27Nov/100

Bash script : DNS Check match between reverse and forward lookup

Posted by Rianto Wahyudi

Basic bash lookup script to check if forward / reverse IP address is matching.

  • The script use host command, it'llĀ  automatically add DNS prefix based on /etc/resolv.conf
  • Support for hostnamesĀ  or PTR address with multiple RR
./checkhost
Usage: ./checkhost <IP or hostname> checkhost<IP or hostname> ...
Example: ./checkhost 69.163.128.215 www pop3.iinet.net.au
This script will check if forward and reverse match

./checkhost shadow pop3.iinet.net.au 202.138.0.9
shadow <-> 69.163.128.215 : Match
pop3.iinet.net.au <-> 203.0.178.192 : Match
mud.starway.net.au <-> 202.138.0.9 : Match

Download the script here :

checkhost
15Nov/101

Bind 9.2 RNDC Stats

Posted by Rianto Wahyudi

Installed bind DNS statistics last week by following  : http://jpastuszek.sigquit.net/2009/03/graphing-bind-query-statistics-with.html

The graphs looks pretty !

Bind DNS Statistics

DNS Statistics

success The number of successful queries made to the server or zone. A successful query is defined as query which returns a NOERROR response with at least one answer RR.
referral The number of queries which resulted in referral responses.
nxrrset The number of queries which resulted in NOERROR responses with no data.
nxdomain The number of queries which resulted in NXDOMAIN responses.
failure The number of queries which resulted in a failure response other than those above.
recursion The number of queries which caused the server to perform recursion in order to find the final answer.

Each query received by the server will cause exactly one of successreferralnxrrsetnxdomain, or failureto be incremented, and may additionally cause the recursion counter to be incremented.

Reference : http://www.networking-tips.net/?p=85

Nxdomain and NXrrset are new terms for me.

NXDOMAIN :

NXDOMAIN or Non-Existent Domain is a term used for the Internet domain name that is unable to be resolved using the DNS implementation owing either to domain name not yet registered or the server problem.

The reference to the NXDOMAIN is published in RFC 1035 (Domain names - implementation and specification) and also in RFC 2308 (Negative Caching of DNS Queries or referred to as DNS NCACHE).

Reference : http://it.toolbox.com/wiki/index.php/NXDOMAIN

NXRRSET :

Simple explanation  - NXRRSET means no such record set. The domain exist but record set does not exist. Look at the named cache dump below, it's clear that AAAA record for www.asx.com.au does not exist :

asx.com.au.             7293    NS      ns3.asx.com.au.
7293    NS      ns01.asx.com.au.
7293    NS      ns02.asx.com.au.
; additional
ns01.asx.com.au.        7293    A       203.15.147.70
; additional
ns02.asx.com.au.        7293    A       203.15.147.74
; glue
ns1.asx.com.au.         10893   A       203.15.147.70
; glue
ns2.asx.com.au.         10893   A       203.15.147.70
; glue
ns3.asx.com.au.         10893   A       203.15.147.74
; authauthority
www.asx.com.au.         93      \-AAAA  ;-$NXRRSET
; authanswer
7293    A       203.15.147.66
; authauthority
www9.asx.com.au.        99      \-AAAA  ;-$NXRRSET

Detailed information can be found : http://www.ietf.org/rfc/rfc2136.txt