What is the Traceroute command?

The Traceroute command (Tracert on Windows) is a small network diagnostic software that you have built-in on your device and servers for tracing the route, hop by hop to a target.
Many network administrators use the Traceroute command daily. It is a convenient tool that you can use under different operation systems – Windows (Tracert), macOS, Linux (Traceroute), and even on mobile (Android and iOS).
To access the traceroute, you will need to use the Terminal (Linux and macOS) or the Command Prompt (Windows).
You can use the Traceroute and see the full route that the packets take to their destination (domain or IP address). Apart from that, you will see the hostnames and IPs of the routers on the way and the latency, the time it takes for each device to receive and resend the data.
You can see which gateway is discarding your data, and later you can fix it.

How does it work?

When you run a traceroute, you send an IP packet containing the source and destination addresses and the time to live (TTL) for each hop. TTL in packets decreases with each hop. This is to avoid server looping issues. Furthermore, when the TTL is reached, the packet expires and is discarded. When this occurs, Traceroute returns to the sender ICMP Time Exceeded messages (RFC 792). Because small TTL settings cause packets to expire quickly, traceroute forces all routers in a packet’s path to produce the ICMP messages that identify the router.

To better visualize the traceroute’s working mechanism, you can look at the following chart.

Why use the Traceroute or the Tracert command?

The benefits of using the traceroute command or its alternative for Windows called tracert command are:

• Complete route list. You will see all the routers on the way, with their IP addresses and the time it took. You can better understand the network.
• Route timing. See how much time does it take to finish the query. Is it ok for you? What can you do to speed it up? You can have a starting point for improvements.
• It is built-in. You don’t need to install additional software, and its use is free.
• Check if you can reach a target. See if there is a connection between your device and the hostname or IP address you put in the command.
• See problematic slow router. You can see how much time it took in each hop. So you can see a spot that significantly slows your network. You can fix the problem or add more presence in the area.

When will you need it?

Here are several scenarios where using a traceroute to diagnose a problem you are having can be necessary.

• Sluggish site

Run a traceroute from your computer to your website if you find it is operating slowly. With it, you will check for networking issues between your location and the server.

• Customer timeouts for email

Run a traceroute to assess the quality of the connection to the mail server if you have problems with your mail connection. In addition, you can find your mail server IP by running the following command: “ping smtp.server.com”. It will return the IP address of the Simple Mail Transfer Protocol (SMTP) server that you need for Traceroute purposes.

How to use the Traceroute command?

Use the Traceroute command by writing the command “traceroute + domain.com / IP address” or, in the Terminal on Linux and macOS or “tracert + domain.com / IP address” in the Command Prompt on Windows.

Traceroute (Linux and macOS)

traceroute domian.com or traceroute 12.23.34.45

Tracert (Windows)

tracert domian.com or tracert 12.23.34.45

On macOS, you can also use the Traceroute utility. Press the command button + space. Then write Network Utility. Inside it, navigate to Traceroute. Write the hostname or IP address and press enter. It will show you the result.

*You can change the domain.com with another domain you want to probe, and the same goes for the IP address.

Some differences between the Traceroute command, and the Tracert exist. Check the options below.

Traceroute command vs Tracert command

Apart from the small difference between typing traceroute and the Tracert, the fact that the first works on Linux and macOS, and the second on Windows, the other significant differences are the syntax and the options.

Syntax of the traceroute and Tracert commands

traceroute [options] host_Address [pathlength] (Linux)

traceroute [options] host [packetsize] (macOS)

tracert [-d] [-h maximum_hops] [-j host-list] [-w timeout] [-R] [-S srcaddr] [-4] [-6] target_name (Windows)

Example of Traceroute (Tracert on Windows)

The name of Traceroute on Windows is Tracert. It works very similar to the version on the other operating systems.

And this is how the Traceroute command looks on Linux and macOS:

Traceroute options for Linux

If you are a Linux user (Ubuntu, Linux Mint, Manjaro, Red Hat, Debian, etc.), you can specify your traceroute command with the following options:

rDNS explained in detail

Traceroute options for Windows

You can use the Tracert command with various options to perform more precise tests. The following options work on Windows Vista, Windows 7, Windows 8, and of course, Windows 10.

Traceroute options for macOS

While the Traceroute command on macOS is very similar to its Linux version, there are small differences in their options.

Save Traceroute results for later analysis

Traceroute outputs can be long and detailed, especially when diagnosing complex networks. Saving the results for future analysis helps document network issues, allowing users to track changes, compare routes, or share the data with colleagues or support teams.

To save traceroute results to a file, simply redirect the output into a text file using the following syntax:

For Linux/macOS:

traceroute example.com > traceroute_results.txt

For Windows:

tracert example.com > tracert_results.txt

This command captures the entire output of the traceroute (or tracert) command and saves it in a file called traceroute_results.txt in the current directory. You can then review or share this file at any time, making it easier to troubleshoot ongoing network issues without needing to rerun the command.

The TTL and Traceroute

Each packet that you send contains a TTL (time to live). It is not a time but a limit of hops it can do before getting the result.

Usual limit is 30, but it can be more like 64 for example. This limit stops your data after a certain amount of hops so it won’t go forever. The IP packet will follow until it gets “time exceeded” or “port unreachable” when it gets to the host.

Starting at 30, on the next hop, it will drop to 29 and so on. If it can’t find the domain or IP that you wanted it will display a message where did it fail, so you will know where the problem is.

Distinction between Ping and Traceroute

Both Ping and Traceroute are tools for analyzing networks. However, the Traceroute is a little more advanced. For example, ping will check the connectivity between two hosts but does not reveal the route between them. On the opposite, the Traceroute shows every stop between the source and the final destination. This can be helpful when connectivity is patchy, such as when only 50% of ping attempts between two places are thriving.

So, to sum up, the Traceroute command can be used to identify connectivity issues, while ping is a quick approach to determine whether a host is reachable over a network. Both of these commands are beneficial to be aware of because knowing how they operate and what their output denotes can be very valuable when analyzing network connectivity issues.

Traceroute’s Restrictions

• It establishes the route at the interface level rather than at the router level.
• The Traceroute may not respond after crossing the maximum number of hops if there are firewalls between the source and destination routers that prevent the probe packets from being sent. Furthermore, despite the hops IP address, the router will display * (asterisk) if no response is received. Therefore, using a traceroute under these circumstances is not suggested.
• Based on the IP headers, load balancing routers can route the traffic via a number of different paths. Therefore, if we execute a traceroute in this case, it will give us an incorrect path between the origin and the goal. Accordingly, it is not advisable to employ traceroutes in this circumstance either.

Are there alternatives to the traceroute command?

Yes, there are various alternatives to the traceroute commands like MTR command, Dig command, Open Visual Traceroute, Nmap.

MTR command (Linux and macOS)

mtr domain.com

The MTR command is an improved traceroute command that can give more statistics and data for lost packets (percentage).

