Chapter 8. DNS ¿À·ù ¼öÁ¤ µµ±¸
8.1. NSLOOKUP
³×ÀÓ¼¹ö¸¦ ¿î¿µÇÏ°í °ü¸®Çϴµ¥ ÀÖ¾î ¹®Á¦¸¦ ¹ß°ßÇÏ°í ÇØ°áÇϱâ À§ÇØ ResolverÀÇ ÀÔÀåÀ¸·Î ³×ÀÓ¼¹ö¸¦ ½ÃÇèÇغ¼ ÇÊ¿ä°¡ ÀÖ´Ù. ´ëºÎºÐÀÇ ½Ã½ºÅÛ¿¡ ±âº» ¼³Ä¡µÇ¾î ÀÖ´Â nslookupÀº dig¿Í ÇÔ²² °¡Àå ³Î¸® »ç¿ëµÇ´Â ³×ÀÓ¼¹ö ÁúÀÇ µµ±¸·Î½á, µµ¸ÞÀÎ ¸Þ´ÏÀúÀÇ ±âº» ¹«±âÁß ÇϳªÀÌ´Ù.
$ nslookup
Default Server: ns.nobreak.com
Address: 210.105.79.2
> exit
nslookupÀº ½ÇÇàÈÄ ´ëÈÇü ÇÁ·ÒÇÁÆ® '>'¸¦ Ç¥½ÃÇÏ°í /etc/resolv.conf¿¡ Á¤ÀÇµÈ Ã¹ ¹ø° ³×ÀÓ¼¹ö¸¦ ±âº» ÁúÀÇ ¼¹ö·Î ¼³Á¤ÇÑ´Ù. nslookupÀº BIND¿Í ´Þ¸® ÇϳªÀÇ ¼¹ö¸¸À» ÁúÀÇ¿¡ »ç¿ëÇϱ⠶§¹®¿¡ 'Default NS -> Timeout -> Error'¿Í °°ÀÌ µ¿ÀÛÇÑ´Ù.
8.1.1. µµ¸ÞÀÎ ³×ÀÓ °Ë»ö
nslookupÀº ±âº»ÀûÀ¸·Î ÀÔ·ÂµÈ µµ¸ÞÀο¡ ´ëÇØ A ·¹Äڵ带 °Ë»öÇÏ°í, IP ÁÖ¼Ò(in-addr.arpa)¿¡ ´ëÇؼ´Â PTR ·¹Äڵ带 °Ë»öÇÑ´Ù. set type=RR ¼³Á¤À¸·Î A ·¹ÄÚµå ÀÌ¿ÜÀÇ ·¹ÄÚµå ¶ÇÇÑ °Ë»öÇÒ ¼ö ÀÖÀ¸¸ç, RR(Resource Record)¿¡´Â A, ANY, CNAME, HINFO, MX, NS, PTR, SOA, TXT µîÀÌ ¿Ã ¼ö ÀÖ´Ù. ÀÌÁß ANY´Â °ü·ÃµÈ ·¹ÄÚµåµéÀ» ¸ðµÎ Ãâ·ÂÇ϶ó´Â ¾à¼Ó ±âÈ£ÀÌ´Ù.
> www.kr.freebsd.org. # IP °Ë»ö
Name: www.kr.freebsd.org
Address: 150.183.110.39
> ftp.kr.freebsd.org.
Name: www.kr.freebsd.org # ftp´Â wwwÀÇ CNAME
Address: 150.183.110.39
Aliases: ftp.kr.freebsd.org
> 150.183.110.39 # µµ¸ÞÀÎ °Ë»ö
Name: www.kr.freebsd.org
Address: 150.183.110.39
> set type=MX # MX ·¹ÄÚµå °Ë»ö
> kr.freebsd.org.
