DNS Lookup Command

DNS Lookup Command

How do I perform dns lookup under Linux or UNIX or Apple OS X operating systems without using 3rd party web sites for troubleshooting DNS usage?

You can use any one of the following dns lookup utility under Linux / UNIX. You can skip all 3rd party websites and use the following to debug your dns servers and lookup issues:

[a] host command - DNS lookup utility.

[b] dig command - DNS lookup utility.

Both commands will allow you to get answer to various dns queries such as the IP address (A), mail exchanges (MX), name servers (NS), text annotations (TXT), or ANY (all) type.

host DNS Lookup Examples

host command is a simple utility for performing DNS lookups. It is normally used to convert names to IP addresses and vice versa. When no arguments or options are given, host command displays a short summary of its command line arguments and options. The syntax is as follows:

#host example.com

#host -t TYPE example.com

#host -t a example.com

Task: Find Out the Domain IP

$ host -t a example.com

Sample outputs:

example.com has address 75.126.153.x

Task: Find Out the Domain Mail Server

$ host -t mx example.com

Task: Find Out the Domain Name Servers

$ host -t ns example.com

Sample outputs:

Task: Find Out the Domain TXT Recored (e.g., SPF)

$ host -t txt example.com

Task: Find Out the Domain CNAME Record

$ host -t cname files. example.com

Task: Find Out the Domain SOA Record

 $ host -t soa example.com

Task: Query Particular Name Server

Query ns2.example.net:

$ host example.com ns2.example.net

Task: Display All Information About Domain Records and Zone

$ host -a example.com

OR

$ host -t any example.com

Task: Use IPv6 Query Transport

Test your dns lookup using IPv6 query transport (you must have IPV6 based connectivity including IPv6 enabled resolving name servers):

$ host -6 example.com

$ host -6 -a example.com

$ host -6 example.com ns1.example.net

$ host -6 -t ns example.com ns1.example.net

Task: Reverse IP Lookup

Type the command:

$ host {IP-Address-Here}

$ host 75.126.153.200

Task: Get TTL Information

Type the command as follows:

$ host -v -t {TYPE} {example.com}

$ host -v -t a example.com

$ host -v -t a i.hexindia.net

If you run the same command again, you’ll notice that the TTL number (1866) reduced.

dig DNS Lookup Examples

dig (domain information groper) or host command is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried. Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output. hos dns lookup tool have less functionality than dig.

Examples

dig @{ns1.example.com} {example.com}

dig @{ns1.example.com} {example.com} {TYPE}

dig example.com a

dig example.com mx

dig example.com ns

dig example.com txt

dig @ns1. example.net example.com a

Task: Trace Usage

See how domains are resolved using root servers i.e. turn on tracing of the delegation path from the root name servers for the name being looked up. When tracing is enabled, dig makes iterative queries to resolve the name being looked up. It will follow referrals from the root servers, showing the answer from each server that was used to resolve the lookup:

$ dig +trace example.com

Task: Get Only Short Answer

A quick way to just get the answer is to type the following command:

$ dig +short cyberciti.biz

Task: Display All Records

$ dig +noall +answer cyberciti.biz any

Task: Reverse IP Lookup

Type the following command:

$ dig -x +short {IP-Address-here}

$ dig -x 75.126.153.200 +short

Task: Find Domain SOA Record

$ dig +nssearch example.com

Task: Find Out TTL Value Using dig

$ dig +nocmd +noall +answer {TYPE} {example.com}

$ dig +nocmd +noall +answer a example.com

$ dig +nocmd +noall +answer a example.com

Using Linux Screen for Session Management

Using Linux Screen for Session Management

Lost your shell connection? Need multiple shell sessions?

You are logged into your remote server via SSH and happily plucking along at your keyboard and then it happens. Suddenly, the characters stop moving and then you get the dreaded “Connection Closed” message. You have just lost your session. You were halfway through some task and now you have to start over. Ugh. Well you can prevent this from happening by using screen. The Linux screen tool can not only save you from disconnection disasters, but it also can increase your productivity by using multiple windows within one SSHsession. I use this tool all of the time in our server management work.

Linux Screen for Session Management!

Linux Screen Can Save you from that Lost Connection

What is Screen for Linux?

