Master your domain with Linux

David M Williams
Tuesday, 09 October 2007 20:15

Business IT - Open Source

Open-source Linux DNS tools

The most important such tool is one we won’t go into detail about; BIND – Berkeley Internet Name Domain – is the predominant DNS server application for Linux systems. Using BIND you can even host DNS yourself. However, I’d wager if you are up to the level of configuring BIND and running your own 24x7 connected system then nothing in this article is new to you anyway.

whois

Query domain registrars right from your command line. Run whois cisco.com, for example, to get the goods on when that domain name was created, when it expires (and hence needs renewal), who the registrar is, and who handles its DNS. In this case, Cisco run their own name servers:

   Domain Name: CISCO.COM
   Registrar: NETWORK SOLUTIONS, LLC.
   Name Server: NS1.CISCO.COM
   Name Server: NS2.CISCO.COM
   Creation Date: 14-may-1987
   Expiration Date: 15-may-2009

The information displayed will vary depending on what the domain registrar permits; whois itwire.com.au return some more company and contact information but omits the expiry date. Nevertheless, there’s more than enough data for the legitimate owner to determine their own registrar and DNS servers.

nslookup

Pull information right out of DNS servers via nslookup, specifying a host name. For instance, nslookup http://www.cisco.com/ advises the physical IP address for that service is 198.133.219.25.

Additionally, nslookup offers an interactive mode where you can batch series of queries. These may be for specific hostnames as above, or you can probe for different types of records from the DNS server. In this case, just run nslookup on the command line by itself. You’ll then have an angle prompt where you can keep entering commands until you type exit.

A useful interactive command is set type=xxx where xxx is a type of record; the default is A which means nslookup will return A records only, i.e. actual physical hostnames that map to IP addresses. You can specify types cname, mx and more to retrieve different information.

dig

While nslookup is useful, it hasn’t evolved much over time. A more recent tool is dig (Domain Information Groper) which, like nslookup, interrogates DNS servers but has more flexibility and is simpler to use.

Like nslookup, dig expects a name to be supplied. Unlike nslookup, it will return all A records for the specified domain, not just the individual host. A second parameter can be used on the command line to identify the type of records to be returned. A particularly useful option here is ‘any’ – as in dig cisco.com any – which will dump the entire set of DNS information for a domain.

Another command you can explore for this same purpose is host.

nsupdate

So far, the commands listed return data about your domain. nsupdate is different; it will make DNS changes and actually modify your domain. Using nsupdate you can make DNS changes right from your own computer without having to use a web site tool on your DNS server’s site.

Not all DNS providers support nsupdate – it requires DNSSEC authentication (the Domain Name System Security Extensions) – but if your provider does, then nsupdate will let you make modifications with ease. An example of an nsupdate session is like this:

# nsupdate
> update delete oldhost.example.com A
> update add newhost.example.com 87400 A 172.16.1.1
> send

This removes any A records for oldhost.example.com, and then makes a new A record for newhost.example.com. The IP address is 172.16.1.1. A time-to-live is also stipulated, namely 86,400 seconds or one day. Any computers which cache the address of this host will need to look it up again after this period of time lapses.

That’s DNS in a nutshell, as well as the most important Linux tools to help you get started right away. You can find loads more DNS tools for Linux online also.

Now go forth and master your domain!