Dig command (Linux and macOS)

dig +trace domain.com

If you already use the Dig command, you can use it for tracing the route too.

Open Visual Traceroute (Linux, macOS, and Windows)

This one is for people who want a visual interface. It is heavier, but it can show you, in a graphical way, the route of the queries and also get Gantt graphs.

Nmap (Linux, macOS, Windows, BSD, and more)

nmap –traceroute domain.com

The results are very similar to the traceroute command.

Conclusion

By using the newly collected data, you can see if there is any problem on the route (not responsive server or very slow one) and later focus your attention to fix it. If you want to see few more tools you can check one of our previous article Тools – DNS trace, Ping, Traceroute, Nslookup, Reverse lookup.

The post Traceroute command and its options appeared first on ClouDNS Blog.

What is Knot DNS?

Knot DNS is an open-source DNS server software developed by the CZ.NIC association. It is designed to provide fast and reliable DNS resolution services for both authoritative and recursive DNS queries. Knot DNS is known for its efficiency and security features, making it a popular choice for organizations and network administrators.

Knot DNS is part of the broader Knot project, which includes various DNS-related tools and libraries, all aimed at improving the Internet’s DNS infrastructure. Knot DNS itself is specifically focused on serving DNS requests and resolving domain names efficiently and reliably.

The DNS server software includes great features like support for modern DNS standards, such as DNSSEC (Domain Name System Security Extensions), to enhance the security of DNS queries and responses. It also offers a flexible and modular architecture, allowing users to customize and extend its functionality as needed. Another notable aspect is its focus on minimizing memory usage and maximizing performance, making it suitable for resource-limited environments. Overall, it is a robust and lightweight DNS server solution.

Brief History

The story of Knot DNS began in the early 2010s when a group of visionary developers aimed to create a robust and efficient open-source DNS server.

Knot DNS, initiated by the Czech CZ.NIC association quickly gained popularity within the global DNS community. Over the years, it has become a trusted choice for organizations and network administrators worldwide. Its development has been characterized by a commitment to constant improvement, resulting in a server that boasts exceptional efficiency and scalability, making it ideal for both small networks and large-scale infrastructures. Additionally, it is a flexible and versatile solution that makes it suitable for diverse applications, from authoritative name servers to recursive resolvers.

Today, Knot DNS is not just a part of history but a vital component of the Internet’s present and future, providing websites and networks with fast and secure domain resolution.

Key Features of Knot DNS

Knot DNS offers several advantages and key features that make it a compelling choice for DNS server deployments:

• Speed and Performance: The DNS server software can provide top-notch performance. It offers a highly optimized codebase, making it one of the fastest DNS servers available. Users get fast domain resolution and an overall improved online experience.
• Security First: Security is a top priority in today’s world. Knot DNS is prepared with advanced security features, including DNSSEC support, ensuring that your DNS infrastructure remains safe against threats and vulnerabilities.
• Modular Design: It allows you to customize it to fit your specific needs. Thanks to the modular architecture, adding additional features and functionalities is easy. It adapts seamlessly to your evolving requirements.
• Scalability: Whether you’re managing a small network or an enterprise infrastructure, this DNS server solution scales effortlessly. It can handle the demands of high-traffic websites and complex DNS configurations without breaking a sweat.
• Open Source: The DNS server software is open-source, which means it’s constantly improved and supported by a vibrant community of developers. Plus, it’s cost-effective, helping you save on licensing fees.
• DNS over TLS (DoT) and DNS over HTTPS (DoH) Support: It supports encrypted DNS communication, enhancing privacy and security for users. DoT and DoH are protocols that encrypt DNS queries and responses, preventing DNS manipulation.
• Zone Editing and Management: A set of tools for easy zone configuration and management is available. It is a user-friendly choice for administrators responsible for maintaining DNS records.
• Zone transfers: It supports secure and efficient zone transfers, which are crucial for duplicating DNS data between authoritative servers. This feature is especially valuable for organizations that manage their DNS infrastructure and need to ensure data consistency across multiple servers.

How Does It Work?

Understanding how Knot DNS operates requires a basic knowledge of DNS (Domain Name System) and the concepts behind it. At its core, DNS is a decentralized database that holds all available domain names and their corresponding IP addresses (IPv4 and IPv6). Knot DNS can serve in two primary roles:

• Authoritative DNS Server

The Authoritative DNS server is responsible for storing DNS information about a specific domain name and for providing authoritative answers to DNS queries. When a client, such as a web browser, requests the IP address associated with a domain name, it contacts the Authoritative DNS server responsible for that domain.

Knot DNS allows network administrators to configure authoritative zones efficiently. It supports various DNS standards, including DNSSEC (DNS Security Extensions), which adds a layer of security to the DNS infrastructure by ensuring the integrity and authenticity of DNS data.

• Recursive DNS Server

A Recursive DNS server (DNS Resolver) stores recently resolved DNS queries in its memory to speed up following requests. When a client queries a domain name, the Recursive DNS server first checks its DNS cache. If it finds the information there, it can provide the answer immediately without having to perform a full DNS query.

Knot DNS is great as a Recursive DNS server due to its optimized design and performance. It helps reduce DNS query response times, improving the overall user experience when accessing websites and online services.

Getting Started with Knot DNS

Getting started with the Knot DNS server is a very easy process. First, you should visit the official Knot Project website. You’ll find complete documentation, installation guides, and resources for your specific needs.

Whether you plan to use it as an Authoritative DNS server, a Recursive DNS server, or both, the website offers step-by-step instructions to help you get up and running. 

You’ll also find information on configuring and customizing Knot DNS to suit your network requirements. With its user-friendly resources and active community support, starting your journey with this DNS server software is both easy and enjoyable.

Best Practices for Knot DNS

In order to get the most out of Knot DNS, consider these best practices:

• Optimizing Performance: Effectively configure caching by adjusting cache size and TTL (Time to Live) values to improve response times. Load balancing across multiple Knot DNS servers can distribute traffic efficiently and reduce latency.
• Boost Security: Implement mechanisms like DNSSEC to protect against data tampering and DNS spoofing. Secure your server by limiting access to trusted IPs, using secure zone transfers, and enabling DNS over TLS (DoT) or DNS over HTTPS (DoH) for encrypted queries.
• Efficient Zone Management: Organize zone files clearly and automate updates. Additionally, using version control for your DNS configurations will help easy tracking of changes and revert if needed.
• Monitoring and Maintenance: Regularly monitor server performance and query logs to identify and address issues proactively. Advanced tools can help automate this process, ensuring your DNS server remains robust and responsive.
• Troubleshooting Common Issues: If you encounter slow query responses or DNSSEC errors, check your configurations for misalignments or expired keys. Regularly test your setup to ensure everything is functioning correctly.

Conclusion

In conclusion, Knot DNS stands as a powerful and reliable open-source DNS server solution. Developed by the CZ.NIC association, it offers exceptional speed, top-tier security with DNSSEC support, and a modular design that adapts to your specific needs. Its scalability makes it suitable for networks of all sizes, and being open-source ensures constant improvement and cost-effectiveness. With user-friendly zone management tools, Knot DNS is ideal for a secure and efficient DNS infrastructure.

