五、bind各种辅助工具

最新推荐文章于 2020-04-26 22:22:57 发布
最新推荐文章于 2020-04-26 22:22:57 发布
阅读量2.9k 收藏 3
点赞数
分类专栏: DNS 文章标签: DNS bind bind-utils 工具
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/qq_37187976/article/details/79123871
版权

一、bind-utils软件包
该软件包,包含一下工具

/usr/bin/dig
/usr/bin/host
/usr/bin/nslookup
/usr/bin/nsupdate

nsupdate是用来更新bind的区域文件的比节不细说

主要说两个dig和host(主要用于域名解析查询)

dig:
    dig [-t type] name [@SERVER] [query options]
    dig只用于测试dns系统,不会查询hosts文件进行解析
查询选项:
    +[no]trace:跟踪解析过程 : dig +trace magedu.com
    +[no]recurse:进行递归解析
测试反向解析:
    dig -x IP = dig –t ptr reverseip.in-addr.arpa
模拟区域传送:
    dig -t axfr ZONE_NAME @SERVER   查询server的真个区域记录,是同tcp53端口
    dig -t axfr magedu.com @10.10.10.11
    dig –t axfr 100.1.10.in-addr.arpa @172.16.1.1
    dig -t NS . @114.114.114.114    查询114这个dns下的权威dns服务器记录
    dig -t NS . @a.root-servers.ne

host(和dig功能类似,显示更简洁):

    host [-t type] name [SERVER]
    host –t NS magedu.com 172.16.0.1
    host –t soa magedu.com
    host –t mx magedu.com
    host –t axfr magedu.com
    host 1.2.3.4

二、rndc命令
rndc实际上是通过资深的 953tcp端口连接本机寄信管理的。

rndc:
格式:rndc COMMAND
COMMAND:
    reload: 重载主配置文件和区域解析库文件
    reload zonename: 重载区域解析库文件
    retransfer zonename: 手动启动区域传送,而不管序列号是否增加
    notify zonename: 重新对区域传送发通知
    reconfig: 重载主配置文件
    querylog: 开启或关闭查询日志文件/var/log/message
    trace: 递增debug一个级别
    trace LEVEL: 指定使用的级别
    notrace:将调试级别设置为 0
    flush:清空DNS服务器的所有缓存记录

三、bind源码包下contrib目录下的各种工具(工具需要编译)
我们以源码包bind-9.11.2-P1.tar为例,我只写一种常用的性能测试工具

[root@localhost ~]# tar -xf bind-9.11.2-P1.tar.gz 
[root@localhost ~]# cd bind-9.11.2-P1/contrib
[root@localhost ~]# ls
dane               idn           perftcpdns       README   zkt-1.1.3
dlz                kasp          query-loc-0.4.0  scripts
dnsperf-2.1.0.0-1  nslint-3.0a2  queryperf        sdb
README 这个文件中有每一个工具的简介,之后我们会介绍几个常用的工具

queryperf

queryperf是用来为DNS做压力测试的工具,要使用它,我们需要先编译

[root@localhost contrib]# cd queryperf/
[root@localhost queryperf]# ./configure
configure
..

[root@localhost queryperf]# make
gcc  -DHAVE_CONFIG_H -c queryperf.c
gcc  -DHAVE_CONFIG_H  queryperf.o  -lnsl -lresolv  -lm -o queryperf
在当前目录会生成一个名叫“queryperf”的可执行文件,我们将这个文件拷贝到/usr/bin/下
[root@localhost queryperf]#cp -a queryperf /usr/bin/    #注意权限,使用-a选项
查看该命令的用法
[root@localhost ~]# queryperf -h
DNS Query Performance Testing Tool
Version: $Id: queryperf.c,v 1.12 2007/09/05 07:36:04 marka Exp $
Usage: queryperf [-d datafile] [-s server_addr] [-p port] [-q num_queries]
                 [-b bufsize] [-t timeout] [-n] [-l limit] [-f family] [-1]
                 [-i interval] [-r arraysize] [-u unit] [-H histfile]
                 [-T qps] [-e] [-D] [-R] [-c] [-v] [-h]
  -d specifies the input data file (default: stdin)
  -s sets the server to query (default: 127.0.0.1)
  -p sets the port on which to query the server (default: 53)
  -q specifies the maximum number of queries outstanding (default: 20)
  -t specifies the timeout for query completion in seconds (default: 5)
  -n causes configuration changes to be ignored
  -l specifies how a limit for how long to run tests in seconds (no default)
  -1 run through input only once (default: multiple iff limit given)
  -b set input/output buffer size in kilobytes (default: 32 k)
  -i specifies interval of intermediate outputs in seconds (default: 0=none)
  -f specify address family of DNS transport, inet or inet6 (default: any)
  -r set RTT statistics array size (default: 50000)
  -u set RTT statistics time unit in usec (default: 100)
  -H specifies RTT histogram data file (default: none)
  -T specify the target qps (default: 0=unspecified)
  -e enable EDNS 0
  -D set the DNSSEC OK bit (implies EDNS)
  -R disable recursion
  -c print the number of packets with each rcode
  -v verbose: report the RCODE of each response on stdout
  -h print this usage

