DNS - Evan Harmon

# DNS | | The Domain Name System (**DNS**) is a hierarchical and distributed naming system for computers, services, and other resources in the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned to each of the associated entities. Most prominently, it translates readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols. The Domain Name System has been an essential component of the functionality of the Internet since 1985. | |-|-| | | wikipedia:: [Domain Name System](https://en.wikipedia.org/wiki/Domain_Name_System) | ## Meta - Domain Name System - A namespace - one of the two principal namespaces of the Internet (the other is IP addresses). - Namespaces - [Namespace - Wikipedia](https://en.wikipedia.org/wiki/Namespace) - Distributed/decentralized and fault-tolerant - Successor to ARPANET’s HOSTS.TXT file - Allows for a single domain name to be translated to different things for different users depending on, e.g., proximity - i.e., one website can be fast due to it being distributed to multiple servers on the Internet. - Technically distinct from a domain name server or just name server - Which is a computer application that uses/does DNS - i.e., the name server is the server component of the domain name system - Hierarchy goes from rightmost to left, going from top/highest level, down - Not case sensitive, so Google.com == google.com - The DNS database is traditionally stored in a structured text file, **the zone file**, but other database systems are common. - BIND is most widely used DNS software ### Confusion of Multi-word Domains - e.g. whorepresents.com, expertsexchange.com - Sometimes clarified by camelCase or Intercapping as in WhoRepresents.com - Sometimes clarified by a hyphen as in experts-exchange.com ### [[Hosts (file)]] ### `/etc/resov.conf` - lists your dns server ### [[dnsmasq]] ## Domain name - The labels are what follow the TLD. A label can be anything, from one letter to a full sentence. The label located right before the TLD can also be referred as a Secondary Level Domain (SLD). A domain name can have many labels (or components), it is not mandatory nor necessary to have 3 labels to form a domain name. - DNS Root . - Unnamed, expressed as the empty label terminated by the dot ., if necessary in technical situations such as ?FQDNs? or ?DNS Zones? - gTLDs - Top-level domains with three or more characters - TLDs - Top-Level Domain - Now over 1000 TLDs - .com - .org - .edu - .gov - .net - .info - .io - ccTLD - Country Code Top-Level Domain - .us - .uk - Second Level Domains: .co.uk or .gov.uk - .fr - .de - .jp - IDN ccTLD - internationalized country code top-level domains - ccTLDs in non-Latin character sets (e.g., Arabic or Chinese) - Second-level Domain - Technically, the google part of www.google.com is the second-level domain - Usually just called, “the domain name” - Or in the case of ccTLDs, the .co part of .co.uk is the second-level domain - [[Apex domain or naked domain or zone apex (DNS)]] - [[Subdomain]] - Canonical Domain Name - a record in a DNS database that indicates the true, or canonical, host name of a computer that its aliases are associated with. E.g., with www.example.com and example.com the canonical name can be specified as the “real” version/domain name. - Done with CNAME record - FQDN - https://en.wikipedia.org/wiki/Fully\_qualified\_domain\_name - Fully Qualified Domain Name - a domain name that is completely specified with all labels in the hierarchy of the DNS, having no parts omitted. - Hostname - https://en.wikipedia.org/wiki/Hostname - A domain name that is associated with an IP address can be called a hostname - Or the local name of a computer, regardless of DNS, can also be called a hostname - Or a local name of a computer, if setup as a FQDN, e.g. as in setting up Windows Server - hostname.companywebsite.com is a FQDN built with the local hostname - DNS Server Addresses - Local client - Routers ## [[DNS zone]] - [[Zone file]] ## [[BIND]] - [[Zone file]] ## [[Domain Registration]] ## DNS Lookup - There are actually DNS caches at every hierarchy of the "lookup" process that ultimately gets your computer to load the website. The computer reaches your router, which contacts your ISP, which might hit another ISP before ending up at what's called the "root DNS servers." Each of those points in the process has a DNS cache for the same reason, which is to speed up the name resolution process. ## DNS Refreshing - DNS databases are stored on every DNS