Finding all DNS aliases for a host using nslookup/dig/host or similar command

When you say:

____________________________________

I am doing queries on a server I know to have 5 aliases and it just returns the hostname I supply and its IP address.
____________________________________

How do you know there are 5 aliases for this IP address? Is it that the /etc/hosts file has 5 aliases for this IP address, or do you know for a fact that the DNS table you’re using has all 5 aliases? I just want to be sure that the DNS tables you’re using were built appropriately to contain all 5 aliases.

A couple of things to try, if nslookup is not returning what you want:

1) Try nsquery

# nsquery hosts ros-resolver dns

Using “dns” for the hosts policy.

Searching dns for ros-resolver
Hostname: rose-resolver
Aliases: ros-resolver
Address: XXX.XXX.XXX.XXX
Switch configuration: Terminates Search

This program allows you to override whatever search routine is specified in your /etc/nsswitch.conf file and use whichever name repositories you wish. As you can see from my above example, it returned the hostname, IP address and alias information.

2) If you are not absolutely certain that DNS contains all of the alias information, you can verify this by collecting a network trace of the DNS query and look at the answer packet in the trace.

For example:

================================ IP Header (outbound — pid: 355033) =========
Source: hpatcux9.rose.hp.com(A) Dest: rose-resolver.americas.hp.net(A)
len: 74 ttl: 64 proto: 17 cksum: 0x19bc id: 0x6fe5
flags: DF tos: 0x0 hdrlen: 20 offset: 0x0 optlen: 0
——————————– UDP Header ———————————-
sport: 63319 –> dport: domain data len: 46 chksum: 0xb149
——————————– BIND Header ———————————
flags: rd
opcode: QUERY rcode: NOERROR id: 0x36df
qdcount: 0x1 ancount: 0x0 nscount: 0x0 arcount: 0x0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ QUESTIONS ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
domain name: ros-resolver.americas.hp.net
type: A class: IN

================================ IP Header (inbound — [ICS]) ================
Source: rose-resolver.americas.hp.net(A) Dest: hpatcux9.rose.hp.com(A)
len: 302 ttl: 62 proto: 17 cksum: 0x8abd id: 0x0
flags: DF tos: 0x0 hdrlen: 20 offset: 0x0 optlen: 0
——————————– UDP Header ———————————-
sport: domain –> dport: 63319 data len: 274 chksum: 0x641
——————————– BIND Header ———————————
flags: qr aa rd ra
opcode: QUERY rcode: NOERROR id: 0x36df
qdcount: 0x1 ancount: 0x2 nscount: 0x5 arcount: 0x5
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ QUESTIONS ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
domain name: ros-resolver.americas.hp.net
type: A class: IN
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ANSWERS ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
domain name: ros-resolver.americas.hp.net
type: CNAME class: IN ttl: 28800 dlen: 16
domain name: rose-resolver.americas.hp.net

domain name: rose-resolver.americas.hp.net
type: A class: IN ttl: 7200 dlen: 4
internet address: 15.251.192.51

I’ve removed some of the information from the ANSWER packet for simplicity, but you can see at the top of the ANSWER packet is the primary hostname and the alias information.

If a network trace doesn’t show this information then my guess is you don’t have your DNS tables built correctly.

3) Use nslookup debug mode

# nslookup -d2 rose-resolver.americas.hp.net
————
SendRequest(), len 44
HEADER:
opcode = QUERY, id = 13505, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0

QUESTIONS:
51.192.251.15.in-addr.arpa, type = PTR, class = IN

————
————
Got answer (296 bytes):
HEADER:
opcode = QUERY, id = 13505, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 2, authority records = 5, additional = 5

QUESTIONS:
51.192.251.15.in-addr.arpa, type = PTR, class = IN
ANSWERS:
-> 51.192.251.15.in-addr.arpa
type = PTR, class = IN, dlen = 31
name = rose-resolver.americas.hp.net
ttl = 7200 (2H)
-> 51.192.251.15.in-addr.arpa
type = PTR, class = IN, dlen = 13
name = forwarders.americas.hp.net
ttl = 7200 (2H)

Again, I’ve striped out much of the reply packet for simplicity, but this should show you the same information as the network trace, and you can verify whether the DNS tables were populated with the aliases.

Good luck,

Dave

I work for HPE

Hi Rich, When you say : ____________________________________I am doing queries on a waiter I know to have 5 aliases and it merely returns the hostname I supply and its IP address.____________________________________How do you know there are 5 aliases for this IP cover ? Is it that the /etc/hosts charge has 5 aliases for this IP address, or do you know for a fact that the DNS table you ‘re using has all 5 aliases ? I just want to be sure that the DNS tables you ‘re using were built appropriately to contain all 5 aliases.A couple of things to try, if nslookup is not returning what you want:1 ) Try nsquery # nsquery hosts ros-resolver dnsUsing “ dns ” for the hosts policy.Searching dns for ros-resolverHostname : rose-resolverAliases : ros-resolverAddress : XXX.XXX.XXX.XXXSwitch shape : Terminates SearchThis broadcast allows you to override whatever research routine is specified in your /etc/nsswitch.conf file and use whichever name repositories you wish. As you can see from my above example, it returned the hostname, IP address and alias information.2 ) If you are not absolutely certain that DNS contains all of the alias information, you can verify this by collecting a network decipher of the DNS question and look at the suffice package in the trace.For example : ================================ IP Header ( outbound — pelvic inflammatory disease : 355033 ) =========Source : hpatcux9.rose.hp.com ( A ) Dest : rose-resolver.americas.hp.net ( A ) len : 74 ttl : 64 proto : 17 cksum : 0x19bc idaho : 0x6fe5flags : DF tos : 0x0 hdrlen : 20 offset : 0x0 optlen : 0 — — — — — — — — — — — — — — — — UDP Header — — — — — — — — — — — — — — — — — mutant : 63319 — > dport : sphere data len : 46 chksum : 0xb149 — — — — — — — — — — — — — — — — BIND Header — — — — — — — — — — — — — — — — -flags : rdopcode : question rcode : NOERROR id : 0x36dfqdcount : 0x1 ancount : 0x0 nscount : 0x0 arcount : 0x0~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ QUESTIONS ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~domain mention : ros-resolver.americas.hp.nettype : A class : IN================================ IP Header ( inbound — [ ICS ] ) ================Source : rose-resolver.americas.hp.net ( A ) Dest : hpatcux9.rose.hp.com ( A ) len : 302 ttl : 62 proto : 17 cksum : 0x8abd id : 0x0flags : DF tos : 0x0 hdrlen : 20 set-back : 0x0 optlen : 0 — — — — — — — — — — — — — — — — UDP Header — — — — — — — — — — — — — — — — — sport : knowledge domain — > dport : 63319 data len : 274 chksum : 0x641 — — — — — — — — — — — — — — — — BIND Header — — — — — — — — — — — — — — — — -flags : qr alcoholics anonymous rd raopcode : question rcode : NOERROR id : 0x36dfqdcount : 0x1 ancount : 0x2 nscount : 0x5 arcount : 0x5~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ QUESTIONS ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~domain name : ros-resolver.americas.hp.nettype : A course : IN~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ANSWERS ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~domain mention : ros-resolver.americas.hp.nettype : CNAME course : IN ttl : 28800 dlen : 16domain name : rose-resolver.americas.hp.netdomain name : rose-resolver.americas.hp.nettype : A class : IN ttl : 7200 dlen : 4internet address : 15.251.192.51 … I ‘ve removed some of the information from the ANSWER package for chasteness, but you can see at the top of the ANSWER mailboat is the primary hostname and the alias information.If a network trace does n’t show this information then my think is you do n’t have your DNS tables built correctly.3 ) Use nslookup debug mode # nslookup -d2 rose-resolver.americas.hp.net — — — — — — SendRequest ( ), len 44HEADER : opcode = QUERY, idaho = 13505, rcode = NOERRORheader flags : question, want recursionquestions = 1, answers = 0, authority records = 0, extra = 0QUESTIONS:51.192.251.15.in-addr.arpa, type = PTR, class = IN — — — — — — — — — — — — Got suffice ( 296 bytes ) : heading : opcode = QUERY, id = 13505, rcode = NOERRORheader flags : reaction, auth. answer, want recursion, recursion avail.questions = 1, answers = 2, assurance records = 5, extra = 5QUESTIONS:51.192.251.15.in-addr.arpa, type = PTR, class = INANSWERS : – > 51.192.251.15.in-addr.arpatype = PTR, class = IN, dlen = 31name = rose-resolver.americas.hp.netttl = 7200 ( 2H ) – > 51.192.251.15.in-addr.arpatype = PTR, class = IN, dlen = 13name = forwarders.americas.hp.netttl = 7200 ( 2H ) Again, I ‘ve striped out much of the answer mailboat for chasteness, but this should show you the lapp information as the network trace, and you can verify whether the DNS tables were populated with the aliases.Good luck, Dave

source : https://thefartiste.com
Category : Tech

About admin

I am the owner of the website thefartiste.com, my purpose is to bring all the most useful information to users.

Check Also

articlewriting1

Manage participants in a zoom meeting webinar

Call the people who attend the meet as follows Alternate host host Who scheduled the …

Leave a Reply

Your email address will not be published.