Lesson 16: DNS
Homepage | Content | Slides | Video |
Warning
This lesson is under construction. Use it for learning purposes at your own peril.
If you have any feedback, please fill out our General Feedback Survey.
Homepage | Content | Slides | Video |
Warning
This lesson is under construction. Use it for learning purposes at your own peril.
If you have any feedback, please fill out our General Feedback Survey.
What DNS Solves.
History Lesson
DNS Records
- A
- MX
- NS
- SOA
- CNAME
- NXDOMAIN
Root / The Thirteen
devopsbootcamp.osuosl.org ===(DNS)===> 140.211.15.183
HOSTS.TXT circa 1977:
MIT 1
Yale 2
Harvard 3
ATT 4
...
HOSTS.TXT a few years later:
...
joeBillson 14895
susan-gill 15832
...
Acronym | Name |
A, AAAA | IP Addresses |
MX | SMTP Mail Exchangers |
NS | Name Servers |
SOA | DNS Zone Authority |
PTR | Pointers for Reverse DNS Lookups |
CNAME | Domain Name Aliases |
The A record is used to map an IP address to a domain name. This is as close to a 'regular' record as you can get.
osuosl.org. 300 IN A 140.211.15.183
The MX record is for tracking mail servers.
osuosl.org. 3600 IN MX 5 smtp3.osuosl.org.
osuosl.org. 3600 IN MX 5 smtp4.osuosl.org.
osuosl.org. 3600 IN MX 5 smtp1.osuosl.org.
osuosl.org. 3600 IN MX 5 smtp2.osuosl.org.
Servers with a NS record are allowed to speak with authority on a domain and DNS requests.
osuosl.org. 86258 IN NS ns1.auth.osuosl.org.
osuosl.org. 86258 IN NS ns2.auth.osuosl.org.
osuosl.org. 86258 IN NS ns3.auth.osuosl.org.
SOA is the record for proving authority over a site or zone.
osuosl.org. 86400 IN SOA ns1.auth.osuosl.org. ...
CNAME is an record for aliasing old names to redirect to new names.
bar.example.com. 86400 IN CNAME foo.example.com
Tells you there is no answer to a query:
Host something.invalid.osuosl.org not found: 3(NXDOMAIN)
Some ISPs and others never serve NXDOMAINS, instead they point you at themselves.
$ dig ns .
;; ANSWER SECTION:
. 512297 IN NS i.root-servers.net.
. 512297 IN NS e.root-servers.net.
. 512297 IN NS d.root-servers.net.
. 512297 IN NS j.root-servers.net.
. 512297 IN NS b.root-servers.net.
. 512297 IN NS a.root-servers.net.
. 512297 IN NS f.root-servers.net.
. 512297 IN NS h.root-servers.net.
. 512297 IN NS g.root-servers.net.
. 512297 IN NS c.root-servers.net.
. 512297 IN NS m.root-servers.net.
. 512297 IN NS k.root-servers.net.
. 512297 IN NS l.root-servers.net.
dig is a command-line tool for performing DNS lookups.
Syntax:
dig @server name type
Examples:
dig @ns1.osuosl.org osuosl.org A
First we query a NS record for .:
$ dig ns .
;; QUESTION SECTION:
;. IN NS
;; ANSWER SECTION:
. 518400 IN NS i.root-servers.net.
. 518400 IN NS a.root-servers.net.
. 518400 IN NS l.root-servers.net.
. 518400 IN NS f.root-servers.net.
. 518400 IN NS b.root-servers.net.
etc...
Next we query NS for org.:
$ dig ns com. @a.root-servers.net
;; QUESTION SECTION:
;org. IN NS
;; AUTHORITY SECTION:
org. 172800 IN NS a0.org.afilias-nst.info.
org. 172800 IN NS a2.org.afilias-nst.info.
etc...
;; ADDITIONAL SECTION:
a0.org.afilias-nst.info. 172800 IN A 199.19.56.1
etc...
Next we query NS for osuosl.org.:
$ dig ns osuosl.org. @199.19.56.1
;; QUESTION SECTION:
;osuosl.org. IN NS
;; AUTHORITY SECTION:
osuosl.org. 86400 IN NS ns3.auth.osuosl.org.
osuosl.org. 86400 IN NS ns2.auth.osuosl.org.
osuosl.org. 86400 IN NS ns1.auth.osuosl.org.
;; ADDITIONAL SECTION:
ns1.auth.osuosl.org. 86400 IN A 140.211.166.140
ns2.auth.osuosl.org. 86400 IN A 140.211.166.141
ns3.auth.osuosl.org. 86400 IN A 216.165.191.53
Next we query A for osuosl.org.:
$ dig a osuosl.org. @140.211.166.140
;; QUESTION SECTION:
;osuosl.org. IN A
;; ANSWER SECTION:
osuosl.org. 300 IN A 140.211.15.183
;; AUTHORITY SECTION:
osuosl.org. 86400 IN NS ns1.auth.osuosl.org.
osuosl.org. 86400 IN NS ns2.auth.osuosl.org.
osuosl.org. 86400 IN NS ns3.auth.osuosl.org.
;; ADDITIONAL SECTION:
ns1.auth.osuosl.org. 86400 IN A 140.211.166.140
ns2.auth.osuosl.org. 86400 IN A 140.211.166.141
ns3.auth.osuosl.org. 3600 IN A 216.165.191.53
Can you traverse the DNS tree to get to these websites? Give it a try!
- github.com
- web.archive.org
- en.wikipedia.org