entranceDNS and domain names. Linux Commands Local Domain Substitution
I want to talk about a somewhat non-standard way with which you can open sites in the browser using short names. For example, instead of typing “yandex.ru” in the browser, you can simply type one letter “y”. The / etc / hosts file will help us with this.
/ Etc / hosts file
The / etc / hosts file sets the correspondence between the IP address and the hostname (hostname, domain), as well as their aliases (also called synonyms, aliases). When you access any address on the network, for example, http://yandex.ru, then in order to access the site, the system first needs to convert the site address into the corresponding IP address, for this the system requests the IP address from the DNS server. If a correspondence between yandex.ru and an IP address is written in the / etc / hosts file, then the system will use this particular IP address. And since we can also specify an alias in the / etc / hosts file by which a specific IP address will be available, we can specify, for example, for yandex.ru the alias "y". Accordingly, when you ask "y" in your browser, the system will read the IP address in the / etc / hosts file and open the yandex.ru website. That is, / etc / hosts is a kind of local DNS server.
How to find out the IP address of a site
Now we need to determine the IP addresses of the sites that we want to add to / etc / hosts. It should be noted that not all sites have a separate dedicated IP address and it is impossible to access them only by IP address. But almost all large sites and portals have their own dedicated IP address. An easy way to find out the IP address of a site is to use the ping command:
Ping site-url.
For example, let's run:
ping yandex.ru
The ping process will be displayed on the screen (to abort press Ctrl + C). So, we get the output of the ping command in the form:
PING yandex.ru (87.250.250.11) 56 (84) bytes of data. 64 bytes from yandex.ru (87.250.250.11): icmp_seq = 1 ttl = 57 time = 3.57 ms ...
Here you can see that yandex.ru corresponds to the IP address 87.250.250.11. Similarly, we perform for other sites.
Editing the / etc / hosts file
You must edit the / etc / hosts file carefully so as not to mess up anything, as this system file and it is important not to violate its syntax. Open the file for editing, to do this, run in the command line:
Sudo gedit / etc / hosts
The content of the file looks something like this:
127.0.0.1 localhost :: 1 mycomp localhost6.localdomain6 localhost6 127.0.1.1 mycomp # The following lines are desirable for IPv6 capable hosts :: 1 localhost ip6-localhost ip6-loopback fe00 :: 0 ip6-localnet ...
The syntax for the / etc / hosts file is very simple:
IP address hostname [aliases, ...]
Let's add new lines to the file for different sites:
74.125.232.19 google.ru g 94.100.191.203 mail.ru m 194.186.36.211 rbc.ru r 87.250.250.11 yandex.ru y
Save and close the file. We have registered the correspondence between IP addresses, site names and their aliases. Now go to your browser and in address bar just enter "g", the google.ru site should open. To open mail.ru just enter "m", for rbc.ru - just "r", yandex.ru - "y".
Question. How can I add a user to a group on Linux?
Answer. You can use the useradd or usermod commands to add a user to a group. The useradd command creates a new user or updates the information of an existing one. The usermod command modifies an existing user. All information about users and groups is stored in the / etc / passwd, / etc / shadow and / etc / group files.
Useradd Example - Add a New User to a Secondary Group
We use the useradd command to add a new user to an existing group. If the group does not exist, create it. Syntax:
Useradd -G (group-name) username
Create a user vivek and add it to the developers group. Login as root user and make sure the developers group exists:
# grep developers / etc / group
Developers: x: 1124:
If there is no group, use the groupadd command to create new group developers:
# groupadd developers
Then add the vivek user to the developers group:
# useradd -G developers vivek
Set a password for the vivek user:
Make sure the user is added to the developers group:
# id vivek Output:
Uid = 1122 (vivek) gid = 1125 (vivek) groups = 1125 (vivek), 1124 (developers)
The -G option allows the user to add a group. Groups can be listed separated by commas. For example, let's add the user jerry to the groups
admins, ftp, www, and developers by entering:
# useradd -G admins, ftp, www, developers jerry
Useradd example - Add a new user to the main group
To add the user tony to the developers group, use the following command:
# useradd -g developers tony
uid = 1123 (tony) gid = 1124 (developers) groups = 1124 (developers)
The -g option allows you to add the user to the main group. The group must exist.