我们常用的一般就两个 -s指定dns服务器,-d指定文件

例:
vim  ./address
www.baidu.com A

使用vim的批量复制功能50000p粘贴5w条副本(如果不知道怎么使用可以在在word或者txt文本中粘贴)

进行压力测试

[root@localhost ~]# queryperf -s 223.6.6.6 -d address
Statistics:
  Parse input file:     once
  Ended due to:         reaching end of file
  Queries sent:         50001 queries
  Queries completed:    50001 queries
  Queries lost:         0 queries
  Queries delayed(?):   0 queries
  RTT max:              0.092429 sec
  RTT min:              0.041393 sec
  RTT average:          0.047024 sec
  RTT std deviation:    0.004141 sec
  RTT out of range:     0 queries
  Percentage completed: 100.00%
  Percentage lost:        0.00%
  Started at:           Sun Jan 21 12:52:26 2018
  Finished at:          Sun Jan 21 12:54:42 2018
  Ran for:              136.613603 seconds
  Queries per second:   366.003084 qps
5w个请求136秒完成丢失0个,这个是阿里的dns,很好用的一个压力测试工具,在搭建私有的dns时可以用于测试
咻一咻
关注
专栏目录
C++11 新特性 ④ | 模板类 std::function 和标准库函数 std::bind
dvlinker的技术专栏
09-09 1万+
详细讲解模板类std::function和标准库函数std::bind
bind-utils-9.8.2-0.10.rc1.el6.i686.rpm
06-16
bind-utils-9.8.2-0.10.rc1.el6.i686.rpm是centos工具包。
Linux bind-utils
weixin_33979363的博客
09-17 620
一、简介 DNS是一种将域名解析为IP地址的服务.如:www.turbolinux.com.cn通过DNS解析,可以得到210.77.38.126.bind是linux系统下的一个DNS服务程序.bind-utilsbind软件提供的一组DNS工具包,里面有一些DNS相关的工具.主要有:dig,host,nslookup,nsupdate.使用这些工具可以进行域名解析和DNS调试工作.   二、...
DNS BINDbind-utils
面向学姐编程
11-02 534
原文链接
BIND运维工具
SprintfWater的专栏
01-12 6071
一.bind-utils介绍 DNS是一种将域名解析为IP地址的服务.如:www.turbolinux.com.cn通过DNS解析,可以 得到210.77.38.126. bind是linux系统下的一个DNS服务程序.bind-utilsbind软件提供的一组DNS工具包, 里面有一些DNS相关的工具.主要有:dig,host,nslookup,nsupdate.使用这些工具
bind-9.13.1
08-22
7. **远程工具**:与BIND相关的远程工具通常包括用于监控、管理和配置DNS服务器的命令行工具,如`nslookup`用于查询DNS记录,`dig`用于更复杂的DNS查询,以及`named-checkconf`和`named-checkzone`用于检查配置和...
DNS BIND9.9.0
07-08
- **bindevt.dll, liblwres.dll**:分别用于设备管理和轻量级 resolver 功能,辅助BIND完成其核心任务。 综上所述,DNS BIND 9.9.0 是一个强大且安全的DNS服务器解决方案,其功能丰富、可定制性强,适用于各种规模...
C++ STL 内 std::{bind/tuple/function} 简单实现
12-20
在C++标准库STL中,`std::bind`、`std::tuple`和`std::function`是非常重要的工具,它们提供了高级的函数操作和参数管理能力。下面将详细解释这三个概念及其简单实现的关键点。 首先,我们来看`std::function`。`...
c#和java读写xml辅助工具
08-24
本教程将详细介绍如何使用C#和Java来创建高效的XML辅助工具,以简化XML文件的处理。 ### C# XML处理 在C#中,我们可以利用.NET Framework提供的`System.Xml`命名空间中的类来读写XML。以下是一些关键类: 1. **...
bind-utils-9.11.4-26.P2.el7_9.5.x86_64.rpm
12-17
官方离线安装包,亲测可用。使用rpm -ivh [rpm完整包名] 进行安装
bindzip压缩软件
01-10
一款特别好用的压缩软件,无广告,功能强大,界面简介,执行速度快,软件轻巧,保证你用了之后不想用其他的压缩软件,用了你就知道了
bind安装包bind-9.8.4.tar.gz
08-29
DNS服务器搭建的bind安装包,该安装包为源码压缩包,适用于linux操作系统。
BIND-LINUX64位包
06-26
DNS解析BIND 9(适用于WINDOWS桌面系统) 完全改进: Security Fixes Treat an all zero netmask as invalid when generating the localnets acl to workaround bug on Windows platform. [CVE-2013-6230] [RT #34687] Fix crashes when serving some NSEC3 signed zones. memcpy was incorrectly called with overlapping ranges, resulting in malformed names being generated on some platforms. This could cause INSIST failures. (CVE 2014-0591) [RT #35120] Features Changes Add the ability to specify ndots to "nslookup". [RT #34711] Introduce a new tool "dnssec-importkey" to allow externally-generated DNSKEY to be imported into the DNSKEY management framework. [RT #34698] Check that EDNS subnet client options are well formed. [RT #34718] "named" now preserves the capitalization of names when responding to queries. [RT #34737] Include a comment in .nzf files (used for adding new zones via "rndc"), giving the name of the associated view. [RT #34765] Use separate rate limiting