Ȼ/11

Top / Ȼ / 11

ĤΥå

ĤΤ褦ˡƥˤĤƤޤʤåб褦
Ūˤϡ⼨ΥޥɤȤȤˤʤ롥

  1. freebsd-update
  2. portsnap
  3. portaudit

warning.png portaudit ǽФƤٹˤб٤ɤȽǤ񤷤ƥ꤬ɤ줯餤ports ΥС󥢥åפ֤˹äƤ뤫С󥢥åפȼ̵꤬˴ñˤɤΤǸƤƤȤ򤷤褦.

DNS ȤϤʤˤ?

ϥ󥿡ͥåȤ򥤥󥿡ͥåȤ餷Ƥ뺬ѤΰġDNS (Domain Name System) ˤĤƳؽ褦.
ޤǤμƤ˲äƤ DNS 狼СΡɬ׺ʬδáפ褽狼äȤ뤫⤷ʤ*1.

ơDNS Ȥϥۥ̾(ܺ٤ϸҤ) IP address бϤȤ롤ۥ̾ȥͥåȥ¤бط˴ؤʬǡ١Ȥ䤤碌λȤߤǤ.
ʬĢפ⤫٤Ф褤.
web ȤäꤷƤơϴˤ褽ΤäƤȤȻפ.

 
DNS-model.png
DNS δŪ
 

ʲǹԤФ⡤ܺʬФʤ񤷤Ϥʤ*2.

ɬ DNS ȤʤȤʤ?

ȤäƤޥ򥤥󥿡ͥåȤ˷ҤΤǤФޤɬפǤȸäƤ褤.
DNS ϥ󥿡ͥåȤΥۥ̾ѤƤΥۥȤإ뤿λ¾ΡĢפʤΤǤ.
󥿡ͥåȤε礵ͤȡ¾ˡǤεǽѤΤϤۤԲǽ.

դ˸С֥󥿡ͥåȤ˷ҤʤפʤȤ⤢פΤǡ󥿡ͥåȤ˷Ҥʤʥͥåȥݤ DNS ʳ⸡Ƥ;Ϥ뤳Ȥ˺ƤϤʤ.

/etc/hosts

ۥ̾ IP ɥ쥹бʤɤΡ֥ͥåȥĢǡפ,ּΥ˽񤤤ƤפȤǤ.
ϡ /etc/hosts Ȥե˽񤭤Ǥ褤.
⤳ DNS ξΩǽǤ롥

ˡ DNS Ф԰Ǥ褦ʥͥåȥ˵ȤˤϷ빽ͭǤΤdzФƤȤ褤.
warning.png /etc/hosts ˥ۥ̾ IPɥ쥹б񤤤Ƥ˴ؤƤϡDNSФ³ǤʤǤ³ǽ. 顤ǡХååפ򤷤ƤʤɡDNSФξ֤˴طʤ³ξ /etc/hosts ˽񤤤ƤȤɤˡΤʤ.


warning.png /etc/hosts Τդ cracker virus Ѥ뤳Ȥ. ä ms-windows virus ˤ /etc/hosts ե(C:\WINDOWS\system32\drivers\etc\hosts ʤ)Խ virusкեȥ᡼ Web ˥Ǥʤ褦ˤΤʤɤΤǡms-windows, MacOS, unix Τ OS ȤäƤˤ衤/etc/hosts եΥեȤˤϻդʧä褤.

ʤ/etc/hosts ξ DNS ؤ䤤碌Τɤͥ褹뤫 /etc/nsswitch.conf ե "hosts" ܤ˽񤫤ƤǤ.
ǥեȤǤ

 hosts: files dns

ȤʤäƤꡤ/etc/hosts ͥ褹ȤˤʤäƤ.
notes.png /etc/nsswitch.conf ɤǡΤ褦ꤵƤ뤳ȤǧƤ.

DNS ֥ͥåȥʬǡ١פηǤɬ

ͥåȥε礵ȤѲᤵͤȡ쥫˥ǡ򽸤Ƥδϻ¾̵ʤȤϤ狼.
Ĥޤꡤʬơʤ٤˶ᤤʬdzơƤ餦ʬǡ١
ȤƤΤη˼ȹԤ夯ȤǤ.

ۥȡɥᥤ

webФ www.osaka-u.ac.jp Ȥ̾ΤǤ뤬ˤ褦.

ޤ www.osaka-u.ac.jp. ȺǸ˥ɥåȤĤɽǤ뤳ȤդƤ.
ǸΥɥåȤϡˤФС׾άƤǤ.
̾桼ȤƤϤϵˤɬפϤʤDNS Server κݤˤϺǸΥɥåȤάȡְִ㤨פˤʤ̤Τդ.
warning.png ʤϰռʤƤ褤ΡֺǸΥԥꥪɡפϥͥåȥǤϤ˴ФΤդ.

ƼˤȤǤ뤬 osaka-u.ac.jp Ȥɥᥤ www ȤۥȤǤ뤳Ȥ̣.
˥ɥᥤʬܤ⤹ȡΤˤϤ .(ɥå) ɽ롼ȥɥᥤ jp ɥᥤ󤬤ꡤ ac ɥᥤ󤬤ꡤˤ osaka-u ɥᥤ󤬤Ȥ¤򤷤Ƥ.
www.osaka-u.ac.jp. ޤǽ񤯤ȼΤ褦ˤʤ(Ū ֹץɥᥤ).

domain-structure.png

Ƴؤˤʣ(Ȥ¿)ɥᥤ󤬴ޤޤΤǡδط⤢碌ȤĤΤ褦ˤʤ.

domain-structure-multi.png

ʤߤˡwww.osaka-u.ac.jp Τ褦ˡۥ̾+ɥᥤ̾򤹤٤Ƥ碌Ǥ̾Τ FQDN(Fully Qualified Domain Name)Ȥ.