Example of using usermod - Add an existing user to an existing group
Add the existing user tony to the secondary ftp group:
# usermod -a -G ftp tony
Change the existing user tony's primary group to www:
# usermod -g www tony
Sentry
For the second tower I ordered an essay on the Studinform website. It's a shame of course, but there is absolutely no time to do it yourself. The order was fulfilled very quickly and efficiently. Recommend!
For my car now I'm thinking about which tires to put. I thought a lot about studded tires. According to reviews, as far as I read, the difference in stopping distance of the best studded tires and best models without thorns was 10 meters! There is something to think about ...
This article will walk you through the host command. The host utility is designed to make queries to DNS servers.
[Alexey Vyskubov]
This article will walk you through the host command.Examples of work are given in operating systems Linux 2.2.17 (Debian unstable, "woody") and FreeBSD 4.2.
The host utility is designed to make queries to DNS servers.
By default, it just finds the IP address that matches the given hostname, for example:
$ host www.site
Website A 195.5.132.10
$ host www.site
Www.site has address 195.5.132.10
As you can see, in the case of Linux, the utility produces a DNS record of type A, while FreeBSD simply reports the host address using English... It should be noted that the DNS record provided by Linux is not suitable for direct insertion into the DNS server database because the hostname does not end with a period; specifying a period after the hostname when invoking host does not help either.
Also, the IN is missing between the hostname and A. If you need to get a record that can be directly put into the DNS database, on Linux you can use the -Z option:
$ host -Z slashdot.org
Slashdot.org. 3600 IN A 64.28.67.48
FreeBSD does not have this feature.
A similar situation arises when specified name is an alias --- Linux outputs a line with the word CNAME, while FreeBSD uses the construction "xxx.yyy.zzz is a nickname for aaa.bbb.ccc" :
$ host admin1.piter-press.ru
Admin1.piter-press.ru CNAME ns.piter-press.ru
Ns.piter-press.ru A 195.239.142.33
$ host admin1.piter-press.ru.
Admin1.piter-press.ru is a nickname for ns.piter-press.ru
Ns.piter-press.ru has address 195.239.142.33
Note that the host command can be followed by the name of the server you want to poll after the hostname. If the server name is not specified (as in our examples), then one of the DNS servers for this zone is polled.
If host receives an IP address, rather than a host name, then the reverse conversion is performed --- to an FQDN.
$ host 195.239.142.33
Name: ns.piter-press.ru
Address: 195.239.142.33
$ host 195.239.142.33
33.142.239.195.IN-ADDR.ARPA domain name pointer ns.piter-press.ru
This time, in the case of Linux, the usual text information(although, it would seem, why not display a DNS record like PTR?). FreeBSD is more logical --- IP address converted to its corresponding hostname in the IN-ADDR.ARPA zone, for which the information is displayed --- again, using English.
Local domain substitution
Another important difference between Linux and FreeBSD host versions is that if the hostname does not end with a dot, FreeBSD tries to substitute the local domain for it, which Linux does not (possibly a bug, since the man page states otherwise ):
$ hostname -d
$ nslookup woe.spb.ru
Server: frei.home
Address: 192.168.1.5
Name: woe.spb.ru
Address: 193.125.200.14
$ host woe
Woe does not exist (Authoritative answer)
As we can see, spb.ru is a local domain, the host woe.spb.ru exists, but the host woe command does not produce the desired result. It should be noted that the presence of the search spb.ru (or domain spb.ru) line in the /etc/resolv.conf file would solve the problem. Under FreeBSD, host behaves differently:
$ host alv
Alv.home has address 192.168.1.1
$ host alv.
Host not found
The local domain was substituted only in the first case, since the name did not end with a period. The search and / or domain lines in resolv.conf are optional.
Details: -v option
A useful option is -v (verbose). In Linux and FreeBSD, its effect is almost the same: it displays additional information about the zone.
$ host -v www.spb.ru
Query about www.spb.ru for record types A
Trying www.spb.ru ...
