DNS

Domain Name System

What is DNS

DNS, or Domain Name System, is a fundamental component of the internet’s infrastructure, acting as a directory that translates human-readable domain names (like www.example.com) into IP addresses (like 192.0.2.1) that computers use to identify each other on the network. This system allows users to access websites and other resources without needing to remember complex numerical addresses. DNS operates through a distributed database system that ensures this translation is performed quickly and accurately, enabling smooth internet navigation.

The DNS system is hierarchical and decentralized, designed to handle billions of requests efficiently every day. At the top of the hierarchy are the root name servers, which direct queries to the appropriate top-level domain (TLD) servers (like .com, .org, .net). These TLD servers then direct the queries further down to the authoritative name servers that hold the specific IP address information for the domain in question. This multi-level approach helps manage the vast scale of the internet and ensures redundancy and reliability, preventing any single point of failure from disrupting the entire system.

DNS also encompasses various security measures and protocols to ensure data integrity and protect against malicious activities. For example, DNS Security Extensions (DNSSEC) add a layer of authentication to ensure responses are not tampered with, enhancing trust in the system. Despite its robustness, DNS is a target for cyberattacks such as DNS spoofing and DDoS attacks. Consequently, continuous efforts are made to strengthen DNS infrastructure and protocols to maintain the security and stability of internet operations.

git-main-01

Termomonlogy and Concept

    1. Default Brance:
      • Git:
        • Still “master”
        • Options for other default branch names
      • Github:
        • Default now “main” (new repos only)
        • Can be reset back to “maste
    2. Ignore files:
      • Git:
        • Is made in the file .gitignore

Github View - HTTPS

github-https

Github View - SSH

github-ssh

Commands

Some commonly used crontab commands
DESCRIPTION COMMAND
Initialize git
Set up necessary data structures and files,
creating a hidden subfolder (.git) 		git init

What is DNS resolution

Example content - start template

DNS resolution is the process by which domain names are translated into IP addresses. This process allows users to access websites using human-readable names instead of numerical IP addresses, making the internet more user-friendly. Here’s how DNS resolution works:

  1. User Request: When you type a domain name (e.g., www.example.com) into your browser, the request for that domain name is sent to your local DNS resolver, which is usually provided by your Internet Service Provider (ISP).
  2. Local DNS Resolver: The local resolver first checks its cache to see if it already has the IP address for the requested domain name. If it does, it returns the IP address to the user’s browser, which then connects to the web server hosting the website.
  3. Recursive Query: If the IP address is not in the local cache, the resolver initiates a recursive query to find the IP address. This involves querying multiple DNS servers in a hierarchical order.
  4. Root DNS Servers: The resolver first contacts one of the root DNS servers. These servers don’t know the IP address of the requested domain but can direct the resolver to the appropriate top-level domain (TLD) servers (e.g., .com, .net, .org).
  5. TLD DNS Servers: The resolver then contacts the TLD DNS server for the domain. For instance, if the domain is example.com, the resolver will query the .com TLD server. This server doesn’t know the exact IP address but can direct the resolver to the authoritative DNS server for the specific domain.
  6. Authoritative DNS Servers: Finally, the resolver contacts the authoritative DNS server for the domain (e.g., ns1.example.com). This server contains the DNS records for the domain and provides the IP address for www.example.com.
  7. Return IP Address: The authoritative DNS server returns the IP address to the local resolver, which then caches the information for future requests and returns the IP address to the user’s browser.
  8. Browser Connection: The browser uses the IP address to connect to the web server and load the website.

DNS resolution involves several types of DNS servers and queries, but it happens quickly, usually in milliseconds, enabling smooth and seamless browsing experiences.

FAQ

DNS Servers

“DNS server” is a broad category that includes several types of servers with specific responsibilities within the Domain Name System (DNS) hierarchy. Here’s a breakdown of the main types of DNS servers and their responsibilities:

  1. Root Servers:
    • Responsibilities: Root servers are the highest level in the DNS hierarchy. They don’t contain the actual mappings of domain names to IP addresses but instead direct queries to the appropriate Top-Level Domain (TLD) servers.
    • Function: When a DNS resolver does not know where to find information about a domain, it queries a root server. The root server responds with a referral to the appropriate TLD server (e.g., .com, .org, .net).
  2. TLD(Top Level Domain) Servers:
    • Responsibilities: TLD servers manage the next level in the DNS hierarchy, handling domains within a specific top-level domain like .com, .net, or country-specific TLDs like .uk or .jp.
    • Function: When a root server refers a query to a TLD server, the TLD server then provides a referral to the authoritative name server for the specific domain (e.g., example.com).
  3. Authoritative Name Servers:
    • Responsibilities: These servers hold the actual DNS records for specific domains. They provide the final answer to DNS queries about a domain.
    • Function: When a TLD server refers a query to an authoritative name server, this server responds with the IP address or other DNS records (such as MX records for email) for the requested domain.