DNS 䤤碌ΤäѤʻȤ

DNS 䤤碌ϸΨΤ˼¤Ϸ빽ʣʻȤߤˤʤäƤΤ礶äѤ˸СơγؤΥɥᥤξĥ͡ॵз, 餬줾첼γؤΥ͡ॵз̾ΤäƤ뤳Ȥǥǡ١ʬˤʤäƤ.
ơDNS server ؤ䤤碌ϡΥФ硹˾ƵŪ䤤碌ƺǸΡ־ǤäƤץ͡ॵ(SOA: Start of Authority. ָҤγϡפʤɤľ.) 󶡤륵ФΤ)褦ˤʤäƤ(§ȤƤ).

Τ褦ˡǡ١ع¤äʬƤơïɤΥǡǤԤʤΤǽŪ˰դ˷ޤꡤġ䤤碌Ԥ褦ˤʤäƤΤDNS λȤߤΤ褯ǤƤȤǤ.
DNS λȤߤϤʤŤˡ֥ץʤɤǤƤ.
ȤϤȤʤäƤ꤬͡ФƤƤΤǡIJƤ.

DNS 䤤碌μ(ढ)

DNS Фؤ䤤碌ϡ礶äѤ˸äढ.
ʬˤΤǤǽ񤤤Ƥ.

ƵŪ䤤碌
ꤲŪ䤤碌. ʹ줿ϡʬΤʤ¾ΥФʹʤɤƤϫƺǽŪФʤȤʤ. ï˴ꤲΤϥǤ.
ƵŪ䤤碌
ʹôξʤ䤤碌. ʹ줿ϡ򤺤ФΤäƤ򡤤Ǥʤмʬ˶᤽ʥ͡ॵФΤäƤФΥ͡ॵФ򶵤Ǥ褤.

DNS λȤߤ餤äơïͤϺƵŪ䤤碌ƶϫʤȤʤפΤǡï뤫ݥȤȤʤ.
̾ϡDNS ؤΤʤ٤˵ƺƵŪ䤤碌ǤǽϤΤ륽եȥ(ĤޤꤿƤ LAN DNS Server)ºݤ SOA ޤǺƵŪ䤤碌Ԥå򸡺֤Ȥˤʤ.

DNS

ŪˤϡDNS (ľܤ)

ۥ꤬̾ȤΥۥȤ IP ɥ쥹䡤᡼ΰۥ(᡼륵), ۥ̾̾ä̾(canonical name),
IP Address ꤬ȤΥۥ̾

ȤȤˤʤ.
DNS 䤤碌ǴŪˤϤ깭(㤨ФΥۥȤξäƤ͡ॵФϤɤ줫ʤ).

ǡΡפˤĤƤ⤦򵭤Ƥ.
ŪˤϡΡ֥쥳̾פǤ. ϡDNS Ǥ䤤碌κݤˡ֤ξ󤬲ʤΤפؤפʥǤ.

쥳̾
SOAξǤξ. Start of Authority. Ǥ̾ԥ᡼륢ɥ쥹ǡꥢʥС, ͭĹʤ.
AIP Address
AAAAIP Address(IPv6)
NS͡ॵ
CNAMEΥۥȤ̾(⿿̾)
MXΥɥ쥹˥᡼뤬褿ɤΥ᡼륵Ф٤. ֹͥĤ.
PTRۥ̾

warning.png ƨ SOA ϡ줿󤬤ɤ줯餤ѤǤΤפͤݤ˽פ(ȤΤ⡤줿 SOA ̵Ϥξϥեʲǽ뤫Ǥ).

ȡDNS ˤϻ "IN" ȤɤФƤ뤬 Internet Ȥ̣ʤΤǤޤˤʤƤ褤.

ۥ̾ IP Address ¾ξΤ뤿 DNS Server 䤤碌뤳ȤȤ.
ǤʤۥȤȤΤϥ󥿡ͥåȾǤ()äƤϤʤʤ.

հ

դˡIP Address ۥ̾¾ξΤȤ䤤碌հȤ.

ʤߤˡհɬʤФʤϤȵꤵƤʤ.
Ĥޤꡤհʤ IP Address äƤ DNS Υ롼ʤ.

  • ͥåȥǤʤˤȤϤۤȤɵհ򤭤ꤷƤ
  • հʤۥȤФƤϢΥӥ򤷤ʤȤΥФ빽
  • ȵհη̤礷ʤȤʤȤ˸ΥФ빽
  • ƱͤΥåѥʤưʤޥɤ⤢

ʤɤʤɡհ򤭤ꤷʤȺ̤⤢ΤǡհǤʤ򤱤Ƥ.

桼Ȥ DNS ȤäƤߤ

DNS ξΤġ(1) host

ФˡDNS ΤˡŪΤäƤ.
ޤΤƤʤ褦˻פ"host" ޥɤհȤ˻Ȥ.

 host www.osaka-u.ac.jp

Ȥ()

www.osaka-u.ac.jp has address 133.1.8.5

"133.1.8.5" ֤äƤ뤷,

 host 133.1.8.5

Ȥ(հ)

5.8.1.133.in-addr.arpa domain name pointer www.osaka-u.ac.jp.

