DNS Deep Dive

*UNDER WORK*

1. What is DNS

The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resources on the Internet or IP networks. It associates various information with domain names, translating them to numerical IP addresses required for locating and identifying devices using network protocols. DNS simplifies online interactions by enabling users to use easily memorable domain names instead of complex IP addresses.

2. Purpose of DNS

DNS serves several critical purposes in the functioning of the internet:

  • Address Translation: DNS translates human-readable domain names into IP addresses, enabling users to access websites, services, and resources using familiar names.

  • Load Distribution: DNS helps distribute traffic across multiple servers using techniques like Round Robin, ensuring efficient utilization and load balancing.

  • Redundancy and Fault Tolerance: By providing multiple IP addresses for a single domain, DNS ensures that if one server is unreachable, traffic can be redirected to others.

  • Email Delivery: DNS MX records specify mail servers, facilitating proper routing and delivery of emails.

  • Domain Ownership Verification: DNS TXT records are used for domain ownership verification and establishing sender policies (SPF/DKIM) for email authentication.

  • Security (DNSSEC): DNS Security Extensions (DNSSEC) ensure data integrity and authentication, protecting against DNS spoofing and tampering.

3. DNS Records

DNS records are essential components that provide crucial information about a domain's configuration, services, and security features. Here are examples of common DNS record types:

  • A Record (Address Record): Maps a domain name to an IPv4 address.

    duckduckgo.com.    IN    A    40.114.177.168
  • AAAA Record (IPv6 Address Record): Maps a domain name to an IPv6 address.

    duckduckgo.com.    IN    AAAA    2606:4700:4700::1111
  • CNAME Record (Canonical Name Record): Creates an alias for one domain name to another.

    www.duckduckgo.com.    IN    CNAME    duckduckgo.com.
  • MX Record (Mail Exchange Record): Specifies mail servers responsible for receiving emails for a domain.

    duckduckgo.com.    IN    MX    10    mail.duckduckgo.com.
  • NS Record (Name Server Record): Lists authoritative name servers for a domain.

    duckduckgo.com.    IN    NS    ns1.duckduckgo.com.
    duckduckgo.com.    IN    NS    ns2.duckduckgo.com.
  • TXT Record (Text Record): Allows arbitrary text association with a domain, used for various purposes.

    duckduckgo.com.    IN    TXT    "v=spf1 include:_spf.duckduckgo.com -all"

4. DNS Resolution Process

Here's a detailed breakdown of what happens under the hood when you search for a service using a search engine:

  • User Input: You enter a query into a search engine, like DuckDuckGo.

  • Browser Interaction: Your browser connects to the search engine's server to send the query.

  • DNS Resolution (Browser): Your browser checks its local cache for the IP address of the search engine. If not found, it proceeds to the OS.

  • DNS Resolution (OS): Your OS checks its local DNS cache. If the IP address isn't there, it sends a query to a configured DNS resolver.

  • DNS Query (Resolver): The resolver queries DNS servers for the IP address. It goes through root and authoritative servers to get the IP.

  • Connection to Server: With the IP, your browser establishes a connection to the search engine's server.

  • Response and Rendering: The server processes your query, sends back results, and your browser renders the page.

5. Useful Commands and Tools

In addition to understanding DNS concepts, you can use various tools for working with DNS:

  • PowerShell:

    • Display DNS client configuration: Get-DnsClientServerAddress

    • Clear DNS cache: Clear-DnsClientCache

    • Query DNS records: Resolve-DnsName duckduckgo.com -Type A

  • Command Prompt (CMD):

    • Display DNS server configuration: ipconfig /all

    • Clear DNS cache: ipconfig /flushdns

    • Query DNS records: nslookup duckduckgo.com

  • Ubuntu Terminal:

    • Display DNS server configuration: cat /etc/resolv.conf

    • Clear DNS cache: sudo systemd-resolve --flush-caches

    • Query DNS records: nslookup duckduckgo.com

  • WHOIS Lookup: WHOIS provides domain ownership, registration, and contact information.

    • Command: whois duckduckgo.com

Last updated