The post Knot DNS Server Explained: Understanding the Basics appeared first on ClouDNS Blog.

What is BIND?

BIND, which stands for Berkeley Internet Name Domain, is one of the most widely used DNS software applications in the world. It is an open-source, robust, and flexible DNS server that translates human-readable domain names into IP addresses, making it possible for users to access websites and other resources on the internet. BIND plays a critical role in maintaining the functionality and accessibility of the internet as we know it today.

History of BIND

The history of BIND dates back to the early 1980s when it was developed at the University of California, Berkeley, by four graduate students. 

BIND’s first version, known as BIND 4, was released in 1988. It provided basic DNS functionality and quickly gained popularity within the internet community. However, BIND 4 had several limitations, and security issues occurred as the internet grew and became more complex.

To overcome these challenges, BIND 8 was introduced in 1997, bringing significant improvements in terms of security, performance, and scalability. The development of BIND continued, leading to the release of BIND 9 in 2000, which is the currently supported version. BIND 9 is a major upgrade from its predecessors and offers enhanced features, security, and support for modern DNS standards.

How to use it?

Setting up and using BIND requires some technical knowledge and expertise. Here’s a general overview of the steps involved in deploying BIND as a DNS server:

1. Installation: Start by installing BIND on your preferred operating system. BIND is available for most Unix-like systems.
2. Configuration: Once installed, configure BIND by editing its configuration file (typically named named.conf). In this file, you define options, set up DNS zones, and configure access controls.
3. Zone Files: For each domain you want to manage, you need to create zone files. These files contain DNS records, such as A records (for mapping domain names to IP addresses), MX records (for email servers), and more.
4. Forwarding and Caching: BIND can act as a forwarding and caching DNS server. By configuring forwarders, you can have BIND forward DNS queries to other DNS servers, helping to reduce the load on your server and improve response times.
5. Starting the Service: After configuration, start the BIND service, and it will begin handling DNS requests for the specified zones.

Make sure to keep BIND updated with the latest security patches and follow best practices to ensure the security and reliability of your DNS infrastructure.

Features & Capabilities of BIND

BIND’s popularity can be attributed to its impressive range of features and capabilities. Some of the key features include:

• Authoritative DNS: It can function as an authoritative DNS server, serving as the primary source for domain zone data. When configured as an authoritative server, BIND provides DNS records that define how domain names relate to IP addresses and other resources.
• Forwarding and Caching: It can act as a caching resolver, reducing the load on upstream DNS servers by caching frequently accessed DNS records.
• Basic DNS Load Balancing: BIND supports basic DNS load balancing using multiple IP addresses for a single domain name. It can distribute the load across multiple servers by returning different IP addresses (IPv4 or IPv6) in response to DNS queries, ensuring better performance and redundancy.
• DNS Notify: It uses DNS Notify, a mechanism that allows Authoritative servers to inform Secondary DNS servers when changes to a zone occur. This notification process helps to ensure that all Authoritative servers for a domain are up-to-date with the latest DNS information.
• Incremental Zone Transfer (IXFR): When a Secondary DNS server needs to update its zone data from the primary DNS server, a full zone transfer can be resource-intensive and unnecessary. With IXFR, it is possible to perform partial zone transfers, transmitting only the changes since the last update.
• DNSSEC Support: BIND was one of the first DNS servers to support DNSSEC, a suite of extensions that add an additional layer of security to the DNS. DNSSEC helps prevent various DNS-based attacks, such as DNS cache poisoning.
• Dynamic Updates: It supports dynamic updates to DNS records, enabling hosts to modify their DNS entries. This feature is particularly useful in environments where IP addresses frequently change, such as DHCP networks.
• IPv6 Ready: BIND has robust support for IPv6, the next-generation internet protocol. Therefore, it can handle DNS resolution for domains and devices that use IPv6 addresses.
• Split DNS: With BIND, administrators can set up split DNS configurations, where different DNS responses are given based on whether the query comes from within the local network or from the public internet.
• TSIG (Transaction Signature) Support: It supports TSIG for secure communication and authentication between DNS servers, ensuring the integrity and authenticity of DNS data exchanges.
• Views: It allows administrators to define different “views” of DNS data based on factors like client IP address or network segment. This enables organizations to have separate DNS configurations for internal and external users.

BIND Advantages

Here are some of the main benefits of implementing this tool:

• Open-Source: Being open-source software makes it freely available to anyone and a cost-effective choice for organizations of all sizes.
• Reliability: BIND has a proven track record of stability and reliability. Its long history in the field has allowed it to mature and become a trusted DNS solution.
• Community Support: With a massive user base and an active community, BIND benefits from regular updates, security patches, and continuous development.
• Security: BIND’s support for DNSSEC and regular security updates ensure that your DNS infrastructure remains secure and less exposed to attacks.
• Scalability: BIND DNS can handle a large number of DNS queries efficiently, making it suitable for organizations with high-traffic websites or complex DNS needs.
• Customization: Its flexibility allows administrators to adjust the DNS settings to their specific requirements and needs.

BIND Disadvantages

Some drawbacks that you should consider include the following:

• Complexity: The configuration of BIND DNS and setup can be challenging for users without technical knowledge. Administrators need to have a good understanding of DNS and networking concepts.
• Maintenance: It requires regular maintenance and updates to guarantee it remains secure and up-to-date with the latest DNS standards.
• Resource Intensive: High performance comes at the cost of resource consumption. Running BIND on low-end hardware might lead to performance issues.
• Security Risks: Like any software, BIND is not immune to security vulnerabilities. Administrators need to stay watchful and promptly apply security patches to mitigate risks.

Alternatives

While BIND is a popular choice, alternative DNS servers are available, each with its own features and strengths. Some notable alternatives include:

• PowerDNS: This DNS server offers high performance and it offers numerous opportunities. It provides a range of backends, including SQL databases, allowing flexible DNS data storage.
• NSD (Name Server Daemon): NSD focuses on high performance and simplicity. It is designed to be secure and easy to configure.
• Windows DNS Server: For organizations with a Windows-based infrastructure, the built-in Windows DNS Server can serve as a suitable alternative to BIND.
• Knot DNS: Knot DNS is known for its modern architecture, high performance, and support for DNSSEC.

The choice of DNS server depends on specific requirements, infrastructure, and level of expertise of the administrators.

Who Uses BIND and Why?

BIND (Berkeley Internet Name Domain) is the most commonly used DNS server software on the Internet. Its versatility and robustness make it the preferred choice for a wide range of users, particularly those who manage DNS servers on a day-to-day basis.