"www.osaka-u.ac.jp." ֤äƤ.
warning.png host ޥɤΧˤǸ˥ɥåȤĤɽƤ뤳Ȥ!

嵭Τ褦ˡץ̵ host ޥɤϤäʤ"-v" ץĤȤȾϤƤ.
㤨С

 host -v www.osaka-u.ac.jp 

Ȥ, Τ褦ʽϤ(Ū A, AAAA, MX 쥳ɤˤĤƿҤͤƤ)*3.

Trying "www.osaka-u.ac.jp"

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45661

;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0


;; QUESTION SECTION:

;www.osaka-u.ac.jp. IN A


;; ANSWER SECTION:

www.osaka-u.ac.jp. 62737 IN A 133.1.8.5


Received 51 bytes from 8.8.8.8#53 in 60 ms

Trying "www.osaka-u.ac.jp"

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48978

;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0


;; QUESTION SECTION:

;www.osaka-u.ac.jp. IN AAAA


;; AUTHORITY SECTION:

osaka-u.ac.jp. 143 IN SOA a.osaka-u.ac.jp. root.odins.osaka-u.ac.jp. 2011011800 10800 1800 3600000 259200


Received 84 bytes from 8.8.8.8#53 in 51 ms

Trying "www.osaka-u.ac.jp"

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33803

;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0


;; QUESTION SECTION:

;www.osaka-u.ac.jp. IN MX


;; AUTHORITY SECTION:

osaka-u.ac.jp. 1787 IN SOA a.osaka-u.ac.jp. root.odins.osaka-u.ac.jp. 2011011800 10800 1800 3600000 259200


Received 84 bytes from 8.8.8.8#53 in 51 ms

ʤߤˡDNS 䤤碌ɽǡ"IN" ˤФпοФƤ뤬οϤξλĤͭ(ñ)о̣¤Ǥ.

¾ˤ⡤빽¿ͤʥץ󤬤Τǡ"man host" ȤĴ٤ƤȤ褤.

notes.png ޤϾƱ褦ˤ host ޥɤȤäƤߤ褦.
ޤ-v ץ -a ȤäƤߤ褦.
ޤŬʥۥ̾Ф "host -v" Ĵ٤̤򡤤ޤǤμ򸵤˲ᤷƤߤ.

DNS ξΤġ(2) dig

ǯǤϡDNS 䤤碌ǹԤޥɤȤƤ "dig" ŪǤ.
Ȥ host ˻Ƥ뤬٤*4꤬ǽ.
ܤ "man dig" "dig -h" Ĵ٤Ƥ餦Ȥơ礶äѤˤϼΤ褦ˤĤ.
warning.png "jman dig" ȤϤʤ! ʤΤʤdig ˴ؤܸޥ˥奢˸ŤץΤΤۤʤΤ(Τܸޥ˥奢ϸŤǤϤ뤬dig Τä˸Ť).

̾ñʤ

dig www.osaka-u.ac.jp 

Ǥ褤.
ñʤհ "-x" ץѤ

 dig -x 133.1.8.5

Ȥ.

䤤碌˻Ȥ DNS server ꤷȤϡ@Υ Ȥʸ򥪥ץȤƲä.
㤨Сη̤ www.osaka-u.ac.jp ξǤǤ DNS Server a.osaka-u.ac.jp Ǥ뤳ȤʬΤ*5,ΥФ˲ҤͤƤߤ.

 dig @a.osaka-u.ac.jp www.osaka-u.ac.jp

Ȥȡ

; <<>> DiG 9.6.2-P2 <<>> @a.osaka-u.ac.jp www.osaka-u.ac.jp

; (1 server found)

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51292

;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 2

;; WARNING: recursion requested but not available


;; QUESTION SECTION:

;www.osaka-u.ac.jp. IN A


;; ANSWER SECTION:

www.osaka-u.ac.jp. 259200 IN A 133.1.8.5


;; AUTHORITY SECTION:

osaka-u.ac.jp. 259200 IN NS sigw.sinet.ad.jp.

osaka-u.ac.jp. 259200 IN NS b.osaka-u.ac.jp.

osaka-u.ac.jp. 259200 IN NS a.osaka-u.ac.jp.


;; ADDITIONAL SECTION:

a.osaka-u.ac.jp. 259200 IN A 133.1.192.3

b.osaka-u.ac.jp. 259200 IN A 133.1.119.3


;; Query time: 3 msec

;; SERVER: 133.1.192.3#53(133.1.192.3)

;; WHEN: Wed Jan 5 20:18:23 2011

;; MSG SIZE rcvd: 143

ȤʤꡤʬǤԤǤˤĤƤľ˶Ƥ뤳Ȥʬ(status ܤ).