Query done, 1 answer, status: no error
Www.spb.ru 2134 IN A 195.190.101.3
Authority information:
Www.spb.ru 48235 IN NS ns.nevalink.ru
Www.spb.ru 48235 IN NS ns1.gldn.net
Www.spb.ru 48235 IN NS ns2.gldn.net
Additional information:
Ns.nevalink.ru 54275 IN A 195.190.100.28
Ns1.gldn.net 10978 IN A 194.67.2.108
Ns2.gldn.net 10972 IN A 195.218.218.8
$ host -v www.spb.ru.
Rcode = 0 (Success), ancount = 1
The following answer is not authoritative:
The following answer is not verified as authentic by the server:
Www.spb.ru 2053 IN A 195.190.101.3
For authoritative answers, see:
Www.spb.ru 48154 IN NS ns.nevalink.ru
Www.spb.ru 48154 IN NS ns1.gldn.net
Www.spb.ru 48154 IN NS ns2.gldn.net
Additional information:
Ns.nevalink.ru 51480 IN A 195.190.100.28
Ns1.gldn.net 10348 IN A 194.67.2.108
Ns2.gldn.net 10342 IN A 195.218.218.8
The numeric field that appears in the response from host requires clarification. Calling host several times, you will notice that its value is constantly decreasing, which is not surprising, since this field contains the TTL --- time recording life in the zone.
On Linux, you can use the -vv option to display information about the process of obtaining DNS records.
Selecting Record Types: -a and -t Options
Two more important parameter host --- -a and -t commands. The -a option means -t ANY on Linux and -v -t any on FreeBSD, so let's look at the value of the -t option.
This parameter is used to set the type of DNS records you are interested in. Record types A, NS, MD, MF, CNAME, SOA, MB, MG, MR, NULL, WKS, PTR, HINFO, INFO, MX, UINFO, UID, GID, UNSPEC are supported. Note that on Linux, the entry type can be specified in any case, while on FreeBSD, it can only be in lowercase letters (a, ns, cname, etc.). If the -t parameter is not specified, then Linux by default searches for records of type A, if the -l parameter is specified (see below) --- then types A, NS, PTR. FreeBSD, if the -t parameter is not specified, searches for records of types A and MX, and if the -l parameter is specified, it also searches for PTR and NS. The Linux version of host also supports the MAILB record type, meaning any type from MB, MR, MG, or MINFO. Instead of specifying the -t MAILB option, you can specify the -m option; in this case, the recursive expansion of records of types MR and MG to MB will be performed as well. Zone Listing: -l Option Using the host command with the -l option, you can get a listing of an entire zone. Use the -a and -t options to specify the record types you are interested in. Keep in mind that the zone listing is generated by requesting AXFR to transfer the zone and extracting the necessary information from the received one. This means that the -l parameter creates additional load on the network and DNS servers, so you should use it as little as possible. In addition, many system administrators they configure their DNS servers in such a way that they do not give the zone to anybody, refusing to process the AXFR request (while the FreeBSD version of host does not even bother to clearly explain to you what happened):
$ host -l slashdot.org
Slashdot.org AXFR record query refused by ns2.andover.net
Slashdot.org AXFR record query refused by ns3.andover.net
Slashdot.org AXFR record query refused by ns1.andover.net
No nameservers for slashdot.org responded
$ host -l slashdot.org
Server failed: Query refused
On Linux, you can create a complete copy of a zone suitable for feeding bind with the command host -Z -a -l (and write it to a file by adding -f filename).
Other parameters
As you know, DNS is a recursive system. If the DNS server does not find the information requested from it, it initiates a recursive request to the "upstream" server.
The host command has the ability to prevent this: the -r parameter disables recursive queries: only the default DNS server is queried. This option works almost the same under Linux and FreeBSD, but the command output when an entry is not found is slightly different:
$ host -r www.spb.ru
Www.spb.ru A record currently not present
$ host -r www.spb.ru
As you can see, FreeBSD simply doesn't output anything.
The host command, in principle, can be used not only on the Internet. The -c option allows us to specify the class of records that we are interested in. Record classes IN, CHAOS, HS, HESIOD are supported (IN is used by default). The classes INTERNET, CS, CSNET, CH are also supported under Linux. You can use the ANY keyword to specify all classes (under Linux you can also use the * symbol, just remember to escape it from the shell).
To display debug information, use the -d parameter (under Linux it can be duplicated --- -dd--- to increase the amount of debug information).