As the man page states, “Screen is a full-screen window manager that multiplexes a physical terminal between several processes (typically interactive shells).” This can be a life saver when working on your dedicated server. Screen has a several great features for helping you administer your server more productively and safely. I am going to discuss the three features (multiple windows, logging, sessions) that I use the most. Once you mastered screen, you may want to check out our 12 Point Server Maintenance Checklistand put your new found skills to use.

Installing Screen on Linux

Chances are that you already have screen on your system. On most Red Hat distributions you can find it in /usr/bin/screen. To see if screen is in your path, you can use the which command:

[admin@ensim admin]$ which screen

If you do not have screen, then you can install it easily from an RPM or the package file for your system. On Cobalt Raq servers, you can safely use the RedHat RPMS appropriate for your system.
Screen RPMs: rpmfind
Screen Web site: GNU Screen

As you probably already have screen or can use an RPM, I am not going to cover the building of screen from source. Lets get on to how to use screen.

Using Screen

Screen is started from the command line just like any other command:

[admin@gigan admin]$ screen

You may or may not get a text message about screen. If you do not, then you probably think nothing has happened, but it has. You are now inside of a window within screen. This functions just like a normal shell except for a few special characters. Screen uses the command “Ctrl-A” as a signal to send commands to screen instead of the shell. To get help, just use “Ctrl-A” then “?”. You should now have the screen help page.

Screen key bindings, page 1 of 2.

               Command key:  ^A   Literal ^A:  a

break      ^B b       lockscreen ^X x       reset      Z        

clear      C          log        H          screen     ^C c     

colon      :          login      L          select     " '      

copy       ^[ [       meta       a          silence    _        

detach     ^D d       monitor    M          split      S        

digraph    ^V         next       ^@ ^N sp n suspend    ^Z z     

displays   *          number     N          time       ^T t     

fit        F          only       Q          title      A        

flow       ^F f       other      ^A         vbell      ^G       

focus      ^I         pow_break  B          version    v        

help       ?          pow_detach D          width      W        

history            prev       ^P p ^?    windows    ^W w     

info       i          readbuf    <          wrap       ^R r     

kill       K          redisplay  ^L l       writebuf   >        

lastmsg    ^M m       remove     X          xoff       ^S s     

license    ,          removebuf  =          xon        ^Q q     

                 [Press Space for next page; Return to end.]

Key bindings are the commands the screen accepts after you hit “Ctrl-A”. You can reconfigure these keys to your liking using a .screenrc file, but I just use the defaults. The power of screen will become obvious, especially if you need to bounce around to different file system locations and leave processes running. For example, when I go in to clean out wasted disk space, I can remove files in one screen while hunting for other files in another.

Multiple Windows

Screen, like many windows managers, can support multiple windows. This is very useful for doing many tasks at the same time without opening new sessions. As a systems manager, I often have four or five SSH sessions going at the same time. In each of the shell, I may be running two or three tasks. Without screen, that would require 15 SSH sessions, logins, windows, etc. With screen, each system gets its own single session and I use screen to manage different tasks on that system.

Another trick I use is when I am editing configuration files. For example, if I want to harden SSH, I can cat out the configuration file in one window and then edit it in another.

To open a new window, you just use “Ctrl-A” “c”. This will create a new window for you with your default prompt. For example, I can be running top and then open a new window to do other things. Top stays running! It is still there. To try this for yourself, start up screen and then run top. (Note: I have truncated some screens to save space.)

Start top

  Mem:   506028K av,  500596K used,    5432K free,      

    0K shrd,   11752K buff

    Swap: 1020116K av,   53320K used,  966796K free       

              393660K cached

     PID USER     PRI  NI  SIZE  RSS SHARE STAT %CPU %ME

     6538 root      25   0  1892 1892   596 R    49.1  0.3

     6614 root      16   0  1544 1544   668 S    28.3  0.3

     7198 admin     15   0  1108 1104   828 R     5.6  0.2

Now open a new window with “Ctrl-A” “c”

[admin@ensim admin]$

To get back to top, use “Ctrl-A “n”

   Mem:   506028K av,  500588K used,    5440K free,      

    0K shrd,   11960K buff

    Swap: 1020116K av,   53320K used,  966796K free       

              392220K cached

     PID USER     PRI  NI  SIZE  RSS SHARE STAT %CPU %ME

     6538 root      25   0  1892 1892   596 R    48.3  0.3

     6614 root      15   0  1544 1544   668 S    30.7  0.3

You can create several windows and toggle through them with “Ctrl-A” “n” for the next window or “Ctrl-A” “p” for the previous window. Each process will keep running while your work elsewhere.