ǤϡĴҤˤΤäƤΥ͡ॵФ¾䤤碌򤷤Ƥߤ褦.
㤨С

 dig @a.osaka-u.ac.jp www.yahoo.co.jp

ȤƤߤ. ȡ

; <<>> DiG 9.6.2-P2 <<>> @a.osaka-u.ac.jp www.yahoo.co.jp

; (1 server found)

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 61423

;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; WARNING: recursion requested but not available


;; QUESTION SECTION:

;www.yahoo.co.jp. IN A


;; Query time: 3 msec

;; SERVER: 133.1.192.3#53(133.1.192.3)

;; WHEN: Wed Jan 5 20:18:45 2011

;; MSG SIZE rcvd: 33

Ȥʤ("ANSWER SECTION" ̵ȡstatus "REFUSED" ˤʤäƤ뤳ȡʤɤܤ)֤ξͤδɳʤפȤˤʤäƤ뤳Ȥʬ.

ʤߤˡDNS Server ɤƤˤɤƤ뤫䤤碌ƤȤΥФ䤤碌ͤδط˰¸. ܤϤȤǤ狼

ơdig +trace ȤץĤܤ˼ʬƵŪưԤΤǡDNS λȤߤΤΤԹ礬褤.
⤦ܤ񤯤ȡΥץդǤ dig ϡ䤤碌襵ФˡƵŪƤ͡פ(Ĥޤꡤ䤤碌ꤲʤ).
warning.png դ˸С̾ dig ޥɤϼǴ DNS ServerˡִꤲפƤǡʬϲϫƤʤΤ.

Ĥޤꡤ+trace Ĥ dig ޥɤȤäȤϡơΥФñ˼μǺǤޥ֤ƤΤǡβȤĤʤ碌 dig ȤԤΤǤ.

㤨С

 dig +trace www.osaka-u.ac.jp

Ȥȡ

; <<>> DiG 9.6.2-P2 <<>> +trace www.osaka-u.ac.jp

;; global options: +cmd

. 3103 IN NS a.root-servers.net.

. 3103 IN NS b.root-servers.net.

. 3103 IN NS c.root-servers.net.

. 3103 IN NS d.root-servers.net.

. 3103 IN NS e.root-servers.net.

. 3103 IN NS f.root-servers.net.

. 3103 IN NS g.root-servers.net.

. 3103 IN NS h.root-servers.net.

. 3103 IN NS i.root-servers.net.

. 3103 IN NS j.root-servers.net.

. 3103 IN NS k.root-servers.net.

. 3103 IN NS l.root-servers.net.

. 3103 IN NS m.root-servers.net.

;; Received 228 bytes from 8.8.8.8#53(8.8.8.8) in 50 ms


jp. 172800 IN NS a.dns.jp.

jp. 172800 IN NS b.dns.jp.

jp. 172800 IN NS c.dns.jp.

jp. 172800 IN NS d.dns.jp.

jp. 172800 IN NS e.dns.jp.

jp. 172800 IN NS f.dns.jp.

jp. 172800 IN NS g.dns.jp.

;; Received 431 bytes from 198.41.0.4#53(a.root-servers.net) in 65 ms


osaka-u.ac.jp. 86400 IN NS b.osaka-u.ac.jp.

osaka-u.ac.jp. 86400 IN NS a.osaka-u.ac.jp.

osaka-u.ac.jp. 86400 IN NS sigw.sinet.ad.jp.

;; Received 127 bytes from 210.138.175.244#53(d.dns.jp) in 18 ms


www.osaka-u.ac.jp. 259200 IN A 133.1.8.5

osaka-u.ac.jp. 259200 IN NS sigw.sinet.ad.jp.

osaka-u.ac.jp. 259200 IN NS b.osaka-u.ac.jp.

osaka-u.ac.jp. 259200 IN NS a.osaka-u.ac.jp.

;; Received 143 bytes from 133.1.119.3#53(b.osaka-u.ac.jp) in 3 ms

ʤɤΤ褦֤äƤ.
ߤȡ

  1. ȤäƤ DNS (ξȤ 8.8.8.8 ȤäƤ)ؤ䤤碌η̤ȤƤޤ "."(롼ȥɥᥤ)ô NS
    13椢뤳ȤΤ(ե륵ӥ꥾ФȸƤФ꥾ФϡƤǽ餫餳 13ΤäƤ).
  2. 13 a.root-servers.net "jp." ô NS 7椢ȶƤäơ
  3. 7 d.dns.jp "osaka-u.ac.jp." ô NS 3椢ȶƤäơ
  4. 3 b.osaka-u.ac.jp www.osaka-u.ac.jp. Υɥ쥹򶵤Ƥä

ȤήǸȤ褯ʬ.
̾ϡʤ٤ͥåȥή󤬾ʤƺѤ褦˥åʤɤ͡ʹפѤƤΤǡΤ褦ϼľ䤤碌ʤ櫓ǤϤʤ.

롼ȥФνȥƥ

ǡ˽ФƤ롼ȥɥᥤô DNS(롼ȥФȸƤФ)ˤĤƵҤƤ.

Υ롼ȥФϡDNS ǤΤǡ餬ȵǽʤȥ󥿡ͥåȤΤΤȵǽʤ. "The Internet" ΡסȤäƤ褤.