kr.freebsd.org preference = 10, mail exchanger = mail.kr.freebsd.org
> set type=NS # NS ·¹ÄÚµå °Ë»ö
> kr.freebsd.org. # µµ¸ÞÀÎ À§ÀÓ È®ÀÎ
kr.freebsd.org nameserver = ns.kr.freebsd.org
kr.freebsd.org nameserver = ns2.kr.freebsd.org
ns.kr.freebsd.org internet address = 150.183.110.2
ns2.kr.freebsd.org internet address = 150.183.110.3
> 46.102.39.in-addr.arpa. # Àιö½º µµ¸ÞÀÎ À§ÀÓ È®ÀÎ
kr.freebsd.org nameserver = ns.kr.freebsd.org
kr.freebsd.org nameserver = ns2.kr.freebsd.org
ns.kr.freebsd.org internet address = 150.183.110.2
ns2.kr.freebsd.org internet address = 150.183.110.3
8.1.2. ±âº» Äõ¸® ¼¹ö º¯°æ
nslookupÀº ±âº»ÀûÀ¸·Î recurse ¸ðµå·Î µ¿ÀÛÇϱ⠶§¹®¿¡, ¶§·Ð ÇØ´ç µµ¸ÞÀÎÀÇ Authority¸¦ °®´Â ƯÁ¤ ³×ÀÓ¼¹ö¿¡ Á÷Á¢ ÁúÀǸ¦ ÇÏ¿© Authoritative ÀÀ´ä(³×ÀÓ¼¹öÀÇ Ä³½¬¿¡¼°¡ ¾Æ´Ñ)À» È®ÀÎ ÇÒ ÇÊ¿ä°¡ ÀÖ´Ù. server, lserver ¸í·ÉÀ¸·Î ±âº» ÁúÀÇ ¼¹ö¸¦ º¯°æ ÇÒ ¼ö ÀÖ´Ù. µÎ ¸í·ÉÀº ÁÖ¾îÁø ³×ÀÓ¼¹öÀÇ ÁÖ¼Ò(Äõ¸®°¡ ¾Æ´Ñ)¸¦ ãÀ» ¶§ »ç¿ëÇÒ ÁúÀÇ ¼¹öÀÇ Â÷ÀÌÀε¥, server ´Â ÇöÀçÀÇ ±âº» ¼¹ö¸¦ ÅëÇÏ°í, lserver ´Â ½Ã½ºÅÛ ±âº» ¼¹ö(nslookup ±¸µ¿½Ã Ãʱ⠼³Á¤µÇ´Â)¸¦ »ç¿ëÇÔÀÌ ´Ù¸£´Ù. lserver ¸í·ÉÀº Ÿ ³×ÀÓ¼¹ö·Î ½ºÀ§Äª ÇÑ ÈÄ, ´Ù½Ã ´Ù¸¥ ³×ÀÓ¼¹ö·Î ½ºÀ§ÄªÇÏ·Á Çϴµ¥, ÇöÀçÀÇ ³×ÀÓ¼¹ö°¡ µ¿ÀÛÇÏÁö ¾Ê¾Æ ÇØ´ç ³×ÀÓ¼¹öÀÇ ÁÖ¼Ò¸¦ °Ë»öÇÏÁö ¸øÇÒ ¶§ »ç¿ëÇÑ´Ù. ´ÙÀ½À» º¸ÀÚ.
$ nslookup
Default Server: ns.nobreak.com
Address: 210.105.79.2
nslookup ±¸µ¿½ÃÀÇ ±âº» ¼¹ö ns.nobreak.com ÀÌ lserver ¸í·É¿¡¼ ÁÖ¾îÁø NSÀÇ ÁÖ¼Ò¸¦ ã±âÀ§ÇÑ ÁúÀÇ ¼¹ö°¡ µÈ´Ù.
> server ns.jp.freebsd.org. # ±âº» ¼¹ö º¯°æ
Default Server: ns.jp.freebsd.org
Address: 199.100.7.25
> server ns.nobreak.com.