The primary users of BIND are network administrators and system administrators. These professionals are responsible for maintaining the infrastructure that ensures smooth and reliable Internet connectivity within organizations. Here’s why they prefer BIND:

• Comfort with Linux/UNIX: BIND is deeply rooted in the UNIX systems, and its management often requires familiarity with Linux/UNIX environments. Administrators who are comfortable operating within these systems find BIND to be a natural fit.
• Open-Source Flexibility: Unlike other DNS solutions, BIND is open-source. This allows administrators to customize and optimize their DNS infrastructure to meet specific needs. The ability to modify and extend the software provides a significant advantage in addressing unique requirements.
• Standards Compliance: BIND closely follows IETF standards (RFCs). This compliance ensures that BIND operates consistently with global Internet standards, ensuring stability in network operations.

Conclusion

In conclusion, BIND remains a powerful and widely adopted DNS management tool, vital for the functionality and accessibility of the internet. As an open-source, reliable, and flexible DNS server, it efficiently translates domain names to IP addresses, enabling smooth web access. With features like DNSSEC support, dynamic updates, and IPv6 compatibility, it offers enhanced security and adaptability. While it may require technical expertise and regular maintenance, its cost-effectiveness, stability, and scalability benefits make it a preferred choice for organizations of all sizes. As technology advances, this tool continues to play a significant role in shaping the future of internet infrastructure.

The post BIND Explained: A Powerful Tool for DNS Management appeared first on ClouDNS Blog.

But, it is not so often when one of these small command-line utilities has combined the functionality of two in a single program. MTR command is such a case. It is a combination of ping and traceroute. 

What is the MTR command?

MTR (Matt’s traceroute) is a program with a command-line interface that serves for network diagnostic and troubleshooting. The original code was created by Matt Kimball in 1997. One year later, Roger Wolff continued its work and renamed it to My traceroute.

The advantage of this software is that it combines the functionality of the Ping command and the Traceroute. Just like a typical traceroute query, a query from the MTR command will show the route from a computer to a specified host.  

This has the edge over the traditional is that it will also provide a lot of statistics about each hop, like response time and percentage.  

So, using the MTR command, you will get more information about the route and see problematic devices on the way. If you see a sudden increase in time of response or packet loss, you have found a bad link. 

In a brief, the MTR command serves you for the following:

• Check the connectivity from the computer with the command to a destination. 
• See packet loss. It will indicate the quality of the connectivity between the points. 
• Time for a round-trip. You can see the exact time it takes for the packets to reach the destination and provide a report.

The MTR command is available on Unix-based OSes like Linux (Ubuntu, CentOS, Fedora, etc.), macOS, and FreeBSD. There is a version of MTR for Windows, but with limited functionality. There is also WinMTR for Windows, but its code is different.  

Benefits of using it

The Linux MTR command offers a range of benefits in managing and troubleshooting networks: 

First, it helps determine precisely where network issues are located. By running the command, the user can identify the host or router on a given path that is causing the problem, making it much easier to locate the source of the issue and resolve it quickly with minimal disruption. 

Second, it is incredibly versatile and can be used for various tasks. Not only can it be used for troubleshooting purposes, but it can also be used for high-level performance monitoring and optimization. This is especially useful for administrators who need to keep an eye on the overall health of their networks.

Third, it is very easy to set up and use. The command is relatively straightforward, and the user can quickly start gathering valuable information without investing too much time and effort in setting it up or configuring it. In addition, once it is set up, it requires minimal maintenance and is well-suited for automated processes and long-term monitoring applications.

Performing MTR on Linux, macOS and Windows

How to use the MTR command on Linux or FreeBSD?

*You will need administrative privileges for MTR on Linux and FreeBSD (sudo)

• First, you will need to open the Terminal application.
• To get the MTR command on Linux (Ubuntu or Debian), you will need to install it with this command “sudo apt-get install mtr”, “sudo yum install mtr” for CentOS, Fedora or “sudo pkg iWnstall package_name” on FreeBSD. 
• Use the following command “mtr -rw [destination_host]” for basic information or check the syntax and the examples below, to do more advanced tasks. Change the destination_host with the one you like. Use it for 10-15 minutes.

How to use the MTR command on macOS?

*You will need administrative privileges for MTR on macOS (sudo). The command won’t be pre-installed, so you will need to install it first.

• You will need Brew to install it. Go to Brew’s site and there choose a language. 
• Under it, you will see a text command, copy it. 
• On your Mac computer, go to Applications, then Utilities, and there open the Terminal application. 
• Inside the Terminal, paste the text and press Enter. 
• You will be prompted a message to put your password. Do it and press Enter. 
• After Brew is already installed, you will need to write a new command: “brew install mtr” and press Enter. 
• When the MTR gets installed, you can start it with “sudo mtr” and Enter. Use this code “mtr -rw [destination_host]” to perform a basic check. Change the destination_host with the one you like. Run it for 10-15 minutes.
• Now you can start using the MTR command on macOS. See the syntax below and the examples to learn how to do more complex tasks. 

How to use the MTR command on Windows? 

• First, you need to download WinMTR from GitHub.
• Get the file called WinMTR-v100-static.zip, unzip it, and there will be two versions: WinMTR.exe (32bit) and WinMTR64.exe. 
• Choose depending on your version of Windows and double click it.   
• Put the host you want to check in the Host box. If you need extra options, you can see them in “Options”
• Press start and run it for a while (10-15 minutes). 
• Stop it when you think you got enough information. You can copy the text and save it in a text file. 

MTR command syntax and list of options

This is the syntax of MTR command on Linux: 

mtr [-hvrctglspni46] [–help] [–version] [–report] [–report-cycles COUNT] [–curses] [–split] [–raw] [–no-dns] [–gtk] [–address IP.ADD.RE.SS [–interval SECONDS] [–psize BYTES | -s BYTES] HOSTNAME [PACKETSIZE]

You can see all the available options for MTR command on Linux:

MTR command examples 

We will show you multiple examples of the MTR command and how to use it on Linux. You can use the same examples when you are using macOS or FreeBSD (there might be small differences). We will use Google.com as a hostname and some public IP addresses. You can change them and use them for your purposes.

The basic mtr command 

$ mtr google.com

It will show you the basic statistics: each hop (hostnames) with time and loss%. 

Show numeric IP addresses

$ mtr -g google.com

If you use “-g” you will get IP addresses (numbers) instead of hostnames. You can use the IP addresses with another tool for further diagnosis.

Show the numeric IP addresses and hostnames too

$ mtr -b google.com

Now you will see both hostnames and IP addresses. The addresses will be inside brackets. 

Set the number of pings that you want to send 

$ mtr -c 10 google.com

In this case, you are setting the number of pings that you want to send (10 in this case). You can set it to a big number like 1000 to check a hostname for a longer period and get a better idea of the connectivity. 

Get a report of the MTR command result

$ mtr -r -c 10 google.com >mtr-command-google

or

$ mtr -rw -c 10 google.com >mtr-command-google

We do that with the “-r”. Here we have set the number of pings to 10, and the last part, “mtr-command-google”, is the name that you can change the way you like. 

When you use the “-rw” you can get a cleaner report, easier on the eyes.

