Introduction to DNS

June 27, 2016

Domain Name (website name)

A domain name is the human-friendly name that we are used to associating with an internet resource (website). For instance, “google.com” is a domain name.
The URL “google.com” is associated with the servers owned by Google Inc. The domain name system allows us to reach the Google (website) servers when we type “google.com” into our browsers.

 

IP Address

An IP address is what we call a network addressable location. Each IP address must be unique to the entire internet.
IPv4, the most common form of addresses, are written as four sets of numbers, each set having up to three digits, with each set separated by a dot. For example, “111.222.111.222” could be a valid IPv4 IP address. With DNS, we map a name to that address so that you do not have to remember a complicated set of numbers for each place you wish to visit on a network.
There are so many domains today that IPv4 will soon become inadequate and so IPv6 has been created.

 

Top-Level Domain

A top-level domain, or TLD, is the most general part of the domain. The top-level domain is the furthest portion to the right (as separated by a dot). Common top-level domains are “com”, “net”, “org”, “gov”, and “edu”.
Top-level domains are at the top of the hierarchy in terms of domain names. Certain parties are given management control over top-level domains by ICANN (Internet Corporation for Assigned Names and Numbers). These parties distribute domain names under the TLD, usually through a domain registrar.

 

Hosts

Within a domain, the domain owner can define individual hosts, which refer to separate computers or services accessible through a domain. For instance, most domain owners make their web servers accessible through the bare domain (example.com) and also through the “host” definition “www” (www.example.com).

You can have other host definitions under the general domain. You could have mail access or ftp access by defining a host called “mail”, or “ftp” or “files” (ftp.example.com or files.example.com). The host names can be arbitrary as long as they are unique for the domain.

SubDomain

A subject related to hosts are subdomains.
each domain can control “subdomains” that are located under it. For instance you could have a subdomain for the history department of your school at “www.history.school.edu”. The “history” portion is a subdomain and is a folder at the root of the domain (website), also accessable as www.school.edu/history/
The difference between a host name and a subdomain is that a host defines a computer or resource(entire website), while a subdomain extends the parent domain into parts. It is a method of subdividing the domain itself.

 

Fully Qualified Domain Name

A fully qualified domain name, often called FQDN, is what we call an absolute domain name.
It specifies each parent domain including the TLD. A proper FQDN ends with a dot, indicating the root of the DNS hierarchy. An example of a FQDN is “mail.google.com.”. Sometimes software that calls for FQDN does not require the ending dot, but the trailing dot is required to conform to ICANN standards.

 

Servers

Resolving Name Server

Requesting a domain name lookup:
the requester will be what we call a “resolving name server” A resolving name server is one configured to ask other servers questions. It is basically an intermediary which caches previous query results to improve speed and knows the addresses of the ROOT SERVERS to be able to “resolve” requests made for things it doesn’t already know about.

A person will usually have a few resolving name servers configured on their computer. The resolving name servers are usually provided by an ISP or other organization. For instance Google provides resolving DNS servers that you can query. These can be either configured in your computer automatically or manually.
When you type a URL in the address bar of your browser, your computer first looks to see if it can find out locally where the resource is located. It then sends the request to the “resolving name server”.

 

Root Servers

Root servers handle requests for information about Top-level domains.
These servers are controlled by various organizations and are delegated authority by ICANN (Internet Corporation for Assigned Names and Numbers). There are currently 13 root servers in operation. However, as there are an incredible number of names to resolve every minute, each of these servers is actually mirrored. Interestingly, each of the mirrors for a single root server share the same IP address. When requests are made for a certain root server, the request will be routed to the nearest mirror of that root server.
Example: if a request for “www.wikipedia.org” is made to the root server, it will find a record for the “org” TLD and give the requesting entity the address of the TLD name server responsible for TLD “org” addresses.

TLD Servers

EX: A TLD server will find a record listing the IP address of the Domain-Level name server responsible for “wikipedia.org”.

Domain-Level Name Servers

EX: The Domain-Level name server checks its zone files and it finds that it has a zone file associated with “wikipedia.org”. Inside of this file, there is a record for the “www” host. This record tells the IP address where this host is located. The name server returns the final answer to the requester, the “Resolving Name Server”, which then reports back to your pc and browser.

 

Zone File

A zone file is a simple text file that contains the mappings between domain names and IP addresses. This is how the DNS system finally finds out which IP address should be contacted when a user requests a certain domain name.
It can contain a number of records which define where resources are for the domain in question.

Records

Within a zone file, records are kept. In its simplest form, a record is basically a single mapping between a resource and a name. These can map a domain name to an IP address, define the name servers for the domain, define the mail servers for the domain, etc.

Similarly, the $TTL configures the “time to live” of the information it provides. It is basically a timer. A caching name server can use previously queried results to answer questions until the TTL value runs out.

Record Types

Within the zone file, we can have many different record types. We will go over some of the more common (or mandatory types) here.