Leaving Screen

There are two ways to get out of screen. The first is just like logging out of a shell. You kill the window with “Ctrl-A” “K” or “exit” will work on some systems. This will kill the current windows. If you have other windows, you will drop into one of those. If this is the last window, then you will exit screen.

The second way to leave screen is to detach from a windows. This method leaves the process running and simple closes the window. If you have really long processes, you need to close your SSH program, you can detach from the window using “Ctrl-A” “d”. This will drop you into your shell. All screen windows are still there and you can re-attach to them later. This is great when you are using rsync for server migration.

Attaching to Sessions

So you are using screen now and compiling that program. It is taking forever and suddenly your connection drops. Don’t worry screen will keep the compilation going. Login to your system and use the screen listing tool to see what sessions are running:

[root@gigan root]# screen -ls

There are screens on:

        31619.ttyp2.gigan       (Detached)

        4731.ttyp2.gigan        (Detached)

2 Sockets in /tmp/screens/S-root.

Here you see I have two different screen sessions. To re-attach to a session, use the re-attach command:

[root@gigan root]#screen -r 31619.ttyp2.gigan

Just use screen with the -r flag and the session name. You are now re-attached to the screen. A nice thing about this, is you can re-attach from anywhere. If you are at work or a clients office, you can use screen to start a job and then logout. When you get back to your office or home, you can login and get back to work.

Screen Logging

As a consultant, I find it important to keep track of what I do to someone’s server. Fortunately, screen makes this easy. Using “Ctrl-A” “H”, creates a running log of the session. Screen will keep appending data to the file through multiple sessions. Using the log function is very useful for capturing what you have done, especially if you are making a lot of changes. If something goes awry, you can look back through your logs.

Linux Screen Tips

Just wanted to mention to other cool tricks you can do with screen. Screen can monitor a window for activity or lack thereof. This is great if you are downloading large files, compiling, or watching for output. If you are downloading something or compiling, you can watch for silence. To start the monitor, go to the screen you want to monitor and use “Ctrl-A” “M” to look for activity or “Ctrl-A” “_” to monitor for silence. Then open or switch to a new window. When the monitor detects activity or silence, you will get an alert at the bottom with the window number. To quickly go to that window, use “Ctrl-A” “ (thats a quote mark, ctrl-a then a “). After you do this, just type in the number of the window and enter. To stop monitoring, go to that window and undo the monitor with the same command. For example, to stop monitoring for activity you would use “Ctrl-A” “M” again.

Screen is a great tool and I use it daily for tasking ranging from hardening ssh against brute force attacks to deploying Nginx web server for a client.

Reference

Screen was covered recently in Linux Magazine by Adam Lazur (Jan 2003, Issue 105). Much of his information was adapted for this rackTIP. Other information was collected from the man pages.

HowTo: NIC Bonding in CentOS 5 and 6

by Justin Edmands

I have been bonding network cards at work left and right. Our first project was to get our tape backup server on this system. We immediately saw the effect of bonding the network cards by checking the throughput to the machine. Our EMC NetWorker backup software -and- our Cacti graphing server both reported roughly 160-180MB/s while writing to tape. On top of maxing out tape throughput, this decreased our backup window and provided switch redundancy. Ideally you would connect one port to a different switch in your racks to help balance the loads.

Do you really need multiple NICs?