Rearrange the report 

$ mtr -o “LSDR NBAW JMXI” google.com

The “-o” is for output. You can change the report format with this code, so you get the information the way you like. 

Time intervals between ICMP ECHO requests

$ mtr -i 10 google.com

With “-c”, we set the number of pings. With the “-i” you set the time interval between the ICMP ECHO pings. 

Use TCP 

$ mtr –tcp google.com

Force the use of the TCP instead of the ICMP. 

Use UDP

$ mtr –udp google.com

Force the use of the UDP instead of the ICMP. 

Set the maximum amount of hops 

$ mtr -m 35 216.58.223.78

We will use “-m” and a value of 35 to a specific IP address. You can change it to a more significant value if the query does more hops on the way. 

Define the packet size

$ mtr -r -s 50 google.com

You can decide the specific packet size for the pings. In this example of a MTR command, we are using 50 bytes. 

Print to CSV Output

$ mtr –csv google.com

Use it if the CSV format works better for you than the traditional report. 

Print to XML Output

$ mtr –xml google.com

Use it if the XML format works better for you than the regular report. 

More information and help

$ man mtr

or

$ mtr –help

Those two commands can give you more information about the MTR command and how to use it

MTR and Traceroute, Ping, Nslookup, Host, and Dig

MTR is a powerful yet versatile network monitoring and troubleshooting command, and in combination with Traceroute, Ping, Nslookup, Host, and Dig, you can have a complete overview of your network. Let’s look at them in more detail:

The traceroute command is a valuable utility for measuring the latency between two points on a network. By running a traceroute, the user can view all of the hops between two systems and quickly identify network problems such as packet loss or slow speeds.

For more basic load measuring, the ping command is often used. It measures latency, packet loss, and other metrics between two devices on the network. Ping is a simple tool that is easy to understand and use, making it a popular choice for those just starting with network monitoring.

The nslookup command (abbreviated from “name server look-up”) allows users to query domain name servers from a command line interface. This command can be used to query a DNS server for a specific domain name or IP address, obtaining information about the associated record and the underlying DNS records. nslookup is a helpful tool for troubleshooting name resolution problems and verifying the results of another name resolution query.

The host command is an alternative to nslookup, providing advanced features such as recursion and low-level control over the query process. It allows users to perform DNS lookup operations in bulk, as well as query a DNS server for multiple records in a single command. It provides more control over the entire name resolution process than nslookup and is a valuable troubleshooting tool for more complicated name resolution issues. 

The dig command (short for “domain information groper”) is a robust DNS troubleshooting tool that provides a variety of features and settings for configuring and optimizing DNS queries. Unlike nslookup and host, dig allows users to send numeric requests, giving them more control over the behavior of their DNS queries. It also provides detailed information about the results of its queries, making it a great choice for more experienced users who are looking for in-depth analysis of the DNS records.

Security Concerns with MTR

The Linux MTR command offers a range of benefits for managing and troubleshooting networks, but it is important to consider the security implications of using it. Here are some of the most common security concerns with MTR: 

First, MTR commands can potentially reveal private information. For example, the command may reveal the operating system running on a remote machine or the precise network path between two computers. This can facilitate attacks and data breaches, as malicious actors can use this information to launch more targeted attacks.

Second, MTR commands can also be used to initiate Denial of Service (DoS) or DDoS (Distributed Denial of Service) attacks. For example, a malicious user could send multiple MTR requests to a given server to overwhelm it with requests and cause a DoS event.

Finally, MTR commands can be deployed in networks to gain unauthorized access. By running MTR commands, a malicious user may be able to discover vulnerabilities in networking configurations and gain access to sensitive data. Any unauthorized access to networked systems needs to be blocked and reported as soon as possible.

Best practices when using the MTR command

In order to ensure that the MTR command works to its fullest potential, it is recommended that you follow some best practices that can help maximize its effectiveness. These practices can help ensure that the MTR command serves you efficiently and accurately and provides you with the information you need to troubleshoot network issues effectively.

• Selecting Destination Hosts: Choose destination hosts strategically to diagnose specific network segments or endpoints relevant to the precise issue.
• Results Interpretation: Understand the significance of packet loss and latency values, considering factors like network topology, distance, and time of day.
• Comparative Analysis: Compare MTR outputs from different time periods or under different network conditions to identify patterns and trends.
• Collaboration: Share MTR reports with network peers or ISPs when seeking assistance or troubleshooting network issues collaboratively.
• Security: Be aware of the importance of privacy and security when sharing network traces, especially if they contain sensitive information. Remove or anonymize any sensitive data before sharing the results.

Conclusion

The MTR command is a good combination of two popular tools: Ping and Traceroute. It is easy to use and can be found on different OSes. Using the MTR command efficiently and effectively measures network latency, identifies potential issues, and troubleshoots connections.

The post Linux MTR command appeared first on ClouDNS Blog.

What is the Host command?

The Host command is a software with a command-line interface that serves to test DNS. Internet Systems Consortium created it, and it is distributed as a permissive free software with an ISC license. 

As we mentioned already, the Host command is a utility tool for network diagnostic that you can use to probe different DNS records. You can see the A or AAAA records to get the IP address of a domain, see the name servers, find the start of authority, MX records, and more.

The purpose of the Linux Host command

The purpose of the Linux Host command is to query Domain Name System (DNS) servers to resolve domain names to IP addresses or vice versa. It is a command-line tool that can be used to retrieve DNS information about a hostname or domain, such as its IP address, aliases, or mail exchange (MX) records.

The Host command is a beneficial tool for developers and IT professionals who need to troubleshoot network issues or debug applications that rely on DNS. By using the Host command, they can quickly determine if a hostname is resolving to the correct IP address or if there are any issues with the DNS resolution process.

Additionally, the Host command can be used to perform advanced DNS queries, such as retrieving different types of DNS records and setting a specific timeout value. This makes it a versatile tool that can be used in various scenarios, from simple DNS lookups to more complex network debugging tasks.

Host command syntax

If you want to see the syntax of the Host command and the options that it has, you can simply write “host” and press “Enter.”

host [-aCdlnrsTwv] [-c class] [-N ndots] [-R number] [-t type] [-W time] [-m flag] [-4] [-6] hostname [server]

Host command Options

Here you can see all the available options. Whenever you forgot them, just write “host” in the Terminal.

Host command examples

For all the cases we will use Google.com. You can change Google.com with your domain or whichever else domain that you are interested in. We will give you several examples that can be useful for your work.

Search for the IP address of the domain.

host google.com

This command will show the content of the A and AAAA records. You will get IPv4 and IPv6 results for the domain.

SOA Record

See the Start of Authority records with this command. The SOA record is used for zone transfer. There could be only one SOA record per zone file. If you see more, then you need to fix the problem.

host –C google.com

Check the name servers of the domain

host –t ns google.com

It will display the name servers of the host. The –t, we use to specify the type of query. When you know all of the available name servers, you can test them individually. 

