# DNS Stuff
Mostly notes on stuff you can do with dig
on linux
# Cloudflare for DDNS
Quick little script that runs in bash to update a dns record on cloudflare; this can be added to a cronjob to keep your record updated.
I use i.blasteh.uk
to grab the external IP of the machine running the script, you can use whatever service you like that returns just the IP.
There is a quick regex sanity check on the ip to ensure that it is roughly the correct format of an IP, but it is not a real check. (it will allow 999.999.999.999 for example)
#!/bin/bash
CFAPIKEY="my_cloudflare_api_key"
ZONEID="my_dns_zone_id"
RECORDID="my_dns_record_id"
EMAIL="email_address"
DOMAIN="fqdn_of_domain_record"
MYIP=$(curl -sSL i.blasteh.uk)
if grep -oE "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}" <<< ${MYIP} >/dev/null ; then
RESULT=$(curl -sSX PUT "https://api.cloudflare.com/client/v4/zones/${ZONEID}/dns_records/${RECORDID}" -H "X-Auth-Email: ${EMAIL}" -H "X-Auth-Key: ${CFAPIKEY}" -H "Content-Type: application/json" --data '{"type":"A","name":"'"${DOMAIN}"'","content":"'"${MYIP}"'","ttl":1}')
fi
if [ "$?" -ne 0 ]; then
echo "Error Updating IP"
echo ${RESULT}
fi
# Lookup GLUE records
We'll use blasteh.uk
for the following examples.
# Determine the name servers for the TLD
$ dig uk ns
; <<>> DiG 9.10.3-P4-Ubuntu <<>> uk ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51961
;; flags: qr rd ra; QUERY: 1, ANSWER: 8, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1452
;; QUESTION SECTION:
;uk. IN NS
;; ANSWER SECTION:
uk. 10557 IN NS dns4.nic.uk.
uk. 10557 IN NS nsa.nic.uk.
uk. 10557 IN NS nsb.nic.uk.
uk. 10557 IN NS nsc.nic.uk.
uk. 10557 IN NS nsd.nic.uk.
uk. 10557 IN NS dns1.nic.uk.
uk. 10557 IN NS dns2.nic.uk.
uk. 10557 IN NS dns3.nic.uk.
;; Query time: 13 msec
;; SERVER: 192.168.10.254#53(192.168.10.254)
;; WHEN: Sun Mar 24 16:14:02 GMT 2019
;; MSG SIZE rcvd: 183
# Query a TLD nameserver to get the target domain's nameserver(s)
Pick one of the NS records that you got and continue the query:
$ dig blasteh.uk ns @nsa.nic.uk
; <<>> DiG 9.10.3-P4-Ubuntu <<>> blasteh.uk ns @nsa.nic.uk
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16192
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;blasteh.uk. IN NS
;; AUTHORITY SECTION:
blasteh.uk. 172800 IN NS vita.ns.cloudflare.com.
blasteh.uk. 172800 IN NS owen.ns.cloudflare.com.
;; Query time: 33 msec
;; SERVER: 156.154.100.3#53(156.154.100.3)
;; WHEN: Sun Mar 24 16:14:57 GMT 2019
;; MSG SIZE rcvd: 94
# Lookup IPv6 records
$ dig blasteh.uk aaaa +short
2606:4700:30::681c:c1c
2606:4700:30::681c:d1c
# Lookup txt records
$ dig github.com txt +short
"MS=6BF03E6AF5CB689E315FB6199603BABF2C88D805"
"docusign=087098e3-3d46-47b7-9b4e-8a23028154cd"
"v=spf1 ip4:192.30.252.0/22 ip4:208.74.204.0/22 ip4:46.19.168.0/23 include:_spf.google.com include:esp.github.com include:_spf.createsend.com include:servers.mcsv.net ~all"
"MS=ms44452932"
# Lookup hostname of an IP
A.K.A reverse lookup
$ dig -x 1.1.1.1 +short
one.one.one.one.