时间戳

首页 > 解决方案 > 迭代 DNS 查找

python - 迭代 DNS 查找

问题描述

我正在尝试将一个简单版本的 dig 实现为一个带有 python 的项目。我想通过迭代来实现 DNS 查找。我阅读了RFC文档,我认为我应该检查 AA(权威答案)位是否作为响应,如果它没有设置为 1,我应该向给定响应中提供的 IP 发送相同的请求,直到设置该位。当我尝试 google.com 并使用 Wireshark 检查响应时,它提供了正确的 IP,但 AA 位仍然为 0,当我继续发送请求时,它似乎无处可去。这是进行迭代查找的正确方法吗?如果是,如何区分权威答案和非权威答案?这是向 google.com 询问 1.1.1.1 服务器时的结果:

Flags: 0x8080 Standard query response, No error
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .0.. .... .... = Authoritative: Server is not an authority for domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...0 .... .... = Recursion desired: Don't do query recursively
.... .... 1... .... = Recursion available: Server can do recursive queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority portion was not authenticated by the server
.... .... ...0 .... = Non-authenticated data: Unacceptable
.... .... .... 0000 = Reply code: No error (0)

标签: pythondnsnetwork-protocols

解决方案

这是向 google.com 询问 1.1.1.1 服务器时的结果:

DNS 查询并不总是以权威的答案结束。实际上,1.1.1.1它是一个迭代解析器,因此他的工作是查询相关服务器(root-> .com-> google.com)并返回一个不具有权威性的最终答案,因为1.1.1.1它是返回它的那个。然后它会缓存响应并在有人问他同样的问题时返回它。

如果您想创建一个类似于 dig 的工具并查找 . www.stackoverflow.com,您需要执行该1.1.1.1操作 - 从根(例如a.root-servers.net.)开始,然后询问.com. 然后向.com服务器(例如a.gtld-servers.net)询问有关stackoverflow.com. 最后,向负责stackoverflow.com(例如ns-1033.awsdns-01.org)的服务器询问A/AAAA记录www.stackoverflow.com。你从中得到的答案应该是权威的:

> dig www.stackoverflow.com @ns-1033.awsdns-01.org                                                                                                                          ──(Thu,Apr08)─┘

; <<>> DiG 9.16.1-Ubuntu <<>> www.stackoverflow.com @ns-1033.awsdns-01.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62794
;; flags: qr aa rd; QUERY: 1, ANSWER: 5, AUTHORITY: 4, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.stackoverflow.com.         IN      A

;; ANSWER SECTION:
www.stackoverflow.com.  3600    IN      CNAME   stackoverflow.com.
stackoverflow.com.      3600    IN      A       151.101.65.69
stackoverflow.com.      3600    IN      A       151.101.1.69
stackoverflow.com.      3600    IN      A       151.101.193.69
stackoverflow.com.      3600    IN      A       151.101.129.69

;; AUTHORITY SECTION:
stackoverflow.com.      172800  IN      NS      ns-1033.awsdns-01.org.
stackoverflow.com.      172800  IN      NS      ns-358.awsdns-44.com.
stackoverflow.com.      172800  IN      NS      ns-cloud-e1.googledomains.com.
stackoverflow.com.      172800  IN      NS      ns-cloud-e2.googledomains.com.

注意aa标志:flags: qr aa rd

推荐阅读