Ping uma porta específica

Question

mythofechelon

Asked: 2017-12-08 10:14:17 +0800 CST2017-12-08 10:14:17 +0800 CST 2017-12-08 10:14:17 +0800 CST

FQDNs resolvendo corretamente via ping, mas não nslookup

772

O seguinte domínio do AD DS foi configurado recentemente:

Nome de domínio DNS, FLZ e apenas sufixo DNS:internal.example.co.uk
SOs DC: Windows Server 2016 Standard
Servidores DNS DC nº 1: 172.16.233.2, 127.0.0.1
Servidores DNS DC nº 2: 172.16.233.1, 127.0.0.1
Encaminhadores de DNS: 8.8.8.8, 208.67.222.222

Por todas as contas, o domínio e o DNS estão funcionando corretamente.

No entanto, nslookupse comporta de forma muito estranha:

nslookup <any FQDN> <any DC server>funciona incorretamente, anexando example.co.uk(não internal.example.co.uk) e resolve para o mesmo endereço IP público desconhecido.
nslookup <any FQDN>. <any DC server>funciona corretamente.

Eu determinei que o roteamento, o arquivo hosts, o serviço do Windows DNS Server, etc não eram relevantes e não existia nenhum DNS PTR RR para o endereço IP público desconhecido.

Eu sei que você deveria adicionar um sufixo .a um FQDN, mas eu nunca precisei e nunca vi isso se comportar assim antes.

Não consegui encontrar uma resolução adequada on-line, por isso este post.

A saída anônima do Prompt de Comando a seguir demonstra isso:

Microsoft Windows [Version 10.0.14393]
(c) 2016 Microsoft Corporation. All rights reserved.

C:\Users\username>ipconfig /all

Windows IP Configuration

Host Name . . . . . . . . . . . . : DC2
Primary Dns Suffix . . . . . . . : internal.example.co.uk
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : internal.example.co.uk

Ethernet adapter Ethernet 2:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Hyper-V Network Adapter #2
Physical Address. . . . . . . . . : 00-15-5D-9E-13-07
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::45fd:755c:e86d:eed3%14(Preferred)
IPv4 Address. . . . . . . . . . . : 172.16.233.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 172.16.233.254
DHCPv6 IAID . . . . . . . . . . . : 100668765
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-21-42-DF-91-00-15-5D-9E-13-05
DNS Servers . . . . . . . . . . . : ::1
172.16.233.1
127.0.0.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{DEFCF64F-0919-47F6-8206-DA42E6828191}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

C:\Users\username>ping internal.example.co.uk

Pinging internal.example.co.uk [172.16.233.2] with 32 bytes of data:
Reply from 172.16.233.2: bytes=32 time<1ms TTL=128
Reply from 172.16.233.2: bytes=32 time<1ms TTL=128
Reply from 172.16.233.2: bytes=32 time<1ms TTL=128
Reply from 172.16.233.2: bytes=32 time<1ms TTL=128

Ping statistics for 172.16.233.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms

C:\Users\username>nslookup internal.example.co.uk 127.0.0.1
Server: localhost
Address: 127.0.0.1

Non-authoritative answer:
Name: internal.example.co.uk.example.co.uk
Address: <unknown public IP address>


C:\Users\username>nslookup internal.example.co.uk. 127.0.0.1
Server:  localhost
Address:  127.0.0.1

Name:    internal.example.co.uk
Addresses:  172.16.233.1
          172.16.233.2


C:\Users\username>ping DC1

Pinging DC1.internal.example.co.uk [172.16.233.1] with 32 bytes of data:
Reply from 172.16.233.1: bytes=32 time=1ms TTL=128
Reply from 172.16.233.1: bytes=32 time<1ms TTL=128
Reply from 172.16.233.1: bytes=32 time<1ms TTL=128
Reply from 172.16.233.1: bytes=32 time<1ms TTL=128

Ping statistics for 172.16.233.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 1ms, Average = 0ms

C:\Users\username>nslookup DC1 127.0.0.1
Server: localhost
Address: 127.0.0.1

Name: DC1.internal.example.co.uk
Address: 172.16.233.1


C:\Users\username>ping google.co.uk

Pinging google.co.uk [74.125.133.94] with 32 bytes of data:
Reply from 74.125.133.94: bytes=32 time=11ms TTL=49
Reply from 74.125.133.94: bytes=32 time=11ms TTL=49
Reply from 74.125.133.94: bytes=32 time=11ms TTL=49
Reply from 74.125.133.94: bytes=32 time=15ms TTL=49

Ping statistics for 74.125.133.94:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 11ms, Maximum = 15ms, Average = 12ms

C:\Users\username>nslookup google.co.uk 127.0.0.1
Server: localhost
Address: 127.0.0.1

