Introduction to DNS

Hi rene

the way of your teaching and explanation is awesome , and easy to understand everyone…
keep posted topics like this , looking for some security related stuffs as well…

Regards
Renjith P Mathew

1 Like

Hi Renjith,

Good to hear you like it! What security topics are you looking for?

Rene

Hi rene
Looking for CCNA security level…

Hi Renjith,

I have many tutorials that describe the CCNA security topics but right now I don’t have a specific page with everything in order. Once I’m done with all the MPLS, multicast and QoS tutorials then I’ll make a complete course for it.

Rene

Hi Rene, i would likr to know why in the example of openning the Web page… the DNS request use UDP instead TCP?
Thank you

Hi Raul,

DNS supports both UDP and TCP but we typically only use TCP for zone transfers.

One of the advantages of UDP is that it’s faster since it’s connectionless. A DNS server doesn’t have to establish a TCP connection with each client that does a DNS request. With UDP, it just gets a DNS request, sends a response and it’s done.

Rene

Hey Rene,

It’d be great if you can give some detailed insight on how a DNS query is resolved. Maybe an example would help.

Cheers !

Kunj

Hi Kunj,

Would you like to see a packet capture of a query/response or do you mean how the lookup is done from client to DNS server 1 > DNS server 2, etc.?

Rene

Hi Rene,

Can you explain different DNS record types and zones please.

Hi INderpreet,

DNS allows us to use zones. A zone stores information about the domain. When you register a domain name, you have to tell the register which DNS servers you want to use for your domain name.

On the DNS server that is responsible for your domain (zone) you can create different records.

Let me give you a short overview of the different records:

  • A: the A record is used to store the IP address of a name. For example, 149.210.239.44 refers to "networklessons.com".
  • AAAA: this is the same as the A record but it's used for IPv6 addresses.
  • CNAME: the CNAME record is an alias for an A record. For example, I could use CNAME www.networklessons.com as an alias for networklessons.com.
  • MX: the MX record is used to store the hostname for the mailserver. For example, I could use this to tell that mail.networklessons.com is the mail server for this domain name. You will need an A record for mail.networklessons.com.

Rene

Hi Rene,

Can you explain why do we need /etc/hosts file. What happens if we do not have any entries in it?

Hi Shree Kumar,

The hosts file is used for static IP to HOSTNAME mappings. Normally it is used to configure the hostname of the local computer.

For all other IP-to-HOSTNAME lookups, we use a DNS server. Any application that requires the local hostname might fail if your hosts file is empty.

Rene

Rene,

Can you explain the steps a computer takes when it’s behind a switch, that’s behind a router, when it sends a request to reach http://google.com? I’m talking DNS, ARP, routing, and what order they happen? Just as much detail as possible. I am trying to figure out the order of operations.

Thank you!

Hi Shawn O,

In case your PC doesn’t have the MAC address of the gateway IP (which is the internal interface of the router) inside its ARP table, then It will issue an ARP request. With the ARP request, it will receive the MAC address from the router so it can start sending the packet. You can check this on the PC by going to the command line and typing the command “arp -a”

Then the packet will go to the router who in turn send it to the ISP DNS Server for the IP to domain name mapping. Once the IP of google.com is known, then the route of the packet happens to reach the web Server of google.

Hope I could answer your question.

Hi Maher,

How does this PC know that the request to reach http://google.com needs to send to the ISP DNS server instead of the local DNS server?
How does this PC know the IP address of the ISP DNS server?

Thanks,
Whijoon Yim,

Hi @whijoon

On your computer, you have to configure the DNS server manually or you receive it through the DHCP server:

You could configure the DNS server of your ISP or anything else (8.8.8.8 is Google DNS).

It’s also possible that you see the IP address of your local router here. Most SOHO routers will act as a “proxy” / simple DNS server for your computers. When it receives a DNS request, it will forward it to the ISP DNS servers to figure out the IP address that belongs to the hostname. This is then returned to the computer.

1 Like

e.root-servers.net.
f.root-servers.net.
k.root-servers.net.
a.root-servers.net.
d.root-servers.net.
g.root-servers.net.
i.root-servers.net.
j.root-servers.net.
b.root-servers.net.
l.root-servers.net.
h.root-servers.net.
c.root-servers.net.
m.root-servers.net.

Please help me to understand this !

Hi Pratap,

This is a list of the DNS root servers:

https://www.iana.org/domains/root/servers

The root servers answer requests for the root zone which contains all top-level domains (TLD) like .com, .net, etc.

You can take a closer look at each of these here:

https://root-servers.org/

Here is an example (without caching):

  • From your computer, you do a lookup for networklessons.com.
  • Your computer forwards the request to the ISP DNS server.
  • If the ISP DNS server doesn’t have an answer, it queries one of the root servers to ask which DNS servers are responsible for the .com TLD.
  • The ISP DNS server sends a request to the .com TLD name server.
  • The .com TLD name server answers which authoritative server is responsible for the networklessons.com domain name.
  • The ISP DNS server now asks the authoritative server for the IP address of networklessons.com and gets the IP address.
  • The ISP DNS answers your computer with the IP address.

As you can see, these root servers are important. Hope this helps!

Rene

Hello if you creat your own DNS server on your router with the #ip host [name] [ip adress].

for example
#ip host [bob1] [20.0.0.1]

But if I type the command no ip domain-lookup im still able to type #ping bob1 and the ping works. The ip adress 20.0.0.1 is on a remote network.

I beleve that no ip domain-lookup turns off the ability for the router to look up and resolve domain names. But in this case it does not?

Why?

Regards Lars

Hello Lars

The ip host command is used to define static hostname to IP address mappings in the DNS hostname cache of the local device. This means that any time a domain name is used instead of an IP address, that mapping will be checked first, before any external DNS, if configured. This is kind of analogous to the “hosts” file found in Windows systems.

By typing the command no ip domain-lookup, you are disabling the lookup on an external DNS server, however, you are not disabling the lookup in the statically defined mappings. According to the following Cisco documentation:

In order to use this service to map domain names to IP addresses, you must specify a name server.

So a prerequisite to the mappings functioning is that a name server be specified, even if the domain lookup is disabled.

I hope this has been helpful!

Laz

1 Like