Each type of DNS server plays a crucial role in resolving domain names into IP addresses or other records:

  • Root Servers: Direct DNS queries to the correct TLD servers. Contains the root zon file and points to all authorative TLD servers.
  • TLD(Top Level Domain) Servers: Direct queries to the authoritative name servers for specific domains within their TLD. Each server is responisble for each TLD, e.i. se, .com, fi, .xyz
  • Authoritative Name Servers: Provide the definitive DNS records for domains they manage. Provides the actual ip adress associated with the domain name. They are responsible authorize for specific domains. They hold DNS records

Together, these servers create a hierarchical system that ensures efficient and reliable resolution of domain names to their corresponding IP addresses and other related records.

DNS propagation

DNS propagation refers to the period of time it takes for changes made to DNS records to be updated and distributed across all DNS servers worldwide. When you update a DNS record (such as changing the IP address for a domain), this change needs to be communicated to all DNS servers that may cache information about that domain. Until all servers have received the updated information, the old DNS record may still be in use, leading to inconsistent access to the domain.

Key Points about DNS Propagation:

  1. Time-to-Live (TTL): DNS records have a TTL value, which specifies how long a DNS server should cache the record before checking for updates. Lower TTL values mean faster propagation but can increase the load on DNS servers because they need to refresh the records more frequently. Higher TTL values mean slower propagation but reduce the load on DNS servers.
  2. Caching: DNS servers cache DNS records to reduce the load on authoritative DNS servers and to speed up DNS query responses. Changes to DNS records must wait until the cached records expire based on their TTL before the updated records are fetched.
  3. Global Distribution: DNS changes need to propagate across many DNS servers worldwide, including ISP DNS servers, public DNS servers (like Google Public DNS, Cloudflare DNS), and private DNS servers. This process can take anywhere from a few minutes to 48 hours, depending on the TTL settings and the specific DNS server’s refresh policies.

Responsibility for DNS Propagation:

  1. Domain Owner: The owner of the domain initiates DNS changes through their domain registrar or DNS hosting provider. They can set the TTL values for their DNS records to control how quickly changes should propagate.
  2. Authoritative DNS Servers: These servers hold the original DNS records for a domain. When a change is made, it is first updated on these servers. These servers respond to DNS queries with the most current information and indicate the TTL for caching.
  3. Caching DNS Servers: These servers, including those run by ISPs and public DNS services, cache DNS records based on the TTL. They are responsible for updating their cached records after the TTL expires and the next query is made.
  4. Registrars and DNS Hosting Providers: These organizations provide the interface for domain owners to manage their DNS settings. They ensure that the authoritative DNS servers are updated with the new information.

Process of DNS Propagation:

  1. Update DNS Records: The domain owner updates the DNS records through their registrar or DNS hosting provider.
  2. TTL Expiry: The previous DNS records are cached by various DNS servers worldwide. These records will be served until the TTL expires.
  3. Query Authoritative Servers: Once the TTL expires, the caching DNS servers query the authoritative DNS servers for the updated records.
  4. Cache Updated Records: The caching DNS servers receive the updated records and cache them according to the new TTL.
  5. Consistent Resolution: Once the updated records are propagated to all relevant DNS servers, the domain will consistently resolve to the new IP address or other updated information.

By understanding and managing TTL values and knowing how DNS propagation works, domain owners can better anticipate and manage the time it takes for DNS changes to take effect globally. DNS propagation involves both the Top-Level Domain (TLD) servers and the authoritative nameservers,

DNS record

A DNS (Domain Name System) record is a piece of information stored in a DNS database that associates a specific domain name with certain data. These records are crucial for translating human-readable domain names (like “example.com”) into IP addresses (like “192.0.2.1”) that computers use to communicate with each other over the internet. DNS records are organized in a hierarchical structure and are managed by authoritative DNS servers.