server worldwide, and all these servers refer to a few ones called “authoritative name server” or “top-level DNS servers.” Whenever your registrar creates or updates any information for a given domain, the information must be refreshed in every DNS database. Each DNS server that knows about a given domain stores the information for some time before it is automatically invalidated and then refreshed (the DNS server queries an authoritative server again). Thus, it takes some time for DNS servers that know about this domain name to get the up-to-date information. - Authoritative Name Servers/Top-Level DNS Servers ## DNS Local Cache - a temporary database, maintained by a computer's operating system, that contains records of all the recent visits and attempted visits to websites and other internet domains. In other words, a DNS cache is just a memory of recent DNS lookups that your computer can quickly refer to when it's trying to figure out how to load a website. - Difference between local DNS cache and a client's hosts file? - Checked before checking remote/public DNS servers - Windows: ipconfig /displaydns - Flush DNS Cache - Windows: ipconfig /flushdns - macOS: dscacheutil -flushcache - Linux: /etc/rc.d/init.d/nscd restart - Reboot Router ## DNS Records - Time-To-Live (TTL) - how frequently a resource record should be refreshed. ### A Record - Returns a 32-bit IPv4 address, most commonly used to map hostnames to an IP address of the host ### AAAA Record - Used to map hostnames to IP6 address of the host ### CNAME Record - https://en.wikipedia.org/wiki/CNAME\_record - A type of resource record in the Domain Name System (DNS) which maps one domain name to another. - CNAME records must always point to another domain name, never directly to an IP address - Contra Ax ### SOA Record - A Start of Authority record (abbreviated as SOA record) is a type of resource record in the Domain Name System (DNS) containing administrative information about the zone, especially regarding zone transfers. ### MX Record - specifies a mail server responsible for accepting email messages on behalf of a recipient's domain, and a preference value used to prioritize mail delivery if multiple mail servers are available. The set of MX records of a domain name specifies how email should be routed with the Simple Mail Transfer Protocol (SMTP). ### NS Record - Delegates a DNS zone to use the given authoritative name servers ## DNS Lookup [[Dig]] ## DNS Reverse Lookup or PTR - In computer networks, a reverse DNS lookup or reverse DNS resolution (rDNS) is the querying of the Domain Name System (DNS) to determine the domain name associated with an IP address – the reverse of the usual "forward" DNS lookup of an IP address from a domain name. The process of reverse resolving an IP address uses PTR records. The reverse DNS database of the Internet is rooted in the arpa top-level domain. ## [[Dynamic DNS]] ## DNS Servers [Manage domain name servers - Google Domains Help](https://support.google.com/domains/answer/3290309) ### [[Codex/Tech/Google]] DNS - 8.8.8.8 ### [[OpenDNS]] ### [[Cloudflare]] - [[Cloudflare 1.1.1.1]] ### [[Pi-hole]] ## [[DNSSEC]] ## [[DoH]] ## [[CoreDNS]] ## Sources - [Manage resource records - Google Domains Help](https://support.google.com/domains/answer/3290350?hl=en#zippy=%2Ctime-to-live) - [DNS root server | Cloudflare](https://www.cloudflare.com/learning/dns/glossary/dns-root-server/) - [revlogical.com - Host Search - Censys](https://search.censys.io/search?resource=hosts&sort=RELEVANCE&per_page=25&virtual_hosts=EXCLUDE&q=revlogical.com) - [Verifying your domain with a TXT record | Cloud Identity | Google Cloud](https://cloud.google.com/identity/docs/verify-domain-txt) - [DNS validation - AWS Certificate Manager](https://docs.aws.amazon.com/acm/latest/userguide/dns-validation.html) - [DNS Zones and Records Overview - Azure Public DNS | Microsoft Learn](https://learn.microsoft.com/en-us/azure/dns/dns-zones-records) - [rDNS Check - Reverse DNS Lookup IP Tool](https://dnspropagation.net/reverse-dns-lookup/) - [What is a DNS zone? | Cloudflare](https://www.cloudflare.com/learning/dns/glossary/dns-zone/) - [windows 7 - How to trace the route of a DNS query? - Super User](https://superuser.com/questions/694127/how-to-trace-the-route-of-a-dns-query) - [What Is a Subnet Mask? A Beginner's Guide to Subnetting - IPXO](https://www.ipxo.com/blog/what-is-subnet-mask/) ## Inbox - [[Unbound]] - [[pfsense]] - ISP DNS - Router's DNS - Name server