*** Can't find address for server ns.nobreak.com: Non-existent host/domain
ns.jp.freebsd.org¸¦ ÅëÇØ ns.nobreak.comÀ» ãÀ» ¼ö°¡ ¾ø´Ù. À̶§¿¡´Â lserver ¸í·ÉÀ¸·Î ½Ã½ºÅÛ ±âº» ¼¹ö¸¦ ÅëÇØ ns.nobreak.com ÀÇ ÁÖ¼Ò¸¦ °Ë»öÇÑ´Ù.
> lserver ns.nobreak.com.
Default Server: ns.nobreak.com
Address: 210.105.79.2
·çÆ® ³×ÀÓ¼¹ö¸¦ ÁúÀÇ ¼¹ö·Î ÇÏ°íÀÚ ÇÒ ¶§´Â, °£´ÜÈ÷ root ¸í·ÉÀ» »ç¿ëÇÒ ¼ö ÀÖ´Ù.
> root
Default Server: a.root-servers.net
Address: 198.41.0.4
8.1.3. ³×ÀÓ ¼¹öó·³ ÁúÀÇÇϱâ
³×ÀÓ¼¹ö´Â ResolverÀÇ ¿äûÀ» ó¸®Çϱâ À§ÇØ, ³×ÀÓ½ºÆäÀ̽º¸¦ °Ë»öÇϸç, ¿©·¯ ³×ÀÓ¼¹ö¿Í Åë½ÅÀ» Çϴµ¥, nslookupÀ¸·Î µ¿ÀÏÇÑ °úÁ¤À» ¹â¾Æº¸µµ·Ï ÇÏÀÚ. ³×ÀÓ¼¹ö°¡ ÀÎÅͳݻ󿡼 ¾î¶»°Ô µ¿ÀÛÇϸç, ³×ÀÓ¼¹öµé °£¿¡´Â ¾î¶² »ç°ÇµéÀÌ ¹ß»ýÇÏ°í, ¿©·¯ºÐÀ» À§ÇØ ¹«¾ùÀ» ÇÏ´ÂÁö, ±¸Ã¼ÀûÀÎ ´À³¦À» ¹ÞÀ» ¼ö ÀÖÀ» °ÍÀÌ´Ù.
(1)
> set norecurse # Iterative ¸ðµå·Î Àüȯ
> www.kr.freebsd.org.
Server: ns.nobreak.com
Address: 210.105.79.2
Name: www.kr.freebsd.org
Served by:
- H.ROOT-SERVERS.NET
128.63.2.53
ORG
- B.ROOT-SERVERS.NET
128.9.0.107
ORG
...
ORG. °¡ °ü¸®µÇ´Â ·çÆ® ¼¹öµéÀÇ ¸ñ·ÏÀ» ·¹ÆÛ·±½Ì ÇØÁØ´Ù.
(2)
> server h.root-servers.net.
> www.kr.freebsd.org.
Server: h.root-servers.net
Address: 128.63.2.53
Name: www.kr.freebsd.org
Served by:
- WHO.CDROM.COM
204.216.27.3
FREEBSD.ORG
- NS1.CRL.COM
165.113.1.36
FREEBSD.ORG
- NS2.CRL.COM
165.113.61.37
FREEBSD.ORG
(3)
> server who.cdrom.com.
> www.kr.freebsd.org.
Server: who.cdrom.com
Address: 204.216.27.3
Name: www.kr.freebsd.org
Served by:
- ns.kr.freebsd.org
150.183.110.2
kr.freebsd.org
- ns2.kr.freebsd.org
150.183.110.3
kr.freebsd.org
(4)
> server ns.kr.freebsd.org.
> www.kr.freebsd.org.