In the FreeBSD version of host, the -s switch is used to work with DNSSEC (Linux version does not work with DNSSEC, the -s switch is used to specify the DNS server timeout in seconds).
Zone listing: additional features Linux versions
The parameters described in this section are specific to the Linux version of host.
Recursive listings: the -L parameter The -L parameter specifies the level of recursion when displaying a zone listing. For example, the command:
$ host -l -a -L 1 some.zone
This will list the zone some.zone, as well as all of its delegated zones.
Increasing the level of recursion increases the depth of view of the delegated zones. Anything said about the undesirability of using the -l parameter is even more important when using the -L -l combination.
Statistics: -S Option Specifying the -S option when getting a zone listing displays statistics about the number of records found different types, the number of hosts of various types, the number of delegated zones, etc.:
$ host -l -a -S freshmeat.net
Freshmeat.net. SOA freshmeat.net. dns-admin.freshmeat.net.
Using specific DNS servers: -p and -P options
The -p parameter instructs to use only the primary DNS server when retrieving a zone listing. The primary DNS server name is determined using the SOA record of the zone in question.
The -P parameter allows you to specify a list of preferred domains (separated by commas). The DNS server with the largest number of name component matches for one of the specified domains will be used. The use of these parameters can be seen in the following example:
$ host -vv -p -l piter.com
Trying server 195.239.142.33 (ns.piter.com) ...
$ host -vv -P hellix.piter.com -l piter.com
Finding nameservers for piter.com ...
Query done, 2 answers, status: no error
The following answer is not authoritative:
Piter.com 3308 IN NS ns.piter.com
Piter.com 3308 IN NS hellix.piter.com
Additional information:
Ns.piter.com 85293 IN A 195.239.142.33
Hellix.piter.com 3308 IN A 193.125.199.13
Found 1 address for ns.piter.com
Found 1 address for hellix.piter.com
Trying server 193.125.199.13 (hellix.piter.com) ...
Skipping zones: parameter -N
The -N parameter allows you to specify a list of zones (separated by commas), information about which is not required. It is usually used in conjunction with the -L option.
Linux: extended syntax By specifying the -x parameter, you can use the so-called extended syntax of the host command, passing it more than one hostname. Since each name in this case is treated as a hostname that needs to be retrieved, the -X option is used to specify the DNS server to poll. If -X is specified, -x is assumed.
The extended syntax allows host to run without host names at all, passing them on to the program's standard input afterwards. A single line can contain multiple hostnames, but if a # or; character appears on the line, the rest of it is ignored.
Linux: special modes
One of special regimes supported by the host utility is the zone transfer mode enabled by the -l parameter. There are several other special modes in the Linux version of the utility, all but one of which are variations of the -l mode.
Zone Transfer Mode Variations
The -C option is similar to the -l option, but it invokes various checks for the zone, in particular, it checks whether each of the DNS servers listed in the NS records for the zone is actually capable of providing an authoritative response to a request for a zone. Other zone validation checks are also performed.
The -H option is also similar to the -l option, causing the zone to be transferred, although it does not display any entry information. Instead, the number of A records in the zone is counted. Special care is taken (see man 1 host) to take into account only "real" hosts. Combining the -H -S options allows you to get detailed zone statistics:
$ host -H -S freshmeat.net
Found 34 A records within freshmeat.net
Found 4 NS records within freshmeat.net
Found 9 CNAME records within freshmeat.net
Found 2 SOA records within freshmeat.net
Found 4 MX records within freshmeat.net
Found 32 hosts within freshmeat.net
Found 9 duplicate hosts within freshmeat.net
Found 12 extrazone hosts within freshmeat.net
Found 1 gateway host within freshmeat.net
Found 0 delegated zones within freshmeat.net
The -G, -D, -E options display the names of the gateway hosts, duplicate hosts, and extrazone hosts, respectively. In this case, a gateway means a host with more than one IP address, a duplicate host means a host with exactly one IP address, which also corresponds to several names (possibly from different zones - this may mean an error in the zone). An out-of-season host for some.zone is a host of the form host.something.some.zone, where something.some.zone is not a delegated zone.
Address verification mode
The last mode of the Linux version of the host utility that we have not analyzed is the address checking mode, initiated by the -A parameter. In this case, the following actions are performed:
* If a hostname was specified as an argument, then its address is determined, at which the hostname is determined, and is checked for a match with the original name.
