1
I'm trying to understand better the different network-query tools such as nc
, curl
, whois
, dig
, nslookup
and at the same time a bit more about the architecture of internet requests, servers, and the like (NIC, A Record, MX) whilst already knowing a little about TCP, nameservers, domain registrars, packet sniffers, HTTP headers, and IP addresses. That's my background, here's my question.
When I dig
or whois
let's say www.valgrind.org (or valgrind.org) I get at least two different IP answers: 178.250.76.80 and 172.16.0.23#53.
$ nslookup valgrind.org
Server: 172.16.0.23
Address: 172.16.0.23#53
Non-authoritative answer:
Name: valgrind.org
Address: 178.250.76.80
Trying to browse to either of these in w3m
or chromium
leads to a 403 Forbidden
error. Furthermore I'm not sure which one to navigate to, but ping
is somehow able to figure it out! If I ping valgrind.org
(or ping www.valgrind.org
) it chooses
$ ping valgrind.org
PING valgrind.org (178.250.76.80) 56(84) bytes of data.
64 bytes from 178.250.76.80: icmp_req=1 ttl=50 time=80.2 ms
How did it know to do that? And what other tool should I be using to find out how my browser goes from 178.250.76.80
to valgrind.org
and loads something?
This is pretty off-topic for here. I'll help get you started though: The first 'two answers' you get are not two different answers. The first address is the address of YOUR dns server; the server nslookup sent the query to. The only 'answer' there is 178.250.76.80. This is for professionals, not people seeking to learn the basics. – yoonix – 2013-08-26T17:47:06.380
@yoonix I did actually look at
man ping
before asking here but it doesn't answer my question. – isomorphismes – 2013-08-26T18:06:01.820