queues for refresh and notify requests. [RT #30589] Adjust when a master server is deemed unreachable to be less aggressive. [RT #27075] Create delegations for all "children" of empty zones except "forward first". [RT #34826] Changed the name of "isc-config.sh" developers script (for outputting compiler and linker flags) to "bind9-config". [RT #23825] Add "dig" option to keep the TCP socket open between successive queries (+[no]keepopen). [RT #34918] Add dns_client_createx2() function to DNS Client API to provide a way to specify the local address for use when sending update packets. [RT #34811] "named-checkconf -z" now checks zones of type hint as well as master. [RT #35046] Update config.guess and config.sub to add support for ppc64le (powerpc 64-bit Little Endian). [RT #35060] Update the Windows build system to support feature selection and WIN64 builds. This is a work in progress. [RT #34160] Add "dnssec-signzone -Q" switch to drop signatures from keys that are still published but no longer active. [RT #34990] Add a more detailed "not found" message to "rndc" commands which specify a zone name. [RT #35059] named will now warn when a zone's configured "key-directory" does not exist or is not a directory. [RT #35108] Added improvements to statistics channel XSL stylesheet: the stylesheet can now be cached by the browser; section headers are omitted from the stats display when there is no data in those sections to be displayed; counters are now right-justified for easier readability. (Only available with ./configure --enable-newstats.) [RT #35117] "named-checkconf" can now obscure shared secrets when printing by specifying '-x'. [RT #34465] "named" can now accept integer timestamps in RRSIG records. [RT #35185] The export-library API call for loading "resolv.conf", irs_resconf_load(), has been modified to return ISC_R_FILENOTFOUND when the file does not exist and initializes the resconf structure as if the file had existed and configured with nameservers at the localhost addresses (127.0.0.1 and ::1). [RT #35194] Bug Fixes Treat type 65533 (KEYDATA) as opaque except when used in a key zone. [RT #34238] Fix "host" and "nslookup" so don't need dot after the domain by checking ndots when searching. Only continue searching on NXDOMAIN responses. [RT #34711] Handle changes to sig-validity-interval settings better. [RT #34625] Fix bug where journal filename string could be set incorrectly, causing garbage in log messages. [RT #34738] Address a race condition when shutting down a zone. [RT #34750] Address race condition with manual notify requests. [RT #34806] Fix nslookup crash where some readline clones don't accept NULL pointers when calling add_history. [RT #34842] Fix Linux compilation issue when libcap-devel is installed. [RT #34838] Fix installation on Solaris -- don't add explicit make dependencies/rules for python programs as make won't use the implicit rules. [RT #34835] Fix hanging server with inline-signed zones by addressing lock order reversal deadlock with inline zones. [RT #34856] Fix "host" failure if a UDP query timed out. [RT #34870] Address bugs in dns_rdata_fromstruct and dns_rdata_tostruct for WKS and ISDN types. [RT #34910] Updated OpenSSL PKCS#11 patches to fix active list locking and other bugs. [RT #34855] Fix a potential hang with failure to release lock on error in receive_secure_db. #34944] Fix cast in lex.c which could see 0xff treated as EOF. This fixes issue with potential bad data in a