DNS Deep Dive
*UNDER WORK*
1. What is DNS
The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resources on the Internet or IP networks. It associates various information with domain names, translating them to numerical IP addresses required for locating and identifying devices using network protocols. DNS simplifies online interactions by enabling users to use easily memorable domain names instead of complex IP addresses.
2. Purpose of DNS
DNS serves several critical purposes in the functioning of the internet:
Address Translation: DNS translates human-readable domain names into IP addresses, enabling users to access websites, services, and resources using familiar names.
Load Distribution: DNS helps distribute traffic across multiple servers using techniques like Round Robin, ensuring efficient utilization and load balancing.
Redundancy and Fault Tolerance: By providing multiple IP addresses for a single domain, DNS ensures that if one server is unreachable, traffic can be redirected to others.
Email Delivery: DNS MX records specify mail servers, facilitating proper routing and delivery of emails.
Domain Ownership Verification: DNS TXT records are used for domain ownership verification and establishing sender policies (SPF/DKIM) for email authentication.
Security (DNSSEC): DNS Security Extensions (DNSSEC) ensure data integrity and authentication, protecting against DNS spoofing and tampering.
3. DNS Records
DNS records are essential components that provide crucial information about a domain's configuration, services, and security features. Here are examples of common DNS record types:
A Record (Address Record): Maps a domain name to an IPv4 address.
AAAA Record (IPv6 Address Record): Maps a domain name to an IPv6 address.
CNAME Record (Canonical Name Record): Creates an alias for one domain name to another.
MX Record (Mail Exchange Record): Specifies mail servers responsible for receiving emails for a domain.
NS Record (Name Server Record): Lists authoritative name servers for a domain.
TXT Record (Text Record): Allows arbitrary text association with a domain, used for various purposes.
4. DNS Resolution Process
Here's a detailed breakdown of what happens under the hood when you search for a service using a search engine:
User Input: You enter a query into a search engine, like DuckDuckGo.
Browser Interaction: Your browser connects to the search engine's server to send the query.
DNS Resolution (Browser): Your browser checks its local cache for the IP address of the search engine. If not found, it proceeds to the OS.
DNS Resolution (OS): Your OS checks its local DNS cache. If the IP address isn't there, it sends a query to a configured DNS resolver.
DNS Query (Resolver): The resolver queries DNS servers for the IP address. It goes through root and authoritative servers to get the IP.
Connection to Server: With the IP, your browser establishes a connection to the search engine's server.
Response and Rendering: The server processes your query, sends back results, and your browser renders the page.
5. Useful Commands and Tools
In addition to understanding DNS concepts, you can use various tools for working with DNS:
PowerShell:
Display DNS client configuration:
Get-DnsClientServerAddressClear DNS cache:
Clear-DnsClientCacheQuery DNS records:
Resolve-DnsName duckduckgo.com -Type A
Command Prompt (CMD):
Display DNS server configuration:
ipconfig /allClear DNS cache:
ipconfig /flushdnsQuery DNS records:
nslookup duckduckgo.com
Ubuntu Terminal:
Display DNS server configuration:
cat /etc/resolv.confClear DNS cache:
sudo systemd-resolve --flush-cachesQuery DNS records:
nslookup duckduckgo.com
WHOIS Lookup: WHOIS provides domain ownership, registration, and contact information.
Command:
whois duckduckgo.com
Last updated