DNS

Domain Name System

 What is DNS.
 Domain Name Systems (DNS) is the phonebook of the Internet. 
 Each device connected to the Internet has a unique IP address which other machines use to find the
device. DNS servers eliminate the need for humans to memorize IP addresses.
 DNS basically resolve our FQDN(Fully Qualified Domain Name) to IP address or vice-verse.
 DNS is a hierarchically distributed database. This means that the DNS database is distributed all over the
internet instead of in a central location.
 When a name resolution query is made to a DNS server and it doesn’t know the answer the query can be
passed onto another DNS server which in turn may pass the query on. In the end the client will either
receive an answer or a name-resolution error.
 DNS server listens for requests on port 53.
DNS Hierarchy.
 DNS uses a hierarchical tree based name structure.
 At top of the tree is the “root” ( represented as a dot (.) ) followed by the TLD ( Top Level Domain ),
then by the domain-name and any number of lower level sub-domains separated by a dot.
 Top Level Domains are divided into 2 categories:-
 Generic TLD.
 Country Code TLD.
DNS Queries.
 When a client tries to access a web address like “example.com”, their web browser performs
a DNS Query against a DNS server, supplying the hostname. The DNS server takes the
hostname and resolves it into a numeric IP address, which the web browser can connect to.
 A component called a DNS Resolver is responsible for checking if the hostname is available in
local cache, and if not, contacts a series of DNS Name Servers.
 Types of Queries:-
 Recursive Query
 Iterative Query
1. Recursive Query – This type of query happen between client and server. Here
complete answer to question always returned.
2. Iterative Query – This type of query exist between Server to Server. In this Resolver
may not get the answer but it accepts a hint to ask somewhere else.
How Query Works.
 First Query :-
1. Client 1 queries local DNS Server (1) for host www.mydomain.com
2. Local DNS Server doesn’t know the answer, So it queries Root DNS Server (2).
3. Root DNS Server refers DNS Server(1) to DNS Server (3) responsible for .com domain name space.
4. DNS Server (3) refers DNS Server (1) to DNS Server (4) responsible for mydomain domain name space.
5. DNS Server (4) return the answer to DNS Server (1). DNS Server (1) return the answer to client (1).
 Second Query :-
1. Client (2) queries DNS Server (1) for host www.mydomain.com
2. DNS Server (1) return the answer to client (2) from it’s DNS Cache.
DNS Server Types.
 Primary DNS Server
 A DNS Server contains zone files. If a DNS Server is authoritative over a zone file, it has full control over it.
 A Primary DNS Server can update, make additions to, modify and delete records in the zone file. 
 Primary DNS Server is the only place modifications to the domain can be made.
 Primary DNS Servers are authoritative over the zones that they contain, any changes to the zone file will be
replicated to all other DNS Servers.
 Secondary DNS Server
 A Secondary DNS Server contains backup copies of a zone file and can only read information from the zone
file.
 Secondary DNS Server cannot update or delete records from the zone file it contains.
 Any changes that need to be made to the zone file have to be made on the Primary DNS Server.
 These changes are then replicated to the secondary DNS server.
 Secondary DNS Servers are used for load-balancing and fault-tolerance.
 Caching-Only Servers
 DNS Servers store the queries that they have resolved.
 Caching-only DNS Servers only cache the information and don’t actually hold any sort of zone file.
 A caching-only server is not authoritative for any zone.
 Caching only servers can be used to speed up Internet access on networks.
 DNS server will store any queries it makes to the Internet and speed up name resolution.
 Forwarding Servers
 These servers are also known as proxy, client, or remote servers.
 These servers forward all requests to other DNS servers, and cache the results.
 They are mostly used in off-site locations, where all the off-site queries reach this server first, and it then forwards
the queries to other DNS servers.
 Such an arrangement reduces the external access of the local servers, and thus, speeds up responses.
DNS Zones.
 Forward Lookup Zone
 Forward lookup is the most common form of DNS lookup.
 This type of lookup converts a hostname into an IP address.
 Forward Lookup-Zone contains Name to IP Address mappings.
 Each zone file consists of a number of resource records (RR’s). Resource records (RR’s) contain
information about certain resources on the network.

 Reverse Lookup Zone

 Reverse Lookup-Zone contains IP Address to Name mappings.
 This allows the computer to do reverse queries, some applications need to be able to make reverse lookup
queries.
 The special domain name in_addr.arpa is used for reverse lookups.
 For e.g. A query about the hostname of 10.1.0.1 would result in a query to a zone-file called
0.1.10.in_addr.arpa.
 Active Directory Integrated Zones
 Active Directory Integrated Zones store the same information as standard Zone Files, however the information is
stored and replicated with the Active Directory.
 There are no Primary or Secondary Zones. All zones are multi-master, which means that you can update any of the
zones and the changes will be replicated.
 Active Directory zones use IXFR (Incremental Zone Transfers), which means that when a change is made to a zone
file, only that change is replicated instead of the entire database.
 Active Directory Zones allow for secure, dynamic updates.

 Stub Zones
 A stub-zone contains a partial copy of another zone.
 This zone contains only the NS and SOA records for its master zone.
 A stub zone doesn’t has complete information of hosts in zone but since it stores NS records and A records of name
server, it can forward queries to those name server who are authoritative for the zone.
 DNS Records.
 Address(A) - The A record is used to find the IP associated with a domain name.
 IP version 6 (AAAA) - This AAAA record has the same function as the A record but is used specifically for the
IPv6 protocol.
 Pointer (PTR) - Creates a pointer, which maps an IP address to the host name in order to do reverse lookups.
 Name Server(NS) - It specifies that a DNS Zone, such as “example.com” is delegated to a specific
Authoritative Name Server, and provides the address of the name server.
 Canonical Name (CNAME) - This record will alias one site name to another. Some Web Sites, for example,
have several Web Servers for load balancing, each with different IP Addresses. A query to www.microsoft.com
will give you several possible IP Addresses all pointing to the same web-site.
 Male Exchange(MS) - Permits mail to be sent to the right mail servers located in the domain.
 Start Of Authority(SOA) - This record appears at the beginning of a DNS zone file, and indicates the
Authoritative Name Server for the current DNS zone, contact details for the domain administrator, domain
serial number, and information on how frequently DNS information for this zone should be refreshed.
Troubleshooting DNS.
 Test to see if the client is on the network by using the “ping” utility.
 Use “ipconfig” to view the clients DNS settings.
 Use NSLOOKUP to perform DNS queries and check the contents of the zone files.
 Use the Event Viewer to see any DNS client or server error messages.
 Ipconfig /flushdns – empties the local resolver cache.
 Ipconfig /registerdns – forces a dynamic update of the client’s registration in the local DNS server.
 If you can ping the host by IP address but not by name, check your DNS server to make sure that a Host (A)
record exists for the host.
 If your primary DNS server is having problems, try using an secondary DNS server.