* If an IP address was specified as an argument, then the corresponding host name is determined, and then it is checked if the source IP address is included in the list of IP addresses for the found host name.
* If the parameter is specified together with the -l parameter, then the described actions are performed for each A-record in the zone.
Alexey Vyskubov,
Another method of name resolution is to use a local hostname database, similar to the way it was done in the early days. Internet networks... The / etc / hosts file contains a list of hostnames with corresponding IP addresses. Listing 4.3 shows an example / etc / hosts file for a Linux client. It should contain your machine's name and IP address, and loopback IP address 127.0.0.1 for business purposes. In addition, if there are any remote hosts to which your Linux server periodically connects, it is also advisable to specify their IP addresses in the / etc / hosts file. Now, every time these hosts are accessed, the Linux server will already have their IP addresses; thus, there is no need to perform DNS queries. In addition, it greatly speeds up the establishment of a connection.
1 127.0.0.1 localhost 2 192.168.0.1 shadrach.smallorg.org 3 10.0.0.1 mail1.isp.net 4 10.0.0.2 mail2.isp.net 5 10.0.0.3 fred.otherplace.com Listing 4.3. Example / etc / hosts file
The first and second lines indicate the IP addresses for the local Linux server. Lines 3-5 show the IP addresses for the most requested machines on your network. Thanks to this, access to them from a Linux-based server is accelerated, compared to using the DNS system.
Localhost name
All Linux computers support the localhost name. This name always corresponds to the IP address 127.0.0.1, which is assigned to a special loop-type network device. This name and address allows internal processes to communicate with other processes on the same system using network protocols. Many programs are even configured to use the localhost name. Changing this name or its corresponding IP address may affect the operation of these programs.
DNS translation file
The /etc/host.conf file defines the methods and order for resolving Linux OS names. Listing 4.4 shows an example /etc/host.conf file.
1 order hosts, bind 2 multi on Listing 4.4. Example /etc/host.conf file
The first line specifies the order in which host names are resolved. Here the operating room Linux system specifies that it should first go to the / etc / hosts file and look for the host there, and then try to resolve the name using DNS (bind), if it could not be done using / etc / hosts.
Linux DNS Client Utilities
To help the system administrator, many Linux utilities have been written to make it easier for DNS to find information about remote hosts and networks. For UNIX systems, the Internet Software Consortium created software package Berkeley Internet Name Domain (BIND), which includes three of the most useful, from the point of view of the author, and widely used utilities: host, nslookup, and dig. These programs are distributed along with the software included in most Linux distributions. Red Hat and Mandrake Linux ship these programs as RPM packages.
When solving possible work-related problems Email on the Internet, these utilities are quite useful. Often the sender makes mistakes in the recipient's e-mail address, and letters are not accepted. Naturally, he will be absolutely sure that he has used the correct address, and he will blame you for the returned messages. However, after a little chat with DNS, you can make definite conclusions about the correctness or incorrectness of the email address.
Host utility
The host program does the simplest name resolution using DNS. The host command format is as follows:
host [-l] [-v] [-w] [-r] [-d] [-t querytype] [-a] host
By default, the host command tries to obtain the IP address for the name specified as host using the DNS server defined in the /etc/resolv.conf file. If server is specified on the command line, the host command will use it as the DNS server by default. By adding Extra options on the command line, you can modify how the host command works. All these parameters are shown in table. 4.5.
| Parameter | Description |
|---|---|
| -l | Shows complete information about the domain |
| -v | Use verbose format when displaying results |
| -w | Causes the host command to wait for a response |
| -r | Turns off recursion mode |
| -d | Enables debug mode |
| -t querytype | Determines the type of request |
| -a | Recovers all DNS records |
The -l option can be used to find information about all hosts in a domain. Very often, the -t parameter is used in conjunction with it in order to filter information by type (for example, -t MX returns only MX records for a domain). Unfortunately, it is difficult to use the -l option for security reasons at this time, as most DNS servers refuse to provide host information from their databases. If the information is requested from a remote or busy DNS server (or over a low-speed connection), then the -w parameter can be used. With its help, the host program forcibly waits for a response to the request. The default timeout is about a minute.
