) do have some processes running, listening to port 80, but then reply with the 301 Moved permanently redirection as we have just seen.
Now, how about the email exchanger(s) for cs.berkeley.edu? Let’s find out.
hungngo@castor (~) % dig cs.berkeley.edu mx @169.229.60.61 ; <> DiG 9.4.1-P1 <> cs.berkeley.edu mx @169.229.60.61 ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1765 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 6, ADDITIONAL: 3 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;cs.berkeley.edu. IN MX ;; ANSWER SECTION: cs.berkeley.edu. 86400 IN MX 5 mx.berkeley.edu. ... hungngo@castor (~) % dig mx.berkeley.edu ; <> DiG 9.4.1-P1 <> mx.berkeley.edu ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1819 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 6, ADDITIONAL: 0 ;; QUESTION SECTION: ;mx.berkeley.edu. IN A ;; ANSWER SECTION: mx.berkeley.edu. 3536 IN A 169.229.218.141
So, 169.229.218.141 is the email server. We’ll have more to talk about email servers in the next lecture.
Good description. I prefer to make out the print Martha