There are several types of DNS records, each serving a different purpose. Some common types of DNS records include:

  1. A Record (Address Record): Maps a domain name to an IPv4 address. For example, an A record for “example.com” might point to “192.0.2.1”.
  2. AAAA Record (IPv6 Address Record): Similar to an A record but maps a domain name to an IPv6 address. For example, an AAAA record for “example.com” might point to “2001:0db8:85a3:0000:0000:8a2e:0370:7334”.
  3. CNAME Record (Canonical Name Record): Creates an alias for a domain name. It points one domain name to another, allowing the IP address to be changed in a single place. For example, a CNAME record might point “www.example.com” to “example.com”.
  4. MX Record (Mail Exchange Record): Specifies the mail server responsible for receiving email on behalf of a domain. It includes the domain name of the email server and a priority value. For example, an MX record might point to “mail.example.com” with a priority of 10.
  5. TXT Record (Text Record): Used to store text-based information associated with a domain. It can be used for various purposes, such as domain verification, SPF (Sender Policy Framework) records for email authentication, or other types of metadata.
  6. NS Record (Name Server Record): Specifies the authoritative DNS servers for a domain. It indicates which DNS servers are responsible for providing DNS information for the domain.
  7. PTR Record (Pointer Record): Used in reverse DNS lookups to map an IP address to a domain name. PTR records are often used to verify the authenticity of email senders by checking that the reverse DNS lookup matches the forward DNS lookup.

These are just a few examples of DNS record types. Each type serves a specific function within the DNS system and plays a critical role in ensuring the proper functioning of domain name resolution on the internet. DNS records are managed and configured by domain owners or administrators through their domain registrar or DNS hosting provider.

More info

How a DNS Server Works
DNS Records Explained

More DNS records

Here are some common types of DNS records:

  1. A Record (Address Record): An A record maps a domain name to an IPv4 address. For example, it maps “example.com” to “192.168.1.1”.
  2. AAAA Record (IPv6 Address Record): Similar to an A record, an AAAA record maps a domain name to an IPv6 address. It is used for IPv6 addresses. For example, it maps “example.com” to “2001:0db8:85a3:0000:0000:8a2e:0370:7334”.
  3. CNAME Record (Canonical Name Record): A CNAME record creates an alias for a domain name. It points one domain to another domain’s canonical name. For example, “www.example.com” can have a CNAME record that points to “example.com”. This allows the “www” subdomain to resolve to the same IP address as the main domain.
  4. MX Record (Mail Exchange Record): MX records specify the mail server responsible for accepting incoming emails for a domain. It associates a domain name with a list of mail servers and their priority values. For example, “example.com” can have an MX record pointing to “mail.example.com” as the mail server.
  5. TXT Record (Text Record): A TXT record stores descriptive text information associated with a domain. It is often used for domain verification, SPF (Sender Policy Framework) records for email authentication, and other purposes.
  6. NS Record (Name Server Record): NS records specify the authoritative DNS servers for a domain. They indicate which DNS servers are responsible for storing and providing DNS information for a specific domain

The components of an SRV record are as follows:

  • Service: The symbolic name of the desired service (e.g., _sip, _xmpp).
  • Protocol: The protocol used for the service (e.g., TCP, UDP).
  • Name: The domain name where the service is defined.
  • Priority and Weight: Used for load balancing, indicating the preference and relative capacity of multiple service targets.
  • Port: The port number where the service is hosted.
  • Target: The domain name of the server providing the service.
  1. CAA Record (Certificate Authority Authorization): CAA records allow domain owners to specify which Certificate Authorities (CAs) are authorized to issue SSL/TLS certificates for their domain. This record helps in improving security by reducing the risk of unauthorized certificate issuance.

A CAA record contains the following information:

  • Flag: A single-digit value (0 or 1) indicating the CAA record’s critical status. If set to 1, it means that only CAs specifically listed in the record are authorized to issue certificates for the domain.
  • Tag: The tag specifies the type of property or policy being defined. The most common tag for CAA records is “issue,” indicating which CAs are authorized to issue certificates.
  • Value: The value associated with the tag, which defines the CA or CA’s domain name.

By using CAA records, domain owners can control which CAs are allowed to issue certificates for their domains, providing an additional layer of security and preventing unauthorized certificate issuance.

It’s worth noting that not all DNS providers support SRV and CAA records, so it’s important to check with your DNS hosting provider or domain registrar to ensure they offer support for these record types.