SOA Records

The Start of Authority, or SOA, record is a mandatory record in all zone files. It must be the first real record in a file (although $ORIGIN or $TTL specifications may appear above). It is also one of the most complex to understand.

The start of authority record looks something like this:

domain.com. IN SOA ns1.domain.com. admin.domain.com. (
12083 ; serial number
3h ; refresh interval
30m ; retry interval
3w ; exiry period
1h ; negative TTL
)

what each part is for:

domain.com.: This is the root of the zone. This specifies that the zone file is for the domain.com. domain. Often, you’ll see this replaced with @, which is just a placeholder that substitutes the contents of the $ORIGIN variable we learned about above.

IN SOA: The “IN” portion means Internet (and will be present in many records). The SOA is the indicator that this is a Start of Authority record.

ns1.domain.com.: This defines the primary master name server for this domain. Name servers can either be master or slaves, and if dynamic DNS is configured one server needs to be a “primary master”, which goes here. If you haven’t configured dynamic DNS, then this is just one of your master name servers.

admin.domain.com.: This is the email address of the administrator for this zone. A dot is replaced with “@” in the email address. If the name portion of the email address normally has a dot in it, this is replace with a “\” in this part (your.name@domain.com becomes your\name.domain.com).

12083: This is the serial number for the zone file. Every time you edit a zone file, you must increment this number for the zone file to propagate correctly. Slave servers will check if the master server’s serial number for a zone is larger than the one they have on their system. If it is, it requests the new zone file, if not, it continues serving the original file.

3h: This is the refresh interval for the zone. This is the amount of time that the slave will wait before polling the master for zone file changes.

30m: This is the retry interval for this zone. If the slave cannot connect to the master when the refresh period is up, it will wait this amount of time and retry to poll the master.

3w: This is the expiry period. If a slave name server has not been able to contact the master for this amount of time, it no longer returns responses as an authoritative source for this zone.

1h: This is the amount of time that the name server will cache a name error if it cannot find the requested name in this file.

 

A and AAAA Records

Both of these records map a host to an IP address. The “A” record is used to map a host to an IPv4 IP address, while “AAAA” records are used to map a host to an IPv6 address.

The record could look something like this:
ns1 IN A 111.222.111.222
or
ns1.domain.com. IN A 111.222.111.222

tell where the base domain resolves to. We can do this like this:

domain.com. IN A 222.222.222.222
or
@ IN A 222.222.222.222

In most cases, this is where you’ll define your web server as “www”:

www IN A 222.222.222.222

and/or resolving anything under this domain that is not defined explicitly

* IN A 222.222.222.222

CNAME Records

CNAME records define an alias for canonical name for your server
ex:

www.domain.com IN CNAME domain.com
ftp.domain.com IN CNAME domain.com
mail.domain.com IN CNAME domain.com

Be aware that these aliases come with some performance losses because they require an additional query to the server.
One case when a CNAME is recommended is to provide an alias for a resource outside of the current zone.

Usage of CNAME records means that there is an additional request sent to the DNS servers, which can cause a delay of a few milliseconds + seconds in a queue.

You cannot create a CNAME record for a main domain name itself (my2nddomain.com), this must be an A record.
For example, you cannot map my2nddomain.com to mydomain.com, you must map it to the IP address.
However, you can give it the same IP address as

however, you can map google.my2nddomain.com to mydomain.com.
MX or NS (nameserver) records may never point to a CNAME record, only A records.

MX Records

MX records are used to define the mail exchanges that are used for the domain. This helps email messages arrive at your mail server correctly.

Unlike many other record types, mail records generally don’t map a host to something, because they apply to the entire zone. As such, they usually look like this:

IN MX 10 mail.domain.com.
Note that there is no host name at the beginning.

Also note that there is an extra number in there. This is the preference number that helps computers decide which server to send mail to if there are multiple mail servers defined. Lower numbers have a higher priority.

So, let’s say that we have two mail servers. There would have to be records that look something like this:

IN MX 10 mail1.domain.com.
IN MX 50 mail2.domain.com.
mail1 IN A 111.111.111.111
mail2 IN A 222.222.222.222

NS Records

This record type defines the name servers that are used for this zone.

You may be wondering, “if the zone file resides on the name server, why does it need to reference itself?”. Part of what makes DNS so successful is its multiple levels of caching. One reason for defining name servers within the zone file is that the zone file may be actually being served from a cached copy on another name server.

Like the MX records, these are zone-wide parameters, so they do not take hosts either. In general, they look like this:

IN NS ns1.domain.com.
IN NS ns2.domain.com.

You should have at least two name servers defined in each zone file in order to operate correctly if there is a problem with one server. Most DNS server software considers a zone file to be invalid if there is only a single name server.

As always, include the mapping for the hosts with A or AAAA records:

IN NS ns1.domain.com.
IN NS ns2.domain.com.
ns1 IN A 111.222.111.111
ns2 IN A 123.211.111.233

see full articles at
www.digitalocean.com/community/tutorials/an-introduction-to-dns-terminology-components-and-concepts

Comments are closed.

We try to post all comments within 1 business day