One of the most useful options is -r. It instructs the DNS server to return only information that is in its local database. In this case, the DNS server does not contact other DNS servers for information.
This is very handy in determining if your DNS server is caching DNS responses correctly. First, try specifying the -r option. If there is no hostname information, then no response will be received from the local DNS server. Then issue the command without the -r parameter. A normal response should be received here as the local DNS server is allowed to receive data from others DNS servers... Then try the host command again with the -r option. The information received should now exactly match the data obtained as a result of the previous attempt. This means that the DNS server this time gleaned information from the cache that was relevant to the previous attempt. If no information is received, then the local DNS server did not cache the previous response. Then you should notice a significant slowdown in receiving the response to the request, since it is done over the network, and not taken from the cache.
By default, the host command will try to output its output in an easy-to-read format. For example, as shown in Listing 4.5. If the -v option is given, then the output looks like the original DNS records. This can be useful when debugging DNS.
1 $ host www.linux.org 2 www.linux.org has address 198.182.196.56 3 www.linux.org mail is handled (pri = 2O) by router.invlogic.com 4 www.linux.org mail is handled (pri = 30) by border-ai.invlogic.com 5 www.linux.org mail is handled (pri = 10) by mail.linux.org 6 $ Listing 4.5. Example host command
Line 1 shows the basic format of the host command - just add the hostname you want information about. Lines 2-5 represent the results of the team's work. Line 2 shows that the DNS server was able to resolve the given hostname to its IP address. Lines 3-5 below show the three computers that can receive e-mail for a given host according to the MX records. Note that the host command even shows the weights (or priorities) for each mail server. If mail was sent to the user of the specified host, then the server with priority 10 (mail.linux.org) will first take over its delivery. If the host command is not executed, you can send the request through another DNS server by specifying its address after the host address on the command line. This is very effective if you think the local DNS server is not behaving properly.
Version of host.
Description
In the syntax listed below, name is the domain name that is to be looked up. The name can also be a dotted-decimal IPv4 address or a colon-delimited IPv6 address, in which case host will by default perform a reverse lookup for that address. The server is an optional argument that is either the name or IP address of the name server that host should query instead of the server or servers listed in /etc/resolv.conf.
Syntax
host [-aCdlnrsTwv] [-c class] [-N ndots] [-R number] [-t type] [-W wait] [-m flag] [-4] [-6] {name} [server]Options
The -a (all) option is equivalent to setting the -v option and asking host to make a query of type ANY. |
|
When the -C option is used, host will attempt to display the SOA records for zone name from all the listed authoritative name servers for that zone. The list of name servers is defined by the NS records that are found for the zone. |
|
-c class |
The -c option instructs host to make a DNS query of class class... This can be used to lookup Hesiod or Chaosnet class resource records. The default class is IN(Internet). |
Verbose output is generated by host when the -d or -v option is used. The two options are equivalent. They have been provided for backward compatibility. In previous versions, the -d option switched on debugging traces and -v enabled verbose output. |
|
List mode is selected by the -l option. This makes host perform a zone transfer for zone name. Transfer the zone printing out the NS, PTR, and address records (A / AAAA). If combined with -a all records will be printed. |
|
The -i option specifies that reverse lookups of IPv6 addresses should use the IP6.INT domain as defined in RFC1886. The default is to use IP6.ARPA. |
|
-N ndots |
The -N option sets the number of dots that have to be in name for it to be considered absolute. The default value is that defined using the ndots statement in /etc/resolv.conf, or 1 if no ndots statement is present. Names with fewer dots are interpreted as relative names and will be searched for in the domains listed in the search or domain directive in /etc/resolv.conf. |
-R number |
|
The -s option tells host not to send the query to the next nameserver if any server responds with a SERVFAIL response, which is the reverse of normal stub resolver behavior. |
|
-m flag |
The -m can be used to set the memory usage debugging flags record, usage and trace. |
Examples
host 204.228.150.3This command performs a reverse lookup on the IP address 204.228.150.3 , which results in the output:
3.150.228.204.in-addr.arpa domain name pointer www.site.
Related commands
dig- DNS lookup utility.
nslookup- Query a name server for information about a remote host.
ping- Send ICMP ECHO_REQUEST packets to network hosts.