Check a particular name server

You want, for example, to review the ns1. To see if it is responsive or is there any problem, so you type:

host google.com ns1.google.com

 CNAME record

host –t cname mail.google.com

You can use it to find CNAME record. Those records will link one alias to the true name, the canonical. 

MX record

Check the incoming mail server with this query. You can see if they are responding correctly. 

host –n –t mx google.com

TXT Record

You can also check TXT records. There are various TXT DNS records that serve for authentication or verification. One of them is the SPF record that shows who can send emails from the particular domain. 

host –t txt google.com

Decide the Waiting time for a query

You can use –w to wait forever or –W and time in seconds to decide how long to wait for a reply.

host –T –W 10 google.com

Reverse lookup

You can also check the IP and see the host. It is a must to set the Reverse Lookup Zone for your mail server to work properly. 

host 216.58.194.142

Host command to see all of the DNS records for a domain

host –a google.com

You will get information about various types of records – NS, AAAA, MX, etc. With that report, later, you can probe each DNS individually. 

Change the default number of tries from 1 to the number you desire

host -R 8 google.com

In this example of host command, we changed from 1 to 8, the number of tries. The domain will have 8 chances to respond. When it manages to answer, it will stop the retries.   

-R : In order to specify the number of retries you can do in case one try fails. If anyone try succeeds then the command stops.

Troubleshooting Tips

When using the Linux Host command for DNS queries, you may encounter various issues. Here are some troubleshooting tips to help you resolve common problems:

• Domain does not resolve: If a domain doesn’t resolve, first ensure that the domain name is correctly spelled. Next, check your network connection and confirm that your DNS servers are set up correctly. Use other DNS tools like dig or nslookup for comparison. If the issue persists, it might be due to DNS propagation delays, which can take up to 48 hours after a DNS change.
• Interpreting error messages: Error messages can provide insights into what’s wrong. For example, “Host not found” suggests the domain name does not exist or DNS propagation has not completed. “Connection timed out” indicates a problem reaching the DNS server, possibly due to network issues or incorrect DNS server settings.
• DNS propagation delays: After DNS changes, it can take time for the updates to propagate through the internet’s DNS system. Use tools like whois or online DNS checkers to see if your changes have propagated. Patience is key here, as this process is beyond your direct control.

Alternatives to the Host command

There are several alternative DNS probing tools that you can use in place of the Host command, and some of the most popular ones include:

• Nslookup command: This tool is available on Linux, macOS, and Windows, and is straightforward to use. It’s a reliable, always-on-hand option for DNS lookups.
• Dig command: Some users prefer this tool over Host as it has additional options and can retrieve all types of DNS records.
• Ping command: While not as comprehensive as other tools, this network utility is useful for checking host availability by sending packets to a host or IP address to see how it responds.

Exploring and learning to use various DNS probing tools is great. Having multiple options on hand can be beneficial, especially if you manage multiple sites or need to troubleshoot different types of network issues.

Conclusion:

This was the Host command. Now you have one more way to troubleshoot your DNS. If you are interested in diagnostic tools, we recommend you the following articles too: Dig command, Nslookup, Traceroute, MTR and Ping. They will expand your knowledge in DNS diagnostic.

The post Linux Host command, troubleshot your DNS appeared first on ClouDNS Blog.

How does Dig Command work?

Dig Command works the same way as a typical DNS query. Let’s take an A record request. If you want to see the A record, you want to know the IP address of a particular domain. The request will first check if your router has the information of many sites’ addresses in its cache. If it doesn’t have it, the request must be answered from another recursive server. The common solution is that your query will be responded from the recursive servers of your internet provider. It is possible that it doesn’t know it either. No problem, your query will go on a search for the root server. The request will go to the top-level domain like .COM or .EU, and in the end you will get the IP address from the authoritative server for the domain you were checking. 

Dig Command Syntax

Understanding the syntax of the dig command is crucial for effectively utilizing it for DNS troubleshooting and queries. The basic syntax of the dig command is as follows:

dig [@server] [name] [query type] [options]

• [@server]: Specifies the DNS server to query. If omitted, dig uses the default server specified in your system’s resolver configuration (usually defined in /etc/resolv.conf).
• [name]: This is the domain name or IP address you want to query. For example, cloudns.net.
• [query type]: This specifies the type of DNS record you are interested in. Common types include A, MX, SOA, TXT, PTR etc. If this is left out, dig defaults to querying the A record.
• [options]: Dig offers a wide range of options to modify its behavior and output. For example, +short displays only the answer section of the query. Other options include +trace for tracing the path of the query across DNS servers, +noall +answer to show only the answer section, and many more.

How to install the dig command on Linux?

First, let’s check if you already have the dig command installed. You can do that by opening the terminal and writing dig -v. If you have it, your computer will show a message similar to this one:

DiG 9.11.3-1ubuntu1.7-Ubuntu.

Many new Linux distros have it pre-installed. In case you don’t have it, you will get the following message:

dig command not found

For Linux Mint, Ubuntu and other Ubuntu-based Linux distributions you can use the following command:

sudo apt install dnsutils

If you are using Fedora or CentOS you should use:

sudo yum install bind-utils

And for Arch Linux users:

sudo pacman -S bind-tools

Understanding the dig command

Let’s start with a simple example to understand it. We will use google.com for the testing. You can try it directly with your domain, by simply replacing google.com with your domain.

dig google.com

The first line will inform you about the version of the dig command and the second about the global option.

After that, you will get technical information provided by the DNS nameserver. The header shows you what did you do and was it successful. If there is “NOERROR” that there was no problem.
You will see the answer for the EDNS.
Following line shows that by default you are requesting the A record.
You will get the answer for the A record – the correspondent IP address and you will get statistic about the query.

10 Most used Dig commands

More dig command examples:

dig google.com +short

This will show you just the IP address without any additional information. Quick and easy to use the answer that is basically the answer of an A record. 

dig google.com MX

You can query different types of records like the mail exchanger ones. MX records show the responsible mail server for accepting emails. You can see if all of the servers are working the right way and if they are responding too slowly.

dig google.com SOA

SOA – the start of authority, shows the authoritative DNS server. In this record, you see valuable information about the zone. There is only one SOA per zone. 

dig google.com TTL

TTL – time to live. It shows how long the data should be kept. You can read more about TTL HERE. People usually leave longer TTL, and that way, they lower the DNS servers’ load. When you are creating records, you can set it to a low value, if you like. Also, it is possible to set different TTL for different DNS records.  

dig google.com +nocomments +noquestion +noauthority +noadditional +nostats

Only answer query. Use it if you don’t want to receive extra information. A clear and short answer that will evade the extra statistics that you might want to skip. 

dig google.com ANY +noall +answer

Query all types of DNS records. It will show all the different types of DNS records. This will give you an overview of the domain. Later you can use the dig command for the exact DNS records that you want. 

dig -x 172.217.1.142

Reverse DNS lookup. You can also do the opposite and check the IP address. The rDNS is used for verification. The result will be a PTR record that verifies the nameserver. It is needed that a PTR record exists. Otherwise, this revers checking can’t give an answer.

dig @8.8.8.8 +trace google.com

Trace DNS Path. It will show the whole route that a DNS query takes. Every hop from a server to server. It can show you where exactly server is not working. You might be surprised how far does your query travels. Check it from different locations, and you might see where in the world you need a new point of presence to reduce the latency for the users there.