[root@boron ~]# ifconfig
bond0     Link encap:Ethernet  HWaddr XX:XX:XX:XX:45:ED  
          inet addr:192.168.212.166  Bcast:192.168.213.255  Mask:255.255.254.0
          UP BROADCAST RUNNING MASTER MULTICAST  MTU:1500  Metric:1
          RX packets:23201084537 errors:134 dropped:0 overruns:0 frame:134
          TX packets:7857662111 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:33751562832054 (30.6 TiB)  TX bytes:971139704959 (904.4 GiB)

eth0      Link encap:Ethernet  HWaddr XX:XX:XX:XX:45:ED   
          UP BROADCAST RUNNING SLAVE MULTICAST  MTU:1500  Metric:1
          RX packets:11743246375 errors:90 dropped:0 overruns:0 frame:90
          TX packets:2453797534 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:17287802062602 (15.7 TiB)  TX bytes:158836452607 (147.9 GiB)
          Interrupt:177 Memory:91a80000-91aa0000 

eth1      Link encap:Ethernet  HWaddr XX:XX:XX:XX:45:ED   
          UP BROADCAST RUNNING SLAVE MULTICAST  MTU:1500  Metric:1
          RX packets:11457838162 errors:44 dropped:0 overruns:0 frame:44
          TX packets:5403864580 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:16463760769452 (14.9 TiB)  TX bytes:812303253030 (756.5 GiB)
          Interrupt:193 Memory:91980000-919a0000 

As you can see, the above machine for just 45 days of uptime has seen 30+TB of traffic. Since this is our backup server, we needed a way to handle to loads while it tries to write to tape. This shows that the load isn't 50/50, but pretty close at 15.7 TiB on eth0 and 14.9TiB on eth1

Step 1

Get two NICs recognized by your system as eth0 and eth1

put some ifconfig and system-config-TUI stuff here

Step 2

Ethernet Config

Edit your network-scripts for eth0 and eth1

[root@samba-server ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
BOOTPROTO=none
ONBOOT=yes
MASTER=bond0
SLAVE=yes
USERCTL=no

[root@samba-server ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
BOOTPROTO=none
ONBOOT=yes
MASTER=bond0
SLAVE=yes
USERCTL=no

Bonding Config

Edit your network-scripts for bond0

[root@samba-server ~]# vim /etc/sysconfig/network-scripts/ifcfg-bond0
DEVICE=bond0
BOOTPROTO=none
ONBOOT=yes
IPADDR=192.168.212.161
NETMASK=255.255.254.0
GATEWAY=192.168.212.1
NETWORK=192.168.212.0
USERCTL=no

Step 3

Configure your modprobe configuration files to understand the "bonding"

CentOS 5 Modprobe

[root@fileserver ~]# vim /etc/modprobe.conf
alias scsi_hostadapter mptbase
alias scsi_hostadapter1 mptspi
alias scsi_hostadapter2 ata_piix
alias eth0 e1000
alias eth1 e1000
alias bond0 bonding
options bond0 mode=2 miimon=100

CentOS 6 Modprobe

Modprobe for CentOS 6 has changed to /etc/modprobe.d/bonding.conf. The reason for this change is explained

[root@samba-server ~]# vim /etc/modprobe.d/bonding.conf
alias bond0 bonding
options bond0 mode=2 miimon=100

Step 4

Restart your network interfaces

[root@samba-server ~]# service network restart
[root@fmrif-samba ~]# service network restart
Shutting down interface eth0:                              [  OK  ]
Shutting down loopback interface:                       [  OK  ]
Bringing up loopback interface:                           [  OK  ]
Bringing up interface bond0:                               [  OK  ]

Complete!

Other options

You can configure your network cards to have a different type of bond. This is configured by choosing a different type of bond in your modprobe configuration file. Below is a list of the different bonding modes according to the Red Hat docs for RHEL6 :

balance-rr or 0

Sets a round-robin policy for fault tolerance and load balancing. Transmissions are received and sent out sequentially on each bonded slave interface beginning with the first one available.

active-backup or 1

Sets an active-backup policy for fault tolerance. Transmissions are received and sent out via the first available bonded slave interface. Another bonded slave interface is only used if the active bonded slave interface fails.

balance-xor or 2

Sets an XOR (exclusive-or) policy for fault tolerance and load balancing. Using this method, the interface matches up the incoming request's MAC address with the MAC address for one of the slave NICs. Once this link is established, transmissions are sent out sequentially beginning with the first available interface.

broadcast or 3

Sets a broadcast policy for fault tolerance. All transmissions are sent on all slave interfaces.

