An Introduction to DNS and DNS Tools
The domain name system (DNS) hums along behind the scenes and, as with running water, we largely take it for granted. That this system just works is a testament to the hackers who designed and developed DNS and the open-source package called Bind, thereby introducing a scalable Internet to the world. Before DNS and Bind, /etc/hosts was the only way to translate IP addresses to human-friendly hostnames and vice versa.
This article will introduce the concepts of DNS and three commands with which you can examine DNS information: host, dig and nslookup.
The DNS is a distributed, hierarchical database where authority flows from the top (or root) of the hierarchy downward. When Linux Journal registered linuxjournal.com, they got permission from an entity that had authority at the root or top level. The Internet Corporation for Assigned Names and Numbers (ICANN) and a domain name registrar, transferred authority for linuxjournal.com to Linux Journal, which now has the authority to create subdomains such as embedded.linuxjournal.com, without the involvement of ICANN and a domain name registrar.
When trying to understand the structure of the DNS, think of an inverted tree—the very structure of the UNIX filesystem. Each branch of the tree is within a zone of authority; more than one branch of this tree can be within a single zone. Linux Journal could choose to retain authority for embedded.linuxjournal.com, or they could delegate it down the tree to someone else who could make subdomains such as zeus.embedded.linuxjournal.com.
The software (usually Bind) that stores domain name information is called a domain name server. A single name server can be authoritative for multiple zones. All zones have a primary master and a secondary master name server that provides authoritative responses for their zones.
If you query a name server not authoritative for a particular zone, that name server will most likely return the correct information. This is because zone information propagates throughout the Internet, and name servers cache zone information for which they are not authoritative.
When you register a new domain name, transfer your old one to a new host or just make changes to the zone database file, it often takes several days for the new information to propagate completely. During that interim period, nonauthoritative name servers often temporarily cache stale information about your domain name.
You may wonder how you fit into this process when you use the Internet. Well, whenever you use the Web, Telnet, FTP, etc., your software uses the resolver (the client side of the DNS), which is a set of library routines compiled into programs such as Mozilla. When you type www.linuxjournal.com, the resolver sets up the query to the name server that does the work of translating www.linuxjournal.com to 188.8.131.52 so you can get to the web site.
For comprehensive coverage of DNS and DNS commands, read the man pages and get one of the excellent DNS books on the market, such as O'Reilly's DNS and Bind and Sybex's Linux DNS Server Administration.
Zone file database records divide DNS information into three primary types: NS (name server) records, MX (mail exchange) records and A (Address) records. NS records indicate the name servers. MX records indicate the hosts that handle e-mail delivery; the priority (pri) number indicates the order in which mail servers are used, with the lowest number receiving the highest priority. The A (Address) records map hostnames to IP addresses, the real names of machines.
This is the simplest of the DNS commands. It is a quick way to determine the IP address of a hostname:
host www.linuxjournal.com www.linuxjournal.com has address 184.108.40.206 www.linuxjournal.com mail is handled (pri=80) by www.ssc.com www.linuxjournal.com mail is handled (pri=10) by mail.ssc.com www.linuxjournal.com mail is handled (pri=40) by cascadia.a42.com
The -a option will return all of the DNS information in verbose format, as seen in Listing 1.
Now that you know the IP address for www.linuxjournal.com, you might want to make sure the reverse lookup works. The reverse lookup checks to see if the reverse zone file maps the IP address to the hostname:
host 220.127.116.11 18.104.22.168.IN-ADDR.ARPA domain name pointer www.linuxjournal.com
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- BitTorrent Inc.'s Sync
- The Death of RoboVM
- The Humble Hacker?
- Open-Source Project Secretly Funded by CIA
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- New Container Image Standard Promises More Portable Apps
- The US Government and Open-Source Software
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide