[Internet-e-architetture-di-rete] esercizi uso resolver e authoritative
Mauro Angiolillo
m.angiolillo at comuneap.gov.it
Tue May 10 19:54:38 CEST 2016
Buonasera prof,
spendo i miei 5 minuti liberi per cimentarmi in un paio di esercizi, promettendo
la prossima risoluzione di tutti i rimanenti; ho approfittato dell'esercizio per
rinfrescarmi qualche trucchetto di one-line-bash-scripting (semplicissimi script della
linea di comando della shell bash).
Tutti i comandi di seguito riportati vengono scritti (o copiati/incollati) su una linea
di comando dell'interprete bash.
__________________________________________________________
N. | QUESTION |
---+-----------------------------------------------------+
1. | qual e' il RR IN MX per il nome a dominio ripe.net.?|
R1
# Lo chiedo al mio resolver di sistema
[morpheus at odino:~] dig ripe.net. IN MX +short
200 mahimahi.ripe.net.
250 molamola.ripe.net.
# Lo chiedo al resolver pubblico di google
[morpheus at odino:~] dig @8.8.8.8 ripe.net. IN MX +short
250 molamola.ripe.net.
200 mahimahi.ripe.net.
# Lo chiedo al server autoritativo primario di zona ripe.net.
[morpheus at odino:~] dig @$(dig ripe.net. IN SOA +short | awk '{ print $1}') ripe.net. IN MX +short
200 mahimahi.ripe.net.
250 molamola.ripe.net.
# Lo chiedo a tutti i server autoritativi di zona ripe.net. per vedere se sono allineati tra loro
[morpheus at odino:~] for i in $(dig ripe.net. IN NS +short) ; do echo ====== ${i} ====== ; dig @${i} ripe.net. IN MX
+short ; done
====== c1.authdns.ripe.net. ======
200 mahimahi.ripe.net.
250 molamola.ripe.net.
====== c2.authdns.ripe.net. ======
250 molamola.ripe.net.
200 mahimahi.ripe.net.
====== sec3.apnic.net. ======
200 mahimahi.ripe.net.
250 molamola.ripe.net.
====== manus.authdns.ripe.net. ======
250 molamola.ripe.net.
200 mahimahi.ripe.net.
====== sns-pb.isc.org. ======
200 mahimahi.ripe.net.
250 molamola.ripe.net.
====== tinnie.arin.net. ======
250 molamola.ripe.net.
200 mahimahi.ripe.net.
# pfiuh, sono allineati!
---+-----------------------------------------------------+
2. | qual e' il RR IN AAAA di $1? |
# per ciascun rr mx, chiedo al mio resolver quale sia il suo rr AAAA (indirizzo ipv6)
[morpheus at odino:~] for i in $(dig ripe.net. IN MX +short | awk '{print $2}') ; do echo ${i} ; dig ${i} IN AAAA +short ; done
mahimahi.ripe.net.
2001:67c:2e8:11::c100:1372
molamola.ripe.net.
2001:67c:2e8:11::c100:1371
# faccio lo stesso, ma questa volta lo chiedo a google
[morpheus at odino:~] for i in $(dig @8.8.8.8 ripe.net. IN MX +short | awk '{print $2}') ; do echo ${i} ; dig @8.8.8.8 ${i}
IN AAAA +short ; done
molamola.ripe.net.
2001:67c:2e8:11::c100:1371
mahimahi.ripe.net.
2001:67c:2e8:11::c100:1372
# stessa richiesta, ma questa volta al server autoritativo primario di zona ripe.net.
[morpheus at odino:~] for i in $(dig @$(dig ripe.net. IN SOA +short | awk '{ print $1}') ripe.net. IN MX +short | awk
'{print $2}') ; do echo ${i} ; dig @8.8.8.8 ${i} IN AAAA +short ; done
mahimahi.ripe.net.
2001:67c:2e8:11::c100:1372
molamola.ripe.net.
2001:67c:2e8:11::c100:1371
# alla fine itero la medesima richiesta a tutti i server autoritativi di zona ripe.net.
[morpheus at odino:~] for i in $(dig ripe.net. IN NS +short) ; do echo ====== DNS Server ${i} ====== ; for j in $(dig @${i}
ripe.net. IN MX +short | awk '{print $2}') ; do echo ${j} ; dig @${i} ${j} AAAA +short ; done; done
====== DNS Server c2.authdns.ripe.net. ======
mahimahi.ripe.net.
2001:67c:2e8:11::c100:1372
molamola.ripe.net.
2001:67c:2e8:11::c100:1371
====== DNS Server manus.authdns.ripe.net. ======
mahimahi.ripe.net.
2001:67c:2e8:11::c100:1372
molamola.ripe.net.
2001:67c:2e8:11::c100:1371
====== DNS Server tinnie.arin.net. ======
mahimahi.ripe.net.
2001:67c:2e8:11::c100:1372
molamola.ripe.net.
2001:67c:2e8:11::c100:1371
====== DNS Server sns-pb.isc.org. ======
molamola.ripe.net.
2001:67c:2e8:11::c100:1371
mahimahi.ripe.net.
2001:67c:2e8:11::c100:1372
====== DNS Server sec3.apnic.net. ======
mahimahi.ripe.net.
2001:67c:2e8:11::c100:1372
molamola.ripe.net.
2001:67c:2e8:11::c100:1371
====== DNS Server c1.authdns.ripe.net. ======
mahimahi.ripe.net.
2001:67c:2e8:11::c100:1372
molamola.ripe.net.
2001:67c:2e8:11::c100:1371
---+-----------------------------------------------------+
3. | qual e' il RR IN PTR di $2? |
R3
# chiedo al mio resolver di sistema la risoluzione inversa di tutti gli indirizzi ipv6 dei server di posta
# di ripe.net
[morpheus at odino:~] for i in $(dig ripe.net. IN MX +short | awk '{print $2}') ; do d=$(dig ${i} IN AAAA +short) ; echo
"${i} [ ${d} ] $(dig -x ${d} PTR +short) "; done
molamola.ripe.net. [ 2001:67c:2e8:11::c100:1371 ] molamola.ripe.net.
mahimahi.ripe.net. [ 2001:67c:2e8:11::c100:1372 ] mahimahi.ripe.net.
# ottimo, gli indirizzi matchano
# questa volta lo chiedo a google
[morpheus at odino:~] for i in $(dig @8.8.8.8 ripe.net. IN MX +short | awk '{print $2}') ; do d=$(dig @8.8.8.8 ${i} AAAA
+short) ; echo "${i} [ ${d} ] $(dig @8.8.8.8 -x ${d} PTR +short) "; done
mahimahi.ripe.net. [ 2001:67c:2e8:11::c100:1372 ] mahimahi.ripe.net.
molamola.ripe.net. [ 2001:67c:2e8:11::c100:1371 ] molamola.ripe.net.
# ed anche in questo caso i record AAAA e PTR matchano
# ora eseguo la query sul server autoritativo primario di zona ripe.net.
[morpheus at odino:~] a=$(dig ripe.net. IN SOA +short | awk '{ print $1}') ; for i in $(dig @${a} ripe.net. IN MX +short |
awk '{print $2}') ; do d=$(dig @${a} ${i} AAAA +short) ; echo "${i} [ ${d} ] $(dig @${a} -x ${d} PTR +short) "; done
mahimahi.ripe.net. [ 2001:67c:2e8:11::c100:1372 ] mahimahi.ripe.net.
molamola.ripe.net. [ 2001:67c:2e8:11::c100:1371 ] molamola.ripe.net.
# ed infine, per diletto, lo faccio su tutti i server autoritativi di zona ripe.net
[morpheus at odino:~] for i in $(dig ripe.net. IN NS +short) ; do echo ====== DNS Server ${i} ====== ; for j in $(dig @${i}
ripe.net. IN MX +short | awk '{print $2}') ; do d=$(dig @${i} ${j} AAAA +short) ; echo "${j} [ ${d} ] $(dig @${i} -x
${d} PTR +short) "; done; done
====== DNS Server sns-pb.isc.org. ======
mahimahi.ripe.net. [ 2001:67c:2e8:11::c100:1372 ] mahimahi.ripe.net.
molamola.ripe.net. [ 2001:67c:2e8:11::c100:1371 ] molamola.ripe.net.
====== DNS Server c2.authdns.ripe.net. ======
molamola.ripe.net. [ 2001:67c:2e8:11::c100:1371 ] molamola.ripe.net.
mahimahi.ripe.net. [ 2001:67c:2e8:11::c100:1372 ] mahimahi.ripe.net.
====== DNS Server sec3.apnic.net. ======
mahimahi.ripe.net. [ 2001:67c:2e8:11::c100:1372 ] mahimahi.ripe.net.
molamola.ripe.net. [ 2001:67c:2e8:11::c100:1371 ] molamola.ripe.net.
====== DNS Server tinnie.arin.net. ======
mahimahi.ripe.net. [ 2001:67c:2e8:11::c100:1372 ] mahimahi.ripe.net.
molamola.ripe.net. [ 2001:67c:2e8:11::c100:1371 ] molamola.ripe.net.
====== DNS Server c1.authdns.ripe.net. ======
mahimahi.ripe.net. [ 2001:67c:2e8:11::c100:1372 ] mahimahi.ripe.net.
molamola.ripe.net. [ 2001:67c:2e8:11::c100:1371 ] molamola.ripe.net.
====== DNS Server manus.authdns.ripe.net. ======
mahimahi.ripe.net. [ 2001:67c:2e8:11::c100:1372 ] mahimahi.ripe.net.
molamola.ripe.net. [ 2001:67c:2e8:11::c100:1371 ] molamola.ripe.net.
Direi che sono tutti concordi nelle risposte, diamo un A+ alla zona ripe.net. :)
Sperando di non aver confuso troppo le acque e di non aver commesso madornali errori,
auguro a tutti una buona serata.
Mauro
--
Dott. Ing. Mauro Angiolillo
Linux Registered User #343216
GnuPG-Key fingerprint = 90A3 3F92 6008 7383 A569 E952 CF97 383B 63F6 F425
-*-
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 203 bytes
Desc: OpenPGP digital signature
URL: <http://list.informagiovani.comunesbt.it/pipermail/internet-e-architetture-di-rete/attachments/20160510/619fa21c/attachment.bin>
More information about the Internet-e-architetture-di-rete
mailing list