Server: ns.kr.freebsd.org
Address: 150.183.110.2
Name: www.kr.freebsd.org
Address: 150.183.110.39
8.1.4. Zone Transfer
ÇØ´ç µµ¸ÞÀÎÀÇ Zone¿¡ ´ëÇÑ º¹»çº»À» ¾ò±âÀ§ÇØ, Primary·ÎºÎÅÍ Zone µ¥ÀÌÅͺ£À̽º¸¦ ²ø¾î¿À´Â ÀÛ¾÷À» Zone Transfer¶ó ÇÑ´Ù. ÀÌ ÀÛ¾÷Àº ÁÖ·Î Secondary NS Ãø¿¡¼ ÀÌ·ç¾îÁö¸ç, ¶§¶§·Î ¾ó¸¶³ª ¸¹Àº ¼öÀÇ È£½ºÆ®°¡ µî·ÏµÇ¾î ÀÖ´ÂÁö ȤÀº ZoneÀÇ ¹®¹ýÀû ¿À·ù¸¦ °Ë»çÇϱâ À§ÇØ °ü¸®ÀÚ°¡ ¼öµ¿À¸·Î Á¶ÀÛÇϱ⵵ ÇÑ´Ù. Zone Transfer´Â Authority¸¦ °®´Â ³×ÀÓ¼¹ö¿¡ Á÷Á¢ ÁúÀÇÇÏ¿©¾ß ÇϹǷÎ, nslookup »ó¿¡¼ ÇØ´ç NS·Î ÁúÀÇ ¼¹ö¸¦ º¯°æÇÑÈÄ, ls ¸í·ÉÀ» »ç¿ëÇÑ´Ù.
> server ns.kr.freebsd.org.
> ls -t A kr.freebsd.org. # A ·¹ÄÚµå Ãâ·Â
kr.freebsd.org. server = ns.kr.freebsd.org
kr.freebsd.org. server = ns2.kr.freebsd.org
mail 150.183.110.32
mqueue 150.183.110.33
www 150.183.110.39
www2 150.183.110.40
> ls -d kr.freebsd.org. # ¸ðµç ·¹ÄÚµå Ãâ·Â
kr.freebsd.org. SOA ns.nobreak.com hostmaster.kr.freebsd.org.
(1999031501 21600 1800 1209600 86400)
kr.freebsd.org. NS ns.nobreak.com
kr.freebsd.org. NS ns2.nobreak.com
kr.freebsd.org. MX 10 mail.kr.freebsd.org
kr.freebsd.org. MX 20 mqueue.kr.freebsd.org
cvsup CNAME www.kr.freebsd.org
mail A 150.183.110.32
mqueue A 150.183.110.33
ftp CNAME www.kr.freebsd.org
ftp2 CNAME www2.kr.freebsd.org
ftp3 CNAME ftp.free.nobreak.com
www A 150.183.110.39
www HINFO Pentium-200 FreeBSD 2.2.8
www TXT "Korea FreeBSD Users Group"
www2 A 150.183.110.40
www2 HINFO Pentium-133MHz FreeBSD 2.2.8
www2 TXT "Korea FreeBSD Users Group"
> ls -t MX kr.freebsd.org > MX-kr.freebsd.org # ÆÄÀÏ·Î ÀúÀå
> view MX-kr.freebsd.org # ÆÄÀÏ ³»¿ë È®ÀÎ
BINDÀÇ °æ¿ì named-xfer¶ó´Â ¿ÜºÎ ÇÁ·Î±×·¥À» »ç¿ëÇØ Zone Transfer¸¦ ¼öÇàÇÑ´Ù. ³×ÀÓ¼¹öÀÇ ÀÔÀå¿¡¼ ºÎÆ® ÆÄÀÏ¿¡ Secondary ¼³Á¤ÀÌ ÀÖÀ» °æ¿ìÀÇ Ã³¸®°úÁ¤À» »ìÆ캸ÀÚ.
secondary kr.freebsd.org 210.105.79.2 sec-kr.freebsd.org
BIND´Â secondary ¸í·ÉÀ» ¸¸³ª¸é ³»ºÎÀûÀ¸·Î ´ÙÀ½°ú °°ÀÌ µ¿ÀÛÇÑ´Ù.
