Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

DNS - Using dig to query for CNAME records?

Posted on 2014-09-12
10
Medium Priority
?
27,425 Views
Last Modified: 2014-09-15
What's the dig syntax to query for CNAME records?

What I've tried:
Pro DNS and BIND by Ron Aitchison ch9 DNS Diagnostics and Tools
dig @ns.mydomain.org domain.org any
dig @ns.mydomain.org domain.org cname
dig -t CNAME @ns.mydomain.org domain.org
dig @ns.mydomain.org domain.org

Google searches for the syntax.

https://support.google.com/a/answer/93595?hl=en
Troubleshoot CNAME records

Third party website
http://mxtoolbox.com/CNAMELookup.aspx

We've had CNAMES setup for a long time and we know they work.  Typical email use of CNAMES for example.
0
Comment
Question by:mobot
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 29

Expert Comment

by:becraig
ID: 40320246
Syntax would be
dig domain.com CNAME (optional) <dnsserver>

The tools you specified above are also on the right track, what specifically are you trying to find ?
0
 
LVL 38

Expert Comment

by:Gerwin Jansen, EE MVE
ID: 40320267
dig @8.8.8.8 experts-exchange.com C

(using google's DNS server to lookup the CNAME record for this site)
0
 
LVL 62

Expert Comment

by:gheist
ID: 40322002
CNAME cannot be used with email.
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
LVL 38

Expert Comment

by:Gerwin Jansen, EE MVE
ID: 40322039
@mobot - I'm not sure what you mean by "Typical email use of CNAMES for example." - your question is about querying C name records using dig, right?
0
 
LVL 29

Expert Comment

by:becraig
ID: 40322044
I also assume that is the question, if you are asking how cnames are used in email here is your answer:

    MX and NS records must never point to a CNAME alias (RFC 2181 section 10.3). So, for example, a zone must not contain constructs such as:

example.com.      MX     0   foo.example.com.
foo.example.com.  CNAME  host.example.com.
host.example.com. A      192.0.2.1

    Domains that are used for e-mail may not have a CNAME record.[3] In practice this may work, but can have different behavior with different mail servers, and can have undesired effects.[4]

Reference:
http://en.wikipedia.org/wiki/CNAME_record
0
 

Author Comment

by:mobot
ID: 40323802
Sorry not to have been clear.    We have an Outlook web server in play. And we use a CNAME for it so the users don't have to remember the mail server name..
email IN CNAME mailserver.mydomain.org.
And in practice this does work.

I'd like to see something to the similar when using dig.  

C:\>nslookup -q=cname email.mydomain.org nameserver.mydomain.org
Server:  nameserver.mydomain.org
Address:  xxx.xxx.xxx.xxx

email.mydomain.org canonical name = mailserver.mydomain.org
mydomain.org       nameserver = ns3.secondary_dns.net
mydomain.org       nameserver = ns1.secondary_dns.net
mydomain.org       nameserver = ns2.secondary_dns.net
mydomain.org       nameserver = nameserver.mydomain.org
nameserver.mydomain.org    internet address = xxx.xxx.xxx.xxx

C:\>

@Gerwin - what output do you get from running this cmd???  And I am asking how to query for CNAME records.

C:\>dig @8.8.8.8 experts-exchange.com C
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1748
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;experts-exchange.com.          IN      A

;; ANSWER SECTION:
experts-exchange.com.   17495   IN      A       54.86.90.123

;; Query time: 30 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Sep 15 13:14:56 2014
;; MSG SIZE  rcvd: 54


; <<>> DiG 9.3.2 <<>> @8.8.8.8 experts-exchange.com C
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1121
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;C.                             IN      A

;; AUTHORITY SECTION:
.                       1081    IN      SOA     a.root-servers.net. nstld.verisi
gn-grs.com. 2014091500 1800 900 604800 86400

;; Query time: 30 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Mon Sep 15 13:14:56 2014
;; MSG SIZE  rcvd: 94
0
 
LVL 29

Accepted Solution

by:
becraig earned 2000 total points
ID: 40323836
This would be the section you are looking for:
Command:
dig  www.experts-exchange.com CNAME


;; ANSWER SECTION:
www.experts-exchange.com. 8653  IN      CNAME   experts-exchange-437318971.us-east-1.elb.amazonaws.com.
0
 

Author Comment

by:mobot
ID: 40323905
I came up with this syntax and it works.  And the last cmd you just sent me works as well.  So either one will do what I want done.

C:\>dig -t cname @ns.mydomain.org email.mydomain.org

; <<>> DiG 9.3.2 <<>> -t cname @ns.mydomain.org email.mydomain.org
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1688
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 1

;; QUESTION SECTION:
;email.mydomain.org.               IN      CNAME

;; ANSWER SECTION:
email.mydomain.org.        43200   IN      CNAME   mailserver.mydomain.org.

;; AUTHORITY SECTION:
mydomain.org.              43200   IN      NS      ns1.secondary_dns.net.
mydomain.org.              43200   IN      NS      ns.mydomain.org.
mydomain.org.              43200   IN      NS      ns3.secondary_dns.net.
mydomain.org.              43200   IN      NS      ns2.secondary_dns.net.

;; ADDITIONAL SECTION:
ns.mydomain.org.   43200   IN      A       xxx.xxx.xxx.xxx

;; Query time: 30 msec
;; SERVER: xxx.xxx.xxx.xxx#53(xxx.xxx.xxx.xxx)
;; WHEN: Mon Sep 15 14:19:42 2014
;; MSG SIZE  rcvd: 161


C:\>
===============================================================================================
C:\>dig www.experts-exchange CNAME

; <<>> DiG 9.3.2 <<>> www.experts-exchange CNAME
;; global options:  printcmd
;; connection timed out; no servers could be reached

C:\>dig @208.67.222.222 www.experts-exchange.com CNAME

; <<>> DiG 9.3.2 <<>> @208.67.222.222 www.experts-exchange.com CNAME
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.experts-exchange.com.      IN      CNAME

;; ANSWER SECTION:
www.experts-exchange.com. 83211 IN      CNAME   experts-exchange-437318971.us-ea
st-1.elb.amazonaws.com.

;; Query time: 30 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Mon Sep 15 14:31:45 2014
;; MSG SIZE  rcvd: 107


C:\>
0
 
LVL 29

Expert Comment

by:becraig
ID: 40323917
Great that you got the answer you needed.

Happy to help.
0
 

Author Closing Comment

by:mobot
ID: 40323926
I added the opendns server because of the timeout.  The timeout could be a problem on my end.  But anyway the syntax you sent is what I was asking for.  That section is what I needed to see.  That confirms the CNAME is mapping correctly.  So thanks a bunch.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have been running these systems for a few years now and I am just very happy with them.   I just wanted to share the manual that I have created for upgrades and other things.  Oooh yes! FreeBSD makes me happy (as a server), no maintenance and I al…
Using libpcap/Jpcap to capture and send packets on Solaris version (10/11) Library used: 1.      Libpcap (http://www.tcpdump.org) Version 1.2 2.      Jpcap(http://netresearch.ics.uci.edu/kfujii/Jpcap/doc/index.html) Version 0.6 Prerequisite: 1.      GCC …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

877 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question