-2

Is there a way to find all the aliases of the host?

$ nslookup x
x is an alias for y
y is an alias for z
z has address 192.0.2.45

So if I have z, is there a way of using nslookup/host/dig commands to get x and y too?

Patrick Mevzek
  • 9,273
  • 7
  • 29
  • 42
ak07_
  • 1
  • 1

2 Answers2

3

No, that is not possible. CNAMEs are unidirectional aliases with no way pointing back.

One exception for very special circumstances: If you can do a zone transfer, you could get all host names for a domain and thus look for CNAMES pointing to a specific host.

Sven
  • 97,248
  • 13
  • 177
  • 225
-1

A CNAME record is just a redirection to another record. When the chain of redirects reaches an A or AAAA record, the client gets one or more addresses that an administrator of the A record configured. These addresses are, however, at the discretion of the person and don't even have to all correspond to the same machine. They are usually used to distribute load.

To attempt to get some more information about the IP address you received, you can try

dig -x 1.1.1.1

This will try to convert an IP back to a domain name using reverse DNS. This can be also configured arbitrarily (so it's often misconfigured) and the address returned is often just for giving a human more information as to who to complain to when there are issues, rather than something you enter into your browser.

Zdenek
  • 240
  • 1
  • 4
  • A `CNAME` is an alias, not a redirection. redirection is a term coming from HTTP world and people too often confuse the two. Also not all hosts have reverse DNS entries, as they are not needed. Plus, in a world of mass virtual hosting, CDNs and load balancer a given IP address could map to many hostnames (and there is very poor support for multiple `PTR` records) with a huge rate of changes both in time and space. – Patrick Mevzek Jun 20 '19 at 15:46
  • Patrick Mevzek Now you're splitting hairs. It's true that it's different than a HTTP redirect, but I never claimed it was the same, nor have I claimed that any of the other things weren't as you stated. Don't be bitter and try to answer the original question. – Zdenek Jun 21 '19 at 16:11
  • I believe proper terminology is important. "redirect" is not a term to use in the DNS world, because it has no meaning there and because it entertains confusion in the mind of many. It is NOT "different than a HTTP redirect" because the comparison is impossible, it is like comparing oranges to apples. – Patrick Mevzek Jun 21 '19 at 16:18
  • I'm on the same boat with the importance of proper terminology, but to me, calling something an alias gives me the idea of star topology where all points are 1 hop from the target. When a client hits a CNAME record, it has to start resolving the next domain which might also be a CNAME record until it finally finds an A record with an IP. From the user's perspective, the main difference is that the domain in the address bar doesn't change further contributing to the detached/dissimilar nature of DNS records vs. network interfaces which was the main take-away point for OP. – Zdenek Jun 21 '19 at 16:26
  • DNS is defined by RFC1034/1035. Section 3.6 of RFC 1034 defines `CNAME` as "identifies the canonical name of an alias". This is the only definition that is relevant and I will rest my case there.(Also a CNAME targeting another CNAME is authorized by the same RFC, but good practices recommend to be careful about that, because of loops, additional resolution time, etc... it is however a frequent case in the CDN/Load balancing world) – Patrick Mevzek Jun 21 '19 at 16:32