Non-authoritative answer:
Name: google.co.uk.example.co.uk
Address: <unknown public IP address>


C:\Users\username>nslookup google.co.uk. 127.0.0.1
Server:  localhost
Address:  127.0.0.1

Non-authoritative answer:
Name:    google.co.uk
Addresses:  2a00:1450:4007:80e::2003
          216.58.208.227


C:\Users\username>

1 respostas

Voted

mythofechelon · Answer 1 · 2017-12-08T10:14:17+08:00

Usando nslookupo modo de depuração do , descobri que isso se devia à devolução de ~~recursão~~ do DNS (obrigado @ joeqwerty ) e a um RR de caractere curinga de raiz pública previamente existente, mas desconhecido ( ).*.example.co.uk. IN A <unknown public IP address>

Especificamente, descobri que, neste caso, há um sufixo DNS;:

O nome DNS fornecido é um FQDN com um sufixo .; e a recursão do DNS está habilitada (padrão), nslookupfoi:
1. Anexando nenhum sufixo DNS e com sucesso.
O nome DNS fornecido é um FQDN sem sufixo .; e a recursão do DNS está habilitada (padrão), nslookupfoi:
1. Anexando o sufixo DNS primário e falhando.
2. Acrescentar o sufixo DNS primário um nível acima e "sucesso" porque o nome DNS fornecido corresponde ao RR de DNS curinga.
O nome DNS fornecido é um FQDN sem sufixo .; e a recursão do DNS está desabilitada, nslookupfoi:
1. Anexando o sufixo DNS primário e falhando.
2. Acrescentar o sufixo DNS primário um nível acima e falhar.
3. Anexando nenhum sufixo DNS e com sucesso.

Isso é demonstrado na seguinte saída anônima do Prompt de Comando quando a recursão foi habilitada (padrão):

C:\Users\username>nslookup
Default Server:  UnKnown
Address:  ::1

> set debug=true
> internal.example.co.uk
Server:  UnKnown
Address:  ::1

------------
Got answer:
    HEADER:
        opcode = QUERY, id = 2, rcode = NXDOMAIN
        header flags:  response, auth. answer, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 1,  additional = 0

    QUESTIONS:
        internal.example.co.uk.internal.example.co.uk, type = A, class = IN
    AUTHORITY RECORDS:
    ->  internal.example.co.uk
        ttl = 3600 (1 hour)
        primary name server = DC2.internal.example.co.uk
        responsible mail addr = hostmaster.internal.example.co.uk
        serial  = 170
        refresh = 900 (15 mins)
        retry   = 600 (10 mins)
        expire  = 86400 (1 day)
        default TTL = 3600 (1 hour)

------------
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 3, rcode = NXDOMAIN
        header flags:  response, auth. answer, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 1,  additional = 0

    QUESTIONS:
        internal.example.co.uk.internal.example.co.uk, type = AAAA, class = IN
    AUTHORITY RECORDS:
    ->  internal.example.co.uk
        ttl = 3600 (1 hour)
        primary name server = DC2.internal.example.co.uk
        responsible mail addr = hostmaster.internal.example.co.uk
        serial  = 170
        refresh = 900 (15 mins)
        retry   = 600 (10 mins)
        expire  = 86400 (1 day)
        default TTL = 3600 (1 hour)

------------
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 4, rcode = NOERROR
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 1,  authority records = 0,  additional = 0

    QUESTIONS:
        internal.example.co.uk.example.co.uk, type = A, class = IN
    ANSWERS:
    ->  internal.example.co.uk.example.co.uk
        internet address = <unknown public IP address>
        ttl = 599 (9 mins 59 secs)

------------
Non-authoritative answer:
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 5, rcode = NOERROR
        header flags:  response, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 1,  additional = 0

    QUESTIONS:
        internal.example.co.uk.example.co.uk, type = AAAA, class = IN
    AUTHORITY RECORDS:
    ->  example.co.uk
        ttl = 599 (9 mins 59 secs)
        primary name server = ns.domaincheck.co.uk
        responsible mail addr = dns.domaincheck.co.uk
        serial  = 2017092801
        refresh = 7200 (2 hours)
        retry   = 3600 (1 hour)
        expire  = 604800 (7 days)
        default TTL = 3600 (1 hour)

------------
Name:    internal.example.co.uk.example.co.uk
Address:  <unknown public IP address>

> internal.example.co.uk.
Server:  UnKnown
Address:  ::1

------------
Got answer:
    HEADER:
        opcode = QUERY, id = 6, rcode = NOERROR
        header flags:  response, auth. answer, want recursion, recursion avail.
        questions = 1,  answers = 2,  authority records = 0,  additional = 0