loop(Interval == TTL) {
named-xfer -z kr.freebsd.org -f /var/named/sec-kr.freebsd.org -s Current_Serial 210.105.79.2
switch ( $? ) { // named-xfer ´Â ȯ°æ º¯¼ö '$?'¿¡ °á°ú¸¦ º¹±ÍÇÔ
case 0 : OK; // ½Ã¸®¾óÀÌ °°À½, Zone Transfer°¡ ÇÊ¿äÄ¡ ¾ÊÀ½
case 1 : OK; // ½Ã¸®¾óÀÌ Áõ°¡ÇßÀ½, Zone Transfer°¡ ¼º°øÀûÀ¸·Î ¼öÇàµÊ
case 2 : ERROR; // ³×ÀÓ¼¹ö¸¦ ãÀ» ¼ö ¾øÀ½
// ȤÀº ³×ÀÓ¼¹ö°¡ µµ¸ÞÀÎÀÇ Authority¸¦ °®Áö ¾ÊÀ½
case 3 : ERROR: // ½Ã¸®¾óÀÌ °¨¼ÒÇßÀ½, ±âÁ¸ÀÇ ¹é¾÷Ä«ÇÇ À¯Áö
}
primary kr.freebsd.org sec-kr.freebsd.org
}
º¸¾ÈÀÇ ÀÌÀ¯·Î Çã¶ôµÈ °÷(¿¹: Secondary NS's IP)¿¡¼¸¸ Zone Transfer¸¦ Çã¿ëÇÏ°íÀÚ ÇÑ´Ù¸é, Primary NSÀÇ ºÎÆ®ÆÄÀÏ¿¡ ´ÙÀ½°ú °°Àº ¿É¼ÇÀ» ÁØ´Ù. (Zone Transfer¸¸À» Á¦ÇÑÇÏ´Â °ÍÀ̱⠶§¹®¿¡, È£½ºÆ®¿¡ ´ëÇÑ °³º° Äõ¸®´Â Çã¿ëµÈ´Ù)
xfrnets 210.105.79.3&255.255.255.255 210.105.80.128&255.255.255.128
ÀÌ°ÍÀº BIND-4ÀÇ ¼³Á¤¿¹Àε¥, IP 210.105.79.3°ú 210.105.80.129-254 ¿¡¼¸¸ Zone Transfer¸¦ Çã¿ëÇ϶ó´Â ÀǹÌÀÌ´Ù. BIND-4¿¡¼´Â °³º° IP¿Í ¼ºê³ÝÀ¸·Î ³ª´©¾îÁø ºí·°¿¡ ´ëÇØ "IP&Mask"ÀÇ Çü½ÄÀ¸·Î ¸ñ·ÏÀ» ÀÛ¼ºÇϸç, Ŭ·¡½º Àüü¸¦ Çã¿ëÇÏ°íÀÚ ÇÒ °æ¿ì¿£ 210.105.79.0 °ú °°ÀÌ ¸¶½ºÅ©¸¦ »ý·«ÇÏ¿©µµ µÈ´Ù.
options {
allow-transfer { localnets; 210.105.79.3; };
};
BIND-8ÀÇ °æ¿ì¿¡ ÇØ´ç ¼¹ö°¡ ¼ÓÇÑ ³×Æ®¿öÅ©¿Í, 210.105.79.3¸¸À» Çã¿ëÇÑ ¿¹ÀÌ´Ù. localnets´Â ¿¹¾à¾îÀÌ¸ç ´Ù¸¥ ¿¹¾à¾î·Î´Â any, none, localhost °¡ ÀÖ´Ù.
8.1.5. ÃʱâÈ ÆÄÀÏ .nslookuprc
nslookupÀº ½ÇÇà½Ã ~/.nslookuprc ÆÄÀÏÀÌ Á¸ÀçÇϸé, ³»¿ëÀ» ÀÐ¾î ¿É¼ÇÀ» Á¶Á¤ÇÑ´Ù. ¸Å¹ø ¼³Á¤ÇÏ´Â ¿É¼ÇÀÌ ÀÖ´Ù¸é, º» ÆÄÀÏÀ» ÅëÇØ °£ÆíÈÇÒ ¼ö ÀÖ°Ú´Ù.
* .nslookuprc ÆÄÀÏ ¿¹
set type=NS
set nosearch
set debug