ޤդ˸С󥿡ͥåȤؤιԤߤХ롼ȥɥᥤ󤳤оݤȤƺǤפʤΤΰĤȤȤˤʤ.
ΤᡤޤǤˤ絬ϤγƼﹶˤӤӤ餵Ƥ.
13椬Ϥ˻äƤ뤳ȤѤ륽եȥ֤虜ȰۤʤΤˤƤפȤʤɤƤȤˤ.
notes.png 롼ȥФФ뤳ޤDzä줿䤽ηаޤˤĤĴ٤Ƥ. ƥݤĤˤɤФ褤ȤɤؽˤʤϤ.

warning.png ʤߤˡ󥿡ͥåȤ٤롼ȥɥᥤô13*6δؤ櫓ϡĤƤϥꥫ 10, ܤ 1, Υ륦 1, 1 ǤȤƤ(Ϥʤʬôߡ1ĤΥ롼ȥɥᥤ򤤤Ĥιȿǻ٤褦ˤʤäƤƤΤǡΤ褦ñʬ񤷤).
http://www.root-servers.org/ ˥ꥹȤΤǡˤʤͤϸƤߤ褦.

DNS ξΤġ(3) nslookup

dig ΤϤ褯ȤƤΤ "nslookup" ޥɤǤ.
ʤ䤤碌򤽤⤽դʤȤ䡤ȾüǤ뤳ȤʤɤäƤפȰ줿ꤷƤޤȤʤʤäƤƤ뤬cygwin ˤܤäƤ뤳Ȥå⡼ɤΤڤͤȡޤޤǤҤɤġǤϤʤ(^-^)
notes.png "man nslookup" Ȥ nslookup Υޥ˥奢ɤǤ.

notes.png host, dig, nslookup ˤĤƥޥ˥奢Ĵ٤塤ĤΥۥȤˤĤƤΥޥɤ()쥳 A, MX ˤĤĴ٤Ƥߤ.
ޤ줿 IP ɥ쥹򸵤˵հԤäƤߤ.
ޤʬηӤΥ᡼륢ɥ쥹˥᡼Ф硤Υ᡼륵ФϤɤĴ٤Ƥߤ.

DNS հλȤ

BIND ϤˡհλȤߤˤĤƤ⿨Ƥ.
¤ϡѼԤΤ褯ľȰۤʤꡤDNS εհ(IP ɥ쥹¾ξΤ)̤ʻȤߤѰդƤʤ.

IP ɥ쥹 FQDN Τ褦˳ع¤򤷤Ƥ뤳ȤѤơ
IP ɥ쥹ۥ̾ΰǤȤߤʤ DNS λȤߤʶޤ
Ȥǵհ¸Ƥ.

Ūˤϡ"in-addr.arpa." ȤհѤ̤ʥɥᥤβˡIP ɥ쥹ոˤƥۥ̾Ȥߤʤ DNS Ǽ갷.
warning.png ɥᥤΥĥ꡼¤ȡIP Υĥ꡼¤θֵաפʤȤդ.

㤨С192.168.125.91 Ȥ IP ɥ쥹ϡ91.125.168.192.in-addr.arpa. Ȥۥ̾ DNS Ͽ뤳Ȥˤʤ.

inverse-IPdomain.png
IP 192.168.125.91 Ǥޥεհѥɥᥤι¤


հǤϤμɬפʤΤdzФƤ.

dig ޥɤʤɤǡλȤߤ´Ƥߤ褦.
Ūˤϡ㤨Хޥ q01.cl.math.sci.osaka-u.ac.jp = 192.168.125.91 Ф

 host -t PTR 91.125.168.192.in-addr.arpa.

Ȥȡ

91.125.168.192.in-addr.arpa domain name pointer q01.cl.math.sci.osaka-u.ac.jp.

ȤơΤˤΰ֤äƤ뤳Ȥʬ.
(Τݤ餫ƤΥޥɤ IP ɥ쥹򤽤ΤޤľϤƤ⥳ޥ¦DzᤷľƤ)

Ʊͤˡdig ޥɤǤ⡤

 dig -t PTR 91.125.168.192.in-addr.arpa.

ȤФ褤nslookup ޥɤǤ⡤

 nslookup -q=PTR 91.125.168.192.in-addr.arpa.

ȤСηǤεհǤ.

warning.png Ǥϡ䤤碌פ쥳 "PTR" ˤƤ뤬 "ANY" ˤƤ褤.

notes.png ʬΥޥ IP ɥ쥹Ȥäơ host, dig, nslookup ޥɤԤʤʬΥޥ֤̾äƤ뤫ΤƤߤ褦.

DNS 䤤碌饤Ȥ

BINDˡDNS 䤤碌 FreeBSD ǤɤΤ褦ˤƤ뤫񤤤Ƥ.
FreeBSD Ǥ DNS 䤤碌ԤϴŪ /etc/resolv.conf Ȥե˽񤭹ळȤˤʤäƤ.
ܺ٤ man resolv.conf ⤷ jman resolv.conf Ȥƥޥ˥奢ɤǤ餦Ȥˤơ¤񤤤Ƥ.

ץ(ɤ1Ԥǽ񤫤)
nameservernameserver 192.168.125.14DNS (ƵŪ)䤤碌. դƤǤʤȤʤ. nameserver ץ 3ĤޤǻǤ夫˻.
domaindomain cl.math.sci.osaka-u.ac.jpɥᥤ̾. 񤤤ƤСɥᥤ˽°ۥȤ򸡺ݤ˺ǽ . ʹߤάǤ. search Ȥ¾Ū.
searchsearch math.sci.osaka-u.ac.jp sci.osaka-u.ac.jpκݡ䴰뤿˻ȤɥᥤΥꥹ. Ƕڤ. domain Ȥ¾Ū.

notes.png /etc/resolv.conf search ץꤷơѤƤߤ褦.
Ūˤϡ

search cl.math.sci.osaka-u.ac.jp math.sci.osaka-u.ac.jp sci.osaka-u.ac.jp

ȤԤ /etc/resolv.conf ˲ä塤
warning.png 1Ԥǽ񤯤!

host www

dig +search -t ANY mail

ʤɤȤƤߤ褦.
warning.png dig ޥɤϡǥեȤǤ search ץ̵뤹Τ, +search ȤƤ.