    QUESTIONS:
        internal.example.co.uk, type = A, class = IN
    ANSWERS:
    ->  internal.example.co.uk
        internet address = 172.16.233.2
        ttl = 600 (10 mins)
    ->  internal.example.co.uk
        internet address = 172.16.233.1
        ttl = 600 (10 mins)

------------
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 7, rcode = NOERROR
        header flags:  response, auth. answer, want recursion, recursion avail.
        questions = 1,  answers = 0,  authority records = 1,  additional = 0

    QUESTIONS:
        internal.example.co.uk, type = AAAA, class = IN
    AUTHORITY RECORDS:
    ->  internal.example.co.uk
        ttl = 3600 (1 hour)
        primary name server = DC2.internal.example.co.uk
        responsible mail addr = hostmaster.internal.example.co.uk
        serial  = 170
        refresh = 900 (15 mins)
        retry   = 600 (10 mins)
        expire  = 86400 (1 day)
        default TTL = 3600 (1 hour)

------------
Name:    internal.example.co.uk
Addresses:  172.16.233.2
          172.16.233.1

>

Isso é demonstrado na seguinte saída anônima do Prompt de Comando quando a recursão foi desabilitada:

C:\Users\username>nslookup
Default Server:  UnKnown
Address:  ::1

> set debug=true
> set norecurse
> internal.example.co.uk
Server:  UnKnown
Address:  ::1

------------
Got answer:
    HEADER:
        opcode = QUERY, id = 2, rcode = NXDOMAIN
        header flags:  response, auth. answer, recursion avail.
        questions = 1,  answers = 0,  authority records = 1,  additional = 0

    QUESTIONS:
        internal.example.co.uk.internal.example.co.uk, type = A, class = IN
    AUTHORITY RECORDS:
    ->  internal.example.co.uk
        ttl = 3600 (1 hour)
        primary name server = DC2.internal.example.co.uk
        responsible mail addr = hostmaster.internal.example.co.uk
        serial  = 170
        refresh = 900 (15 mins)
        retry   = 600 (10 mins)
        expire  = 86400 (1 day)
        default TTL = 3600 (1 hour)

------------
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 3, rcode = NXDOMAIN
        header flags:  response, auth. answer, recursion avail.
        questions = 1,  answers = 0,  authority records = 1,  additional = 0

    QUESTIONS:
        internal.example.co.uk.internal.example.co.uk, type = AAAA, class = IN
    AUTHORITY RECORDS:
    ->  internal.example.co.uk
        ttl = 3600 (1 hour)
        primary name server = DC2.internal.example.co.uk
        responsible mail addr = hostmaster.internal.example.co.uk
        serial  = 170
        refresh = 900 (15 mins)
        retry   = 600 (10 mins)
        expire  = 86400 (1 day)
        default TTL = 3600 (1 hour)

------------
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 4, rcode = SERVFAIL
        header flags:  response, recursion avail.
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        internal.example.co.uk.example.co.uk, type = A, class = IN

------------
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 5, rcode = SERVFAIL
        header flags:  response, recursion avail.
        questions = 1,  answers = 0,  authority records = 0,  additional = 0

    QUESTIONS:
        internal.example.co.uk.example.co.uk, type = AAAA, class = IN

------------
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 6, rcode = NOERROR
        header flags:  response, auth. answer, recursion avail.
        questions = 1,  answers = 2,  authority records = 0,  additional = 0

    QUESTIONS:
        internal.example.co.uk, type = A, class = IN
    ANSWERS:
    ->  internal.example.co.uk
        internet address = 172.16.233.2
        ttl = 600 (10 mins)
    ->  internal.example.co.uk
        internet address = 172.16.233.1
        ttl = 600 (10 mins)

------------
------------
Got answer:
    HEADER:
        opcode = QUERY, id = 7, rcode = NOERROR
        header flags:  response, auth. answer, recursion avail.
        questions = 1,  answers = 0,  authority records = 1,  additional = 0

    QUESTIONS:
        internal.example.co.uk, type = AAAA, class = IN
    AUTHORITY RECORDS:
    ->  internal.example.co.uk
        ttl = 3600 (1 hour)
        primary name server = DC2.internal.example.co.uk
        responsible mail addr = hostmaster.internal.example.co.uk
        serial  = 170
        refresh = 900 (15 mins)
        retry   = 600 (10 mins)
        expire  = 86400 (1 day)
        default TTL = 3600 (1 hour)

------------
Name:    internal.example.co.uk
Addresses:  172.16.233.2
          172.16.233.1

>

FQDNs resolvendo corretamente via ping, mas não nslookup

Você pode passar usuário/passar para autenticação básica HTTP em parâmetros de URL?