DNS

Some useful links to explain the concepts of DNS

Concepts

  • Authoritative NS

    • When a DNS query is made to a server which has the domain’s data, it is an authoritative NS, otherwise it will point to other NS or serve cached copies of other NS

  • Zone file

    • simple text file containing the mapping between domain names and IP addresses, e.g : www.google.com

  • Root Servers

    • 13 servers - a to h, routed to the nearest mirror of the server

  • TLD servers :

    • .com [others are : .org, .net, .edu etc]

  • Domain Level NS

    • the server containing the actual records of the requested domain (ns1.google.com, ns2.google.com etc)

  • TTL - Time to live

    • A timer. Caching name servers can use this until the TTL runs out

  • Records

1domain.com.  IN SOA ns1.domain.com. admin.domain.com. (
212083 ; serial number  - incremented on zone file change, slave NS checks if master NS serial > cached serial & if yes, slave NS requests for updated zone else serves same zone file.
33h; refresh interval -  Slave NS waits this period to poll the master NS for changes
430m; retry interval -  Slave NS will retry querying master NS every this period for zone transfer updates
53w; expiry period -   if slave NS can not contact master for this time, it will no longer return authoritative response for the queried zone
61h ; negative TTL -  a NS will cache errors for this period
7)

Domain Transfer (AXFR)

  • The original DNS specifications RFC-1034 & RFC-1035 envisaged that slave (or secondary) DNS servers would poll the master.

  • The time between such ‘polling’ is determined by the refresh value on the domain’s SOA Resource Record

  • The polling process is accomplished by the ‘slave’ sending a query to the master and requesting its current SOA record.

  • If serial number of this record is higher than the current one maintained by the slave a zone transfer (AXFR) is requested & done on TCP Port 53.

DNS uses UDP for DNS queries over port 53

  • DNS uses UDP for to replying to client DNS queries such as client asking DNS server for a Name to IP or IP to NAME resolution.

  • The reason is that UDP is not connection oriented, so its light-weight & fast, resulting in faster data transmission of results to client compared to TCP.

  • At the same time, if needed then DNS can also work over TCP to serve the DNS queries, but UDP is always preferred because of greater speed.

Why DNS uses TCP for Zone files transfer over port 53

  • DNS uses a master & slave architecture, in which one main authoritative Name server having all the entries & others are replicated (zone files transferred) from master & also serve DNS queries.

  • As there can’t be any inconsistency in Zone files, so to transfer these Zone files DNS uses TCP as the communication protocol, which makes sure that the zone files are transferred reliably.

Resource Records

  • A record

    • map a host to an IP address

host     IN      A          IPv4_address host     IN      AAAA    IPv6_address

  • MX Record

    • map a mail exchange used for the domain

IN  MX  10  mail.domain.com. (where 10 is record priority. Priority is given to MX with lower values at DNS lookup)

  • PTR

    • maps an IP address to a reverse name

How do resolvers work

  • What happens when you set resolvers in PC (Windows) And / Or Router

    • A browser 1st checks its internal cache of recent queries which it checks initially otherwise it asks the system resolver for DNS queries (/etc/hosts) else it forwards requests to another resolver.

alternate text

Types of DNS Servers

Why are there are only 13-root DNS servers

Configuration

Bind Configuration / Tweaks

Managing DNS Better

Troubleshooting & Log Parsing

Check DNS Propagation Issues