DNS Ф¿Ų

ơ DNS Фä˰ܤ.
ޤ DNS Ф¿ŲˤĤƽҤ٤Ƥ.

DNS Фϥ󥿡ͥåȤ˽פ̤ΤǤΤǡɥᥤŪ˴Ƥ륵Ф 1椷ʤȤ֤Ϥޤˤ⿴٤򤱤٤Ǥ.
ǡŪ DNS ФϴŪ2սʾ¿Ų뤳ȤˤʤäƤ.
warning.png ޤޤ dig DNS 򸫤ȤˡɤΥɥᥤôФʣäȤפФ.

ơ¿ŲݤΥǡ乹ˤĤƤ⡤ȤȤߤͤƤ.

ϡ1ĤΥ(1Ĥ DNS ǤϰϤȻפФ褤)ˤĤơΥꥸʥĥ ޥ 1ȡΥԡĥ 졼֥ 1ʾѰդ뤳ȡȤƼ¸.
ơꥸʥ󤬥ޥФ饹졼֥ФŪʤϹˤԡ뤳ȤǡʣΥФۤƱĻȤߤˤʤäƤ.
򥾡žȤ.ž DNS ФλŻʤΤǡʹ֤򲼤ɬפäˤʤ.

ʤDNS 䤤碌Ԥ饤Ȥ鸫ȥޥФ졼֥Фζ̤Ϥޤ̵ñˡ᤯ۡפʤɤ褦ˤʤäƤ.

DNS ФοƻҴط

ˡDNS ФοƻҴطˤĤƽҤ٤褦.
ơ DNS ФɽŪʾäƤΤޤȤߤΥݥȤǤΤǡä򤷤褦.

ޤDNS ŪǤꡤξ DNS ФⳬŪˤʤäƤ뤳ȤμȤ dig +trace ǤƤ.

ơǤϤγءƻҴط(Ƥ礭ʥɥᥤ򡤻ҤϤΥ֥ɥᥤƤ륵ФȤȤˤʤ)ϼºݤˤɤΤ褦˴Ƥ.

ϡֿƥФҥФ֥ɥᥤƤ뤳ȤΤäƤФ褤פȤѤƴƤ.
warning.png ҤϿƤľΤɬפϤʤ. ʤʤ־(롼ȥ13)餿ɤкѤΤ.

ŪˤϡƥФΤΥ(ɥᥤ)ˡҥФ륾(ɥᥤ)ȤλҥФб񤫤ƤФ褤.
warning.png 줬 DNS дΰ֤ΥݥȤ. 狼м¤Ϥʤ񤷤ʤ.

ʬפ褦˶ǽ񤳤.
㤨СƥФ aaa.com ɥᥤƤơҥ ns.sub.aaa.com(192.168.125.105) ֥ɥᥤ sub.aaa.com Ȥ褦.
λϡƥФե aaa.com

sub.aaa.com. IN NS ns.sub.aaa.com.

ns.sub.aaa.com. IN A 192.168.125.105

ʤɤȽ񤯤Ȥˤʤ.
warning.png ܤξ󤬤˽񤤤Ƥ뤫¾DNSʤȡns.sub.aaa.com. ˥ǤʤΤǰ̣ʤ.

ơäդ˸С
ֿƥФҥФ()ɥᥤƤ뤳ȤΤʤ= ֿƥФǾΤ褦򤷤Ƥʤ
Ǥϡ()ɥᥤξϡֻҥФľ䤤碌ͤΤʤפΤǡޤǥʾȤȤˤʤ롥

äơ㤨и漼伫ǤΤѤޥ̾䥵֥ɥᥤʤɤϡƴˤʤ.
󡤤ξϤΥ֥ɥᥤȤäƳ饢뤳ȤϤǤʤ.
ʤߤˡμȤǤϤηԤ

DNS ФΥեȥˤĤ

DNS server եȥȤƤϼ BIND (Berkeley Internet Name Daemon) ȤΤȤ롥
ˤ¾Υեȥ⤢뤬BIND ΨϤ褽 90%ȸΤǡŪ DNS Фưʤ BIND Ǥ.
BIND ϡBSD ͳΥեȥǤꡤFreeBSD ǤϥǥեȤäƤΤǡۤܺǿ FreeBSD ȤäƤΤǤХ󥹥ȡȤäפǤ.
Ҥ륻ƥ꤬ΤǡλѤƤ BIND ΥСˤä˵Ȥ褦ˤ褦.