11 dig -p 5300 google.com

Specify Port Number. If you have changed the standard port 53 to another for increased security, you can make a dig command to check if it is working correctly. And of course, you can check if you have closed the standard ports, and you don’t have any “open doors” for attackers. 

dig _sip._udp.YOURDOMAIN.com SRV

Another record that you can check with this command is the SRV. The SRV records are often used in VoIP. In this example, we are checking the SIP service, and we will use the UDP protocol. The answer will show you the time for response and the server’s IP responsible for the SIP service. 

dig google.com TXT

To see all of the TXT records, use this command. TXT records can be used for verifications and can have different variations. For example, it can be a DMARC record. To see a particular one, you can use the following command and change the “dmarc” with the one you need. 

dig _dmarc.google.com TXT

Now you know the basics of the dig command on Linux. You can start experimenting by yourself.

We can recommend you a few more tools that can be useful for your DNS diagnostic Nslookup, Traceroute, MTR, Host, and Ping.

Conclusion

The dig command is an indispensable tool for DNS troubleshooting and analysis. Its flexibility and powerful options make it a preferred choice for network administrators and IT professionals. By understanding how to install and use the dig command, as well as mastering its syntax, you can efficiently diagnose and solve DNS-related issues. Whether you’re checking DNS records, performing reverse DNS lookups, or tracing the path of DNS queries, dig provides you with the insights needed to ensure your domain’s DNS is functioning correctly. Remember, practice is key to becoming proficient with the dig command, so don’t hesitate to experiment with different queries and options. With this knowledge, you’re well-equipped to tackle any DNS challenges that come your way.

The post Linux dig command, how to install it and use it appeared first on ClouDNS Blog.

Ping is a very universal command between all the operating systems. You can use it to test if you can reach your target and how much time it will take to do it. Ping sends Internet Control Message Protocol (ICMP) packets to the destination. Then it waits for the echo reply. It can show statistic for this request, errors and packet loss.

When you use this command, you will send few echo requests, usually 4. Then you will receive a result for each of them, that indicates if they were successful, how much data was received, the time it took for the response and TTL (Time to live).

Brief History

The Ping command is a foundational tool in computer networking, tracing its origins back to the earliest days of the Internet. Developed by Mike Muuss in 1983, Ping emerged as a simple yet powerful utility for testing the reachability of a host on an Internet Protocol (IP) network.

Muuss, a respected computer scientist, created the tool while working at the Ballistic Research Laboratory. The name “Ping” itself reflects the sonar concept from submarines, where a pulse is sent to measure the distance to an object. Similarly, the Ping command dispatches small packets of data to a target device, awaiting their return to measure the round-trip time. 

Initially implemented for Unix-based systems, Ping swiftly gained widespread adoption due to its effectiveness in troubleshooting network connectivity issues. Over time, it has evolved alongside networking technologies, remaining a staple tool for network administrators, system engineers, and enthusiasts alike. Its versatility extends beyond connectivity testing, serving as a vital diagnostic tool for assessing network performance and identifying potential bottlenecks.

How does it work?

Imagine the Ping command as an echo locater. When you use it on your computer, it sends a specific small packet with the ICMP ECHO_REQUEST to its destination (it could be a server, another computer on the network or a router). The recipient must bounce back the message, and send ECHO_REPLY as an answer. 

Your computer will always have 127.0.0.1 IP address. If you try to ping it, you will always get fast result. The command will verify that the TCP/IP on your device is working fine. 

You can use ping localhost and get the same result since it is the same.

What is Localhost (IP 127.0.0.1)?

If you get 4x Request timed out, then it is not working ok.  

How to use Ping command?

You have the ping utility on whatever operating system you have. 

On Windows, open the Command Prompt and on macOS and different Linux distros, open the Terminal. 

There are small differences in the syntax of the ping command on the OSes. You can see them down below. 

You can ping: 

• A domain name and see how much time it will take to respond.
• An IP address. It will also show response time, but it will the important part is that it will show that the device is well-connected. 

We will try to use it with www.google.com. Write the following: 

ping www.google.com

The first part that you will see, who are you pinging, its IP address, and the packet’s size – 32 bytes. 

After that, you will get 4 results. Ping sends 4 echo messages unless you specify a different number. Those 4 answers will have response times in ms – milliseconds and TTL value showing the time to live of the packet. 

You will also get a few stats – completion rate that shows how many packets managed to arrive and a minimum, maximum, and average time. 

Ping switches and variables 

There are a lot of small differences when you use ping on Windows and Linux or macOS. For example, the option in Windows is “–n” and in Linux and macOS is “–c”. The best thing you can do is to check the syntax first. You can see all the available variables, switches, and options with a short command. 

Ping command syntax for Windows 

To get to the list of all possible options for the ping command on Windows, you can write in the Command Prompt:

ping -?

It will give you a result with a full list of options that can make your troubleshooting easier.

Ping command syntax for Linux and macOS 

To get to the ping syntax on Linux or a computer with macOS, you need to type this in the Terminal: 

ping –h

Troubleshooting

• Ping an IP address to see if the device is well connected. If it fails, then the device is not connected at this moment or not reachable over the network we are checking.
• Another scenario is that it is successful but the response times are very long. It means that you or the other side might have problems with the connection.
• You can test different parts of the network to check which are working fine and which are not.
• If you want to check if you are connected to the Internet, you can check one of Google’s IPs, “ping 172.217.6.164”. Why Google you ask? It is just effortless to remember. And do you remember Google been offline? Not really.
• You can use it as a constant checker. Put it with an option to “run until stopped,” and as long as everything is okay, it will continue, but if something fails you will see it immediately.
• If you can’t reach the name, but you can reach the IP address, this shows a problem with the hostname resolution. Probably the DNS servers are not pointed correctly, or they are not accessible.

Monitoring

Ping command appears to be a great tool for monitoring the network availability of different devices. If the command runs as a scheduled task, it can offer simple polling of any network computer or machine. The great thing about it is that it is not necessary to install any additional software or open additional ports.

ICMP Ping monitoring is easy to accomplish due to the ‘run until stopped’ option, which allows the most basic of any up/down monitor. So, whenever the pings start failing, that means there are some difficulties reaching the system.

The ping time, measured in milliseconds (ms), is preferred to be as lower as possible. That is going to indicate the good quality of the ping. In addition, it can deliver signals about the health of your network and its performance speed. Ping monitoring sends an Internet Control Message Protocol (ICMP) echo request. That means when the monitored device receives the request, it replies immediately with the echo reply packets.