802.3ad or 4

Sets an IEEE 802.3ad dynamic link aggregation policy. Creates aggregation groups that share the same speed and duplex settings. Transmits and receives on all slaves in the active aggregator. Requires a switch that is 802.3ad compliant.

balance-tlb or 5

Sets a Transmit Load Balancing (TLB) policy for fault tolerance and load balancing. The outgoing traffic is distributed according to the current load on each slave interface. Incoming traffic is received by the current slave. If the receiving slave fails, another slave takes over the MAC address of the failed slave.

balance-alb or 6

Sets an Active Load Balancing (ALB) policy for fault tolerance and load balancing. Includes transmit and receive load balancing for IPV4 traffic. Receive load balancing is achieved through ARP negotiation.

Troubleshooting

Here is an example of an incorrect modprobe configuration. I stumbled upon this when attempting to follow my normal procedures for CentOS 5 on CentOS 6.

[root@samba-server ~]# service network restart
Shutting down interface eth0:                                 [  OK  ]
Shutting down loopback interface:                          [  OK  ]
Bringing up loopback interface:                              [  OK  ]
Bringing up interface bond0:  WARNING: /etc/modprobe.conf line 1: ignoring bad line starting with 'alias'
WARNING: Deprecated config file /etc/modprobe.conf, all config files belong into /etc/modprobe.d/.
WARNING: /etc/modprobe.conf line 1: ignoring bad line starting with 'alias'
WARNING: Deprecated config file /etc/modprobe.conf, all config files belong into /etc/modprobe.d/.
Device bond0 does not seem to be present, delaying initialization.
                                                           [FAILED]

Double check your system-config-network settings

Sometimes NetworkManager can interfere with network related changes to a system. Ensure that NetworkManager is off before attempting this above procedure.

Make sure all three network interfaces show up

You'll need 2 Ethernet and 1 Bond to show up

Check the bond0 settings

This will be the IP of the server. Check all of your settings.

Check your eth0 and eth1

Nothing should be in the files for this. Just the descriptor of eth0 and eth1.

UNIX / Linux: Copy Master Boot Record (MBR)

To copy MBR simply use the dd command. dd command works under all Linux distros and other UNIX like operating systems too. A master boot record (MBR) is the 512-byte boot sector that is the first sector of a partitioned data storage device of a hard disk.

MBR Total Size

446 + 64 + 2 = 512

Where,

• 446 bytes - Bootstrap.
• 64 bytes - Partition table.
• 2 bytes - Signature.

512 vs 446 Bytes

• Use 446 bytes to overwrite or restore your /dev/XYZ MBR boot code only with the contents of $mbr.backup.file.
• Use 512 bytes to overwrite or restore your /dev/XYZ the full MBR (which contains both boot code and the drive's partition table) with the contents of $mbr.backup.file.

dd command to copy MBR (identically sized partitions only)

Type dd command as follows:
dd if=/dev/sda of=/dev/sdb bs=512 count=1
Above command will copy 512 bytes (MBR) from sda to sdb disk. This will only work if both discs have identically sized partitions.

dd command for two discs with different size partitions

# dd if=/dev/sda of=/tmp/mbrsda.bak bs=512 count=1
Now to restore the image to any sdb:
# dd if=/tmp/mbrsda.bak of=/dev/sdb bs=446 count=1
The above commands will preserve the partitioning schema.

Linux sfdisk Command Example

Linux sfdisk command can make a backup of the primary and extended partition table as follows. It creates a file that can be read in a text editor, or this file can be used by sfdisk to restore the primary/extended partition table. To back up the partition table /dev/sda, enter:
# sfdisk -d /dev/sda > /tmp/sda.bak
To restore, enter:
# sfdisk /dev/sda < /tmp/sda.bak
The above command will restore extended partitions.

Task: Backup MBR and Extended Partitions Schema

Backup /dev/sda MBR, enter:
# dd if=/dev/sda of=/tmp/backup-sda.mbr bs=512 count=1
Next, backup entries of the extended partitions:
# sfdisk -d /dev/sda > /tmp/backup-sda.sfdisk
Copy /tmp/backup-sda.sfdisk and /tmp/backup-sda.mbr to USB pen or somewhere else safe over the network based nas server.

Task: Restore MBR and Extended Partitions Schema

To restore the MBR and the extended partitions copy backup files from backup media and enter:
# dd if=backup-sda.mbr of=/dev/sda
# sfdisk /dev/sda < backup-sda.sfdisk