BIND ϵǽʬ꤬Ѥ
󡤥󥿡ͥåȤ˴³絬ϤʥƥǤ BIND ȤΤɤΤǯ DNS ФμפϤष󥿡ͥåȤ˥ɥᥤξ򤢤ޤϤʤDNS Сʤ LAN Ρ¦׸ΤΤ¿
˵󤲤ؤθ漼䡤Ŀͤμ⡤澮Ȥμ DNSФʤɤ롥
ֳ˸ƾɬפ̵סʤDNS ФοƻҴطȤ߹ޤʤDNS ФˤϡꥷץǻȤ䤹եȥ dnsmasq ΤǺϤȤ
warning.png dnsmasq ˤ DHCP ФȤƤεǽ⤢ꡤDNS Ф DHCP ФǤȤǤ BIND ͥƤ롥DHCP ʬˤĤƤϺϲ⤷ʤ˽Ҥ٤褦ʾʴĶǻȤʤȤ⤢ΤǡĴ٤ƤȤ褤
warning.png ¤ϡƳƤ롼(¿Ϸ󤷤ƤץХΥ󥿥)Ѥͭ̾ʥץ󥷥ƥ OpenWRT ǤϤ dnsmasq ȤƤꤹ롥

ʤBIND Ȥ褦ʾϡǯ٤μȻ򻲾Ȥ줿

dnsmasq Υ󥹥ȡ

󥹥ȡν

ޤ˽Ҥ٤ BIND ưƤꤷʤå褦

 lsof -i4 | less
 ps -axuww | less

ʤɤȤơ"named" Ȥǡ(BIND Τ)ưƤʤǧ褦
warning.png𤷤Ǥ뤬BIND 륳ޥɤ named (̾Υǡ󡤤ȤǤפФ褤)Ȥ̾Ǥꡤޥ˥奢ǥ쥯ȥ̾ϴŪ "named" Ȥ̾ȤΤդ.

BIND ưƤ褦ʾ kill ޥɤʤɤѤưᡤ /etc/rc.conf Ƽư BIND ưʤ褦ˤ褦(BIND ưƤʤФ餯 rc.conf named_enable="YES" Ȥ꤬Ϥ餳ѹɤ)

warning.png BIND 򥢥󥤥󥹥ȡ뤹ɬפϤʤ


󥹥ȡ

ĤΤ褦 portsnap 򤭤ȤƤ顤

 portinstall dnsmasq

פʤϤ
κݡץʹ뤬

dnsmasq-options.png

Τ褦 IPv6 򳰤ƤФ褤
ơ󥹥ȡ˽ФƤå(򸫤ɤ)ǽפʤΤ

*** To enable dnsmasq, edit /usr/local/etc/dnsmasq.conf and

*** set dnsmasq_enable="YES" in /etc/rc.conf[.local]

===> SECURITY REPORT:

This port has installed the following files which may act as network

servers and may therefore pose a remote security risk to the system.

/usr/local/sbin/dnsmasq


This port has installed the following startup scripts which may cause

these network services to be started at boot time.

/usr/local/etc/rc.d/dnsmasq


If there are vulnerabilities in these programs there may be a security

risk to the system. FreeBSD makes no guarantee about the security of

ports included in the Ports Collection. Please type 'make deinstall'

to deinstall the port if this is a concern.


For more information, and contact details about the security

status of this software, see the following webpage:

http://www.thekelleys.org.uk/dnsmasq/doc.html

Ȥ

ǽιܤǡ

  • dnsmasq ե /usr/local/etc/dnsmasq.conf Ǥ롥
  • dnsmasq ͭˤˤϡ/etc/rc.conf dnsmasq_enable="YES" Ƚ񤱤ɤ

ȤȤ狼ꡤιܤ

  • dnsmasq εưץȤ /usr/local/etc/rc.d/dnsmasq Ǥ롥

Ȥ狼롥


ơdnsmasq Ѥ뤿κ¤ޤϹԤ
dnsmasq ΥǥեȤľʤΤǡ¤Ȥ

  • /etc/hosts dnsmasq ʤƤ
  • ư dnsmasq ưϤ褦ˤ
  • ̾ dnsmasq 褦ꤹ

ȤƤФޤϻȤϤ

notes.png ʲºݤ˹Ԥ


/etc/hosts dnsmasq ʤƤ

/etc/hosts ˤϡIPv6 ꤬ʶǤꤹ롥
̾ä˳Ϥʤ(IPv6 ץ򳰤) dnsmasq ǤϤ꤬ʤäꤹΤǤ̵ˤƤۤɤ
Ūˤϡ/etc/hosts

::1localhost ۤۤ

ȤԤ硤ιԤ̵ˤƤȤˤʤ(ιԤƬ # ȤʸФ褤)


ư dnsmasq ưϤ褦ˤ

Υå餫ʤ褦ˡ

 dnsmasq_enable="YES"

/etc/rc.conf ˽񤤤ƺƵưФ褤


̾ dnsmasq 褦ꤹ

/etc/resolv.conf Ƭ

 nameserver   127.0.0.1

񤭤ǤСDNS ̾ޤ(ʬȤξưƤ) dnsmasq ळȤˤʤ롥

warning.png IP ɥ쥹 127.0.0.1 ȤΤϼʬȤΤȤ
warning.png ϡ"nameserver ..." ȤǺǽ˽ФƤʤȤʤΤǡƬˤȤؼˤϰ̣롥
warning.png ˽񤤤ƤϤ "nameserver ..." ȤϽ񤭴äꤷʤ褦ˡ ξϡdnsmasq ֳؾʹ˹ԤפȤ˻ȤΤǡ줬ʤ DNS ФȤƤۤȤɰ̣ʤʤ롥


dnsmasq ưƤ뤫ǧ

BIND ưåԤäƱͤˡ

 lsof -i4 | less
 ps -axuww | less

Ȥ dnsmasq ưƤ뤫å褦
ưƤʤ褦ʤǧ褦


ưƤߤ

ơ dnsmasq ưƤʤФǰռ dnsmasq ȤϤ
ǡʲΤ褦ˤƳǧƤߤ褦
㤨С

 dig www.osaka-u.ac.jp

Ȥ

; <<>> DiG 9.6.2-P2 <<>> www.osaka-u.ac.jp

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10480

;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0


;; QUESTION SECTION:

