DNS

DNS (Domain Name System)

What is DNS?

DNS (Domain Name System) is a hierarchical and distributed system that translates human-readable domain names (e.g., example.com) into IP addresses (e.g., 192.168.1.1) to enable communication over the internet.

Key Features of DNS

Domain Name Resolution
Converts domain names into IP addresses for easier access.
Works in a client-server model using DNS resolvers.
Hierarchical Structure
Root Servers → Direct queries to Top-Level Domain (TLD) servers.
TLD Servers → Handle .com, .org, .net, etc.
Authoritative Name Servers → Store domain-specific records.
Caching for Faster Responses
Resolving servers cache responses to reduce lookup times.
Works Over UDP & TCP
Uses UDP port 53 for most queries.
Uses TCP port 53 for large responses or zone transfers.

Breakdown of Domain Levels in DNS

Domains in the Domain Name System (DNS) follow a hierarchical structure, organized into different levels. These levels define how domain names are resolved and managed.

1️⃣ Root Domain (Top Level)

The highest level in the DNS hierarchy, represented as a dot (.) at the end of every domain (though usually hidden).
Managed by Root Name Servers.
Example: . (root domain in www.example.com.).

2️⃣ Top-Level Domain (TLD)

The first segment after the root, categorizing domains into different groups.
Managed by organizations like ICANN (Internet Corporation for Assigned Names and Numbers).
Two main types:
Generic TLDs (gTLDs) – Open for general registration.
- Examples: .com, .org, .net, .info, .biz.
Country Code TLDs (ccTLDs) – Specific to countries or regions.
- Examples: .us (USA), .uk (United Kingdom), .jp (Japan).
Sponsored TLDs (sTLDs) – Managed by specific organizations or industries.
- Examples: .edu (Education), .gov (Government), .mil (Military).

3️⃣ Second-Level Domain (SLD)

Directly below the TLD, chosen by the domain owner.
Represents organizations, brands, or services.
Example: example in example.com.

4️⃣ Third-Level Domain (Subdomain)

Comes before the SLD and is used for organizing services or sections within a domain.
Example: www in www.example.com, or mail in mail.example.com.
Can be used for different services like:
blog.example.com → Blog section.
store.example.com → E-commerce section.

5️⃣ Lower-Level Domains

Further subdivisions of subdomains, used for internal network structuring.
Example: server1.internal.example.com.
Often used in private networks for Active Directory domains, VPNs, or internal applications.

Example Breakdown of a Full Domain Name

For www.sub.example.co.uk.:

Domain Level	Part of the Domain	Description
Root Level	`.`	The highest level, not typically shown.
TLD	`.uk`	Country Code Top-Level Domain (ccTLD).
Second-Level	`.co.uk`	Designated for commercial entities in the UK.
Third-Level (SLD)	`example.co.uk`	The main registered domain.
Fourth-Level (Subdomain)	`sub.example.co.uk`	A subdivision (e.g., department or service).
Fifth-Level	`www.sub.example.co.uk`	Another subdivision, often for the web service.

DNS domains follow this hierarchy to maintain a scalable and organized structure for global internet addressing.

DNS Record Types

A DNS (Domain Name System) table maps domain names to various records, such as IP addresses, mail servers, and other resources.

Key DNS Table Attributes & Record Types

Attribute	Description	Example
Host/Name	The domain or subdomain name	`example.com`, `www.example.com`
TTL (Time-To-Live)	How long a record is cached before refreshing	`3600` (1 hour)
Record Type	Specifies the type of DNS entry	`A`, `CNAME`, `MX`, etc.
Value/Data	The actual data associated with the record	IP address, alias, mail server, etc.
Priority	Used in some records like MX to rank importance	`10`, `20` (lower = higher priority)

Common DNS Record Types

Record Type	Purpose	Example Value
A (Address)	Maps a domain to an IPv4 address	`192.168.1.1`
AAAA (IPv6 Address)	Maps a domain to an IPv6 address	`2606:4700:4700::1111`
CNAME (Canonical Name)	Alias for another domain	`example.net` → `example.com`
MX (Mail Exchange)	Directs emails to a mail server	`10 mail.example.com`
TXT (Text Record)	Stores arbitrary text (SPF, DKIM, etc.)	`"v=spf1 include:_spf.google.com ~all"`
NS (Name Server)	Specifies authoritative name servers	`ns1.example.com`
PTR (Pointer Record)	Reverse DNS lookup (IP → domain)	`1.1.168.192.in-addr.arpa → example.com`

Each DNS record type serves a specific function, enabling domain resolution, email routing, security verification, and load balancing.

How DNS Works (Query Process)

User enters a domain name (e.g., www.example.com).
DNS Resolver (ISP or local) checks cache; if not found, it queries a root DNS server.
Root DNS Server refers the request to the appropriate TLD server (e.g., .com).
TLD Server directs the request to the authoritative name server for example.com.
Authoritative DNS Server provides the IP address of www.example.com.
DNS Resolver caches the result and returns it to the user’s device.
User’s browser connects to the website using the resolved IP address.

