hostコマンドが信頼出来ない場合がある

Linux

挙動が怪しい

どうして -d オプションを付けると結果が違うのか?

パターン1。見つからない。

% host   -t ns recall.nichigas.co.jp. gntdns02.alpha-plt.jp
Using domain server:
Name: gntdns02.alpha-plt.jp
Address: 157.205.136.242#53
Aliases:

recall.nichigas.co.jp has no NS record

パターン2。-dを付けると見つかる。

% host -d  -t ns recall.nichigas.co.jp. gntdns02.alpha-plt.jp
Trying "recall.nichigas.co.jp"
Using domain server:
Name: gntdns02.alpha-plt.jp
Address: 157.205.136.242#53
Aliases:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59337
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 0

;; QUESTION SECTION:
;recall.nichigas.co.jp.   IN  NS

;; AUTHORITY SECTION:
recall.nichigas.co.jp.  18000 IN  NS  ns-907.awsdns-49.net.
recall.nichigas.co.jp.  18000 IN  NS  ns-1293.awsdns-33.org.
recall.nichigas.co.jp.  18000 IN  NS  ns-2044.awsdns-63.co.uk.
recall.nichigas.co.jp.  18000 IN  NS  ns-429.awsdns-53.com.

Received 179 bytes from 157.205.136.242#53 in 6 ms

パケットは同じなのに。

パターン1

# host   -t ns recall.nichigas.co.jp. gntdns02.alpha-plt.jp
21:50:32.985406 IP (tos 0x0, ttl 64, id 37754, offset 0, flags [none], proto UDP (17), length 67)
    10.2.115.113.62866 > 157.205.136.242.53: [udp sum ok] 55210+ NS? recall.nichigas.co.jp. (39)

パターン2

# host -d  -t ns recall.nichigas.co.jp. gntdns02.alpha-plt.jp
21:50:36.674210 IP (tos 0x0, ttl 64, id 59469, offset 0, flags [none], proto UDP (17), length 67)
    10.2.115.113.49603 > 157.205.136.242.53: [udp sum ok] 15839+ NS? recall.nichigas.co.jp. (39)

試行錯誤

  • macosもLinuxも。
  • digコマンドはちゃんと返ってきているので、パターン1の挙動が変。
  • TCPを使うために-Tオプションを付けても同じ。

パターン1の-Tオプション。

22:25:25.985128 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 64)
    10.2.115.113.60081 > gntdns02.alpha-plt.jp.domain: Flags [SEW], cksum 0x64d1 (correct), seq 2201148386, win 65535, options [mss 1460,nop,wscale 5,nop,nop,TS val 659143667 ecr 0,sackOK,eol], length 0
22:25:26.000590 IP (tos 0x0, ttl 48, id 0, offset 0, flags [DF], proto TCP (6), length 60)
    gntdns02.alpha-plt.jp.domain > 10.2.115.113.60081: Flags [S.E], cksum 0xc875 (correct), seq 3011752540, ack 2201148387, win 14480, options [mss 1386,sackOK,TS val 3495313232 ecr 659143667,nop,wscale 7], length 0
22:25:26.000623 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 52)
    10.2.115.113.60081 > gntdns02.alpha-plt.jp.domain: Flags [.], cksum 0x1f9f (correct), seq 1, ack 1, win 4122, options [nop,nop,TS val 659143682 ecr 3495313232], length 0
22:25:26.000711 IP (tos 0x2,ECT(0), ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 93)
    10.2.115.113.60081 > gntdns02.alpha-plt.jp.domain: Flags [P.], cksum 0x6207 (correct), seq 1:42, ack 1, win 4122, options [nop,nop,TS val 659143682 ecr 3495313232], length 411906+ NS? recall.nichigas.co.jp. (39)
22:25:26.011217 IP (tos 0x0, ttl 48, id 36099, offset 0, flags [DF], proto TCP (6), length 52)
    gntdns02.alpha-plt.jp.domain > 10.2.115.113.60081: Flags [.], cksum 0x2f10 (correct), seq 1, ack 42, win 114, options [nop,nop,TS val 3495313246 ecr 659143682], length 0
22:25:26.011229 IP (tos 0x2,ECT(0), ttl 48, id 36100, offset 0, flags [DF], proto TCP (6), length 233)
    gntdns02.alpha-plt.jp.domain > 10.2.115.113.60081: Flags [P.], cksum 0x5573 (correct), seq 1:182, ack 42, win 114, options [nop,nop,TS val 3495313247 ecr 659143682], length 1811906- q: NS? recall.nichigas.co.jp. 0/4/0 ns: recall.nichigas.co.jp. NS ns-2044.awsdns-63.co.uk., recall.nichigas.co.jp. NS ns-907.awsdns-49.net., recall.nichigas.co.jp. NS ns-1293.awsdns-33.org., recall.nichigas.co.jp. NS ns-429.awsdns-53.com. (179)
22:25:26.011360 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 52)
    10.2.115.113.60081 > gntdns02.alpha-plt.jp.domain: Flags [.], cksum 0x1eae (correct), seq 42, ack 182, win 4116, options [nop,nop,TS val 659143692 ecr 3495313247], length 0
22:25:26.011860 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 52)
    10.2.115.113.60081 > gntdns02.alpha-plt.jp.domain: Flags [F.], cksum 0x1ead (correct), seq 42, ack 182, win 4116, options [nop,nop,TS val 659143692 ecr 3495313247], length 0
22:25:26.022157 IP (tos 0x0, ttl 48, id 36101, offset 0, flags [DF], proto TCP (6), length 52)
    gntdns02.alpha-plt.jp.domain > 10.2.115.113.60081: Flags [F.], cksum 0x2e42 (correct), seq 182, ack 43, win 114, options [nop,nop,TS val 3495313259 ecr 659143692], length 0
22:25:26.022197 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 52)
    10.2.115.113.60081 > gntdns02.alpha-plt.jp.domain: Flags [.], cksum 0x1e96 (correct), seq 43, ack 183, win 4116, options [nop,nop,TS val 659143702 ecr 3495313259], length 0

でも、他のドメインならちゃんと返ってくる。

% host -t ns teraren.com
teraren.com name server ns1.gslb2.sakura.ne.jp.
teraren.com name server ns2.gslb2.sakura.ne.jp.

同じzoneサーバの別のNSも同様の挙動

% host -t ns weborder.nichigas.co.jp. gntdns02.alpha-plt.jp
Using domain server:
Name: gntdns02.alpha-plt.jp
Address: 157.205.136.242#53
Aliases:

weborder.nichigas.co.jp has no NS record
% host -t ns www.nichigas.co.jp. gntdns02.alpha-plt.jp
Using domain server:
Name: gntdns02.alpha-plt.jp
Address: 157.205.136.242#53
Aliases:

www.nichigas.co.jp has no NS record

現時点での結論

  • hostコマンド(−dオプション無し)と、特定のネームサーバの場合に結果が本来と違う。
  • トラブルシュートをする戦闘力が足りない。

コメント