;www.osaka-u.ac.jp. IN A


;; ANSWER SECTION:

www.osaka-u.ac.jp. 58211 IN A 133.1.8.5


;; Query time: 0 msec

;; SERVER: 127.0.0.1#53(127.0.0.1)

;; WHEN: Wed Jan 26 19:41:24 2011

;; MSG SIZE rcvd: 51

Ȥ褦ˡ127.0.0.1(ʬ)֤ΤǡʬȤξ DNS ԤեȥưƤ뤳Ȥˤʤꡤdnsmasq Ȥ狼롥


dnsmasq ɳۥȾɲäƤߤ褦

꤬ݤ BIND Ȥϰۤʤꡤdnsmasq Ǥ dnsmasq ɳۥȾ /etc/hosts ˽񤭲äɤ
ǡκȤäƤߤ褦

Ŀ͸Ŀͤǰۤʤ褦ˤ뤿ᡤ/etc/hosts եˡ

ɲäۥ̾(3)sub01-Υۥ̾ sub03-Υۥ̾㤨Сq05.cl.math.sci.osaka-u.ac.jp ȤäƤͤϡsub01-q05.cl.math.sci.osaka-u.ac.jp, sub02-q05.cl.math.sci.osaka-u.ac.jp, sub03-q05.cl.math.sci.osaka-u.ac.jp 3ġ
ۥȤ IP192.168.125.110+(3*PCֹ) 192.168.125.112+(3*PCֹ)㤨 q05 ȤäƤͤϡ192.168.125.125, 192.168.125.126, 192.168.125.127 Ȥʤ롥

ɲä褦
϶Ūˤϡ㤨 q05 ȤäƤͤ

 192.168.125.125sub01-q05 sub01-q05.cl.math.sci.osaka-u.ac.jp
 192.168.125.126sub02-q05 sub02-q05.cl.math.sci.osaka-u.ac.jp
 192.168.125.127sub03-q05 sub03-q05.cl.math.sci.osaka-u.ac.jp

Ȥ3Ԥ񤭹ळȤˤʤ(IP ȥۥ̾δ֤Ϥ餯2Ĥ餤ǶڤΤɤ)

Ԥäȡ񤭴ɤ߹ޤ뤿 dnsmasq ƵưƤŪˤϡ

 /usr/local/etc/rc.d/dnsmasq restart

ȤФ褤


ɲäʬȤΤ뤳ȤǤ뤫å褦

dig ޥɤȤäƥå褦
㤨Сq05 ȤäƤͤϡ

 dig sub02-q05

ʤɤȤƤߤ褦
ANSWER SECTION ֤äƤƤСưƤ뤳ȤǧǤ롥


ɲä¾ޥ(ľ)䤤碌뤫å褦

ʬ /etc/hosts ˽񤤤ʬǰΤ DNS ФȴطʤȤǤ뤳Ȥ顤ޤǤưǤ DNS dnsmasq Ƴ꤬ߤ狼ʤ
ǡdnsmasq LAN DNS ФȤư᡼Ϥिˡ¾οͤΥޥ䤤碌ԤäƤߤ褦

㤨Сq05 ʳ ȤäƤͤ q05 DNS ФȤƻȤ᡼ǥåԤʤС

 dig @q05 sub03-q05

ȤƤߤФ褤
ANSWER SECTION ֤äƤƤСq05 () DNS ФȤƻȤ뤳Ȥ q05 ξꤷͤΤ뤳ȤǤ뤳Ȥ狼롥


ݡ

ǡĴ٤Ȼؼ줿ˤĤĴԤ𤻤.
Ƽ

  1. °(ز)
  2. ֹ
  3. ǯ
  4. ̾
  5. οΥݡ(θȤˤĤƵŤ)

񤯤Τ˺ʤ褦.

about Icons, ClipArts

Some icons in this page are downloadable at ICONFINDER.

The "note" icon notes.png designed by Marco Martin is distributed with the LGPL licence,
the "warning" icon warning.png designed by Alexandre Moore with the GPL licence
and the "triangle" icon JNorth_arrow-right-sm.png designed by Joseph North is distributed with the Creative Commons (Attribution-Noncommercial-Share Alike 3.0 Unported) licence.

Some clip arts used in this page are downloadable at Open Clip Art Library.
We deeply appreciate their superb works. With licence, they describe that "the actual clipart content on open clipart library is Public domain" in the web.


*1 󡤥ͥåȥΥ롼ƥ󥰤Υѥåȥե륿󥰤ΡʬΤäƤ褤Ȥ̵¤ˤȸäƤ褤.
*2 褦˸Ȼפ. ޤѾ(delegation)ΤʤΤȸФȸ¤ʤ䤳ʤäƤΤ
*3 ˡgoogle public DNS ȤäƤߤ
*4 Ȥ٤
*5 ɬ狼Ȥϸ¤ʤ
*6 ĤȤäƤޥ13Ȥ櫓ǤϤʤϤ褦ˤʤäƤȤǡ֤Ϥä¿