DNS File Directories

On a typical DNS server, configuration and zone files are stored in directories such as:

/etc/bind/
/var/named/
/etc/resolv.conf

Example zone file for example.com:

$TTL 86400
@   IN  SOA  ns1.example.com. admin.example.com. (
        2024031701  ; Serial number
        3600        ; Refresh
        1800        ; Retry
        604800      ; Expire
        86400 )     ; Minimum TTL
@   IN  NS  ns1.example.com.
@   IN  A   192.168.1.10
www IN  A   192.168.1.10

Comparison: DNS vs. Hosts File

Feature	DNS	Hosts File
Scalability	Global, distributed	Local, manual entries
Performance	Cached, efficient	No caching, static entries
Flexibility	Supports multiple record types	Limited to simple mappings

DNS is the backbone of internet navigation, ensuring domain names resolve quickly and efficiently across networks.

Different nameservers

A name server is a crucial part of the Domain Name System (DNS) that translates human-readable domain names into IP addresses. Here’s a breakdown of the different types of name servers and their roles:

1. Root Name Servers

The top of the DNS hierarchy.
There are 13 sets of root name servers globally.
Direct queries to the appropriate TLD (Top-Level Domain) name servers.

2. TLD Name Servers

Responsible for handling requests for specific top-level domains (e.g., .com, .org, .net).
Direct queries to the authoritative name servers for a domain.

3. Authoritative Name Servers

Hold the actual DNS records for a domain.
Provide the IP address of the requested domain name.
Can be managed by domain registrars, web hosting providers, or custom DNS providers.

4. Recursive Name Servers (Resolvers)

Used by ISPs or public DNS services (e.g., Google’s 8.8.8.8 or Cloudflare’s 1.1.1.1).
Cache responses to speed up subsequent requests.
Query root, TLD, and authoritative name servers to resolve domain names.

5. Caching Name Servers

Store previously resolved DNS records for faster lookup.
Reduce the number of external DNS queries.

6. Forwarding Name Servers

Don’t perform direct resolution but forward requests to other resolvers.
Common in enterprise networks to apply filtering or logging.

Performing DNS Lookups (Samples)

Here are a few ways to perform a DNS lookup using different tools:

1. Using `nslookup` (Windows, Linux, macOS)

nslookup example.com

Example Output:

Server:  8.8.8.8
Address: 8.8.8.8#53

Non-authoritative answer:
Name: example.com
Address: 93.184.216.34

- The server is the DNS resolver used. - The non-authoritative answer is from a caching DNS resolver.

To query a specific type of record:

nslookup -type=MX example.com   # Lookup mail server (MX) records
nslookup -type=NS example.com   # Lookup name servers

2. Using `dig` (Linux, macOS)

dig example.com

Example Output:

;; ANSWER SECTION:
example.com.   3600   IN   A   93.184.216.34

- The ANSWER SECTION provides the resolved IP address.

To query different DNS records:

dig example.com MX  # Get mail server (MX) records
dig example.com NS  # Get name servers
dig example.com TXT # Get text records (e.g., SPF, DKIM)

To use a specific DNS server (e.g., Google DNS 8.8.8.8):

dig @8.8.8.8 example.com

3. Using `host` (Linux, macOS)

host example.com

Example Output:

example.com has address 93.184.216.34
example.com mail is handled by 0 example.mail.server

For name servers:

host -t ns example.com

4. Using Python (`socket` and `dns.resolver`)

Basic Lookup with `socket`

import socket
ip = socket.gethostbyname("example.com")
print(ip)

Advanced Lookup with `dnspython`

import dns.resolver
result = dns.resolver.resolve("example.com", "A")
for ip in result:
    print(ip)

DNS

DNS (Domain Name System)

What is DNS?

Key Features of DNS

Breakdown of Domain Levels in DNS

1️⃣ Root Domain (Top Level)

2️⃣ Top-Level Domain (TLD)

3️⃣ Second-Level Domain (SLD)

4️⃣ Third-Level Domain (Subdomain)

5️⃣ Lower-Level Domains

Example Breakdown of a Full Domain Name

DNS Record Types

Key DNS Table Attributes & Record Types

Common DNS Record Types

How DNS Works (Query Process)

DNS File Directories

Comparison: DNS vs. Hosts File

Different nameservers

1. Root Name Servers

2. TLD Name Servers

3. Authoritative Name Servers

4. Recursive Name Servers (Resolvers)

5. Caching Name Servers

6. Forwarding Name Servers

Performing DNS Lookups (Samples)

1. Using nslookup (Windows, Linux, macOS)

2. Using dig (Linux, macOS)

3. Using host (Linux, macOS)

4. Using Python (socket and dns.resolver)

Basic Lookup with socket

Advanced Lookup with dnspython

1. Using `nslookup` (Windows, Linux, macOS)

2. Using `dig` (Linux, macOS)

3. Using `host` (Linux, macOS)

4. Using Python (`socket` and `dns.resolver`)

Basic Lookup with `socket`

Advanced Lookup with `dnspython`