Monitoring service by ClouDNS

Security

Sometimes, a cybercriminal is enough to know that a precise system exists and is connected to the global network to initiate a malicious attack. Thankfully, performing a detailed analysis of the Ping command replies could be extremely helpful. You could perhaps find valuable details, like which operating system (OS) the target is running, where the device is located, and so on.

There are different hacking tools that allow taking advantage of “walking the range.” They use the Ping command for each IP address on a targeted network in order to obtain a list of systems that are reachable and will reply. For that reason, a lot of firewalls are configured in a way that stops Ping requests coming from untrusted networks.

More examples of Ping command (Windows, Linux and macOS)

Here we have a few more use cases of ping command for Windows, Linux and macOS users:

*You can change the IP addresses of the examples or the hostnames and use them with yours. Also feel free to modify the command for your needs.  

Interval – ping –i 5 8.8.8.8 (Linux)

This will make it wait 5 seconds before sending the following packet. 

Custom number of pings – ping –n 8 google.com (Windows) ; ping google.com –c 8 (Linux and macOS)

You can decide how many echo messages to send. 

Check version – ping –V (Linux)

You will see the version of the ping you have. 

Flood – ping –f 127.0.0.1 (Linux)

This will flood the network with many pings. 

Only Statistic – ping google.com –q (Linux and macOS)

It will show you just the statistic, not each individual ping time. 

Change packet size – ping –s 100 google.com (Linux)

It will change the size of the packets. The original is 32 bytes (Windows) and 56 (Linux and macOS), and in this example we have set it to 100. 

Timeout – ping –w 20 google.com (Linux)

If you use this example, the ping will exit in 20 seconds. It will terminate regardless of the number of packets send or received. 

Constant ping – ping –t google.com (Windows) ; ping google.com (Linux and macOS)

It will run without stopping. Endless loop. On Linux and macOS, it runs forever by default. You can stop it with Ctrl+C.

Extra tip

Did you know that you can use the ping command online, straight from your browser? This can come in handy if you only have a mobile phone around. 

Just google it, and you will see more than a few sites. If you decide to use it in this way, please make sure that the site you visit is safe, and it is not going to harm your device or personal data in any way. 

Conclusion:

The ping is not the most sophisticated tool, but it is incredibly handy thanks to the fact it works on any device. Using it, you can quickly diagnose different part of the network and find the problem. You can also check our previous article and find more useful tools in our article Тools – DNS trace, Ping, Traceroute, Nslookup, Reverse lookup.

The post What is Ping command and how to use it? appeared first on ClouDNS Blog.

However, like every other IT problem, DNS issues can be resolved. You just have to know the right tools and commands. In this blog post, we’ll delve into some of these essential DNS troubleshooting tools and commands that every network administrator ought to arm themselves with.

Common DNS Issues 

Before we dive into the tools and commands, let’s understand the most common DNS issues that most administrators often encounter:

1. DNS Downtime: This occurs when DNS servers that translate domain names are temporarily unavailable.
2. Incorrect DNS Configuration: This involves errors in the setup of DNS settings which may lead to problems accessing certain websites or the internet.
3. DNS Cache Poisoning: Also known as DNS Spoofing, it refers to fraudulent entries in the DNS cache, causing traffic to be directed to the wrong place.
4. DNS Propagation Delays: This happens when you make changes to your DNS records and they are not immediately effective due to the time taken to update network servers around the globe.

Now that we have a basic understanding of common DNS issues, let’s explore the essential DNS troubleshooting commands that can help you diagnose and resolve these problems.

DNS Troubleshooting Tools

There are plenty of tools that you can use. The tools can be specific for Linux, Windows, or Mac OS, or they can be browser-based. Most of the tools that we will show you overlaps in functionality, and it will be your decision which one you would use in the future.

Check if the problem is not just in your device

Before you start with the DNS troubleshooting, check if the problem is only local. If you are trying to access your website, but you are getting this message “DNS_PROBE_FINISHED_NXDOMAIN” the problem might be in your device. We recently wrote a way to fix it. Go and read the article. 

Dig command

The ‘dig’ command, which stands for ‘Domain Information Groper,’ is a handy command-line tool used in the DNS name resolution process. It sends a DNS query to a specified DNS server and gets a response. It’s a useful tool for finding DNS-related issues. 

With this command you can see all the DNS records. You can use it on Linux and Mac OS, but you can search for a port for Windows too. A typical dig command will show you an Authority Section. You can see if the DNS is pointing correctly.

Use it with +trace in dig +trace combination “dig +trace YOURDOMAIN” to see the whole route of your query. This way you can locate the exact problem.

ClouDNS Free DNS tool

ClouDNS brings to you a valuable Free DNS tool that has transformative capabilities to enhance your DNS troubleshooting tactics. With this tool, you can inspect the DNS records for a specific host and assess the speed of DNS queries. Aside from these, you can also create a comprehensive audit, a feature that helps in in-depth analysis and identification of problematic areas.

Designed to facilitate the work of their customers, the ClouDNS Free DNS tool is user-friendly and accessible, making DNS troubleshooting a breeze even for beginners in the field. All you need to do is enter your domain and host into the tool, select the tool type as “DNS Records”, and choose ‘Google’ as your DNS resolver, then hit ‘CHECK’. 

What’s more, this powerhouse tool is free of cost, making it a stellar choice for efficient network management. The value it provides, particularly in terms of insight into DNS records and query speed, can go a long way in troubleshooting DNS-related problems swiftly and effectively.

Traceroute

The ‘traceroute’ command enables you to track the pathway that a packet takes from the host to the destination server. As the name suggests, this will be ideal for checking the entire route of a DNS query. You can use it on Windows as Tracert, Linux and Mac OS as traceroute. You can try it with a domain or IP address, and you will see a result with all the hops and response time.

NSLookup

‘NSLookup‘ stands for ‘Name Server Lookup’. This command-line tool is used for obtaining information about DNS settings. It allows users to enter a host name and find out the corresponding IP address, or vice versa.

This command lets you check any type of DNS record. You can use it to see all the available DNS records, or you can look for a specific type like – A, AAAA, SOA, MX, PTR, NS, etc. You can use it to troubleshoot a domain using a particular port too. 

Host command

‘Host’ command is very similar to the NSLookup but available only on Linux. You have to write the commands in the Terminal, and you can see the different types of DNS records.

One thing that you can troubleshoot if you have problems with your emails are the TXT records. You can see if there is a SPF record. It is a TXT record that prevents spoofing and stops your outgoing emails from going directly into the spam folder.

Generate SPF record for free!

Conclusion

There are plenty of useful tools that you can use for DNS troubleshooting. Try all of these and find the right one for you and your problem. Many overlaps in functionality, but have some small differences that can help you in a specific case.

As you saw, there are utilities for every operating system so that you can find the problem easily. After you see where the problem is, it is easy to fix it.  

The post DNS Troubleshooting – tools and commands appeared first on ClouDNS Blog.