database used by DLZ or SDB. [RT #34993] Fix build issue on newer FreeBSD needing -lhx509 for GSSAPI build. [RT #35001] Address read after free in server side of lwres_getrrsetbyname. [RT #29075] Fix "nsupdate" memory leak if "realm" was used multiple times. [RT #35073] Fix "dig" for cleaning up TCP sockets still waiting on connect(). [RT #35074] Fix "dnssec-importkey" so imported key won't overwrite an existing non-imported private key. Fix issue where queries covered by a disabled Response Policy Zone (query type was '*') are answered with TTL of 0. [RT #35026] Fix "nsupdate" memory leak if "realm" was used multiple times. [RT #35073] Fix "dig" for cleaning up TCP sockets still waiting on connect(). [RT #35074] Fix issue with "rndc retransfer" with inline-signing replacing NSEC3 with NSEC records. [RT #34745] Fix issue with "rndc refresh" failing to sign slave zones using inline-signing. [RT #35105] Fix potential hang (detected by our inline-signing system test) with null pointer dereference in libdns zone_xfrdone. [RT #35042] Address bug in libdns loadnode function that could return a freed node on out of memory. [RT #35106] Fixed a bug causing an insecure delegation from one "static-stub" zone to another to fail with a broken trust chain. [RT #35081] Fixed problem where iterative responses could be discarded when the "query-source" port for an upstream query was the same as the listener port (53). [RT #34925] Fix crashes in RBTDB implementation. Two calls to dns_db_getoriginnode were fatal if there was no data at the node. [RT #35080] Fix a possible race and crash in the socket_search() function in dispatch.c. [RT #35107] Fix "dig" so it can handle AXFR style IXFR responses which span multiple messages. [RT #35137] Fix a "host" tool problem with converting UTF-8 textname to IDN encoding by handling "." as a search list element when IDN support is enabled. [RT #35133] Fix "queryperf" to prevent a possible integer overflow when printing results. [RT #35182] Prevent a theoretically possible race and crash when obtaining a socket in dispatch.c [RT #35128] Use built-in versions of strptime() and timegm() on all platforms to avoid portability issues. [RT #35183] Fix a bug which could cause a crash when running "rndc reconfig" or "rndc reload" after configuration is changed from regular zones to automatic empty zones. [RT #35177]
系统运维-18-1-DNSbind工具
拙能胜巧
01-15 532
1.bind工具安装的基础知识。 yum install -y bind安装软件包。 yum install -y bind-libs安装软件包。yum install -y bind-utils安装软件包。rpm -qi bind-libs查看安装包信息。rpm -qi bind-utils查看安装包信息。rpm -ql bind-utils查看安装包生成的指令。yum info bind-c...
bind的各种辅助工具
weixin_30945039的博客
03-13 163
dig dig用于测试dns系统,因此,不会查询hosts文件进行解析。 转载于:https://www.cnblogs.com/momenglin/p/8556433.html
linux dns 工具包 -- bind-utils
weixin_30748995的博客
03-09 291
https://www.cnblogs.com/274914765qq/p/4817941.html 转载于:https://www.cnblogs.com/answercard/p/10499290.html
bind-utils工具nslookup及dig命令
Pipcie的博客
04-26 480
Linux系统的route命令用于显示和操作IP路由表(show / manipulate the IP routing table)。要实现两个不同的子网之间的通信,需要一台连接两个网络的路由器,或者同时位于两个网络的网关来实现。在Linux系统中,设置路由通常是为了解决以下问题:该Linux系统在一个局域网中,局域网中有一个网关,能够让机器访问Internet,那么就需要将这台机器的IP地址设...
BIND域名服务相关的组件作用、含意:bindbind-utilsbind-chroot、caching-anmeserver
hsh的专栏
04-15 1026
bind是主程序 其中bind-chroot和bind-utilsbind的相关包。 bind-utils包含一些配置和测试工具bind-chroot是一个安全增强工具,,bind-chroot是bind的一个功能,使bind可以在一个chroot的模式下运行.也就是说,bind运行时的/(根)目录,并不是系统真正的/(根)目录,只是系统中的一个子目录而已.这样做的目的是为了提高安全性...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值