DNS Related Questions

                    

Some DNS Related Questions

 

 How DNS resolution works?

A client application requests an IP address from the nameserver usually by connecting to UDP port 53. The nameserver will attempt to resolve the FQDN based on its resolver library, which may contain authoritative information about the host requested or cached data about that name from an earlier query.

If the nameserver does not already have the answer in its resolver library, it will turn to root nameservers, to determine which nameservers are authoritative for the FQDN in question. Then, with that information, it will query the authoritative nameservers for that name to determine the IP address.

What is FQDN and a secondary nameserver?

FQDN of a host can be broken down into sections organized in a tree hierarchy. Except for the hostname, every section divided by “.” is a called a zone.

Zones are defined on authoritative nameservers in zone files. Zone files are stored on primary nameservers (also called master nameservers), which are truly authoritative and where changes are made to the files.

Secondary nameservers (also called slave nameservers) receive their zone files from the primary nameservers. Any nameserver can be a primary and secondary nameserver for different zones at the same time, and they may also be considered authoritative for multiple zones. It all depends on the nameserver’s particular configuration.

Every second level domain should have one primary and one secondary nameserver running on different physical machines for redundancy.

There are four nameserver configuration types:

master — Stores original and authoritative zone records for a certain zone, answering questions from other nameservers searching for answers concerning that namespace.

slave — Also answers queries from other nameservers concerning namespaces for which it is considered an authority. However, slave nameservers get their namespace information from master nameservers via a zone transfer, where the slave sends the master a NOTIFY request for a particular zone and the master responds with the information, if the slave is authorized to receive the transfer.

caching-only — Offers name to IP resolution services but is not authoritative for any zones. Answers for all resolutions are usually cached in a database stored in memory for a fixed period of time, usually specified by the retrieved zone record, for quicker resolution for other DNS clients after the first resolution.

forwarding — Forwards requests to a specific list of nameservers to be resolved. If none of the specified nameservers can perform the resolution, the process stops and the resolution fails.

What are ZONE files?

Zone files contain information about a particular namespace. Zone files are stored in /var/named working directory. Each zone file is named according to the file option data in the zone statement, usually in a way that relates to the domain in question and identifies the file as containing zone data, such as example.com.zone.

Each zone file may contain directives and resource records. Directives tell the nameserver to do a certain thing or apply a special setting to the zone. Resource records define the parameters of the zone, assigning an identity within the zone’s namespace to particular systems. Directives are optional, but resource records are required to provide nameservice to that zone. All directives and resource records should go on their own lines.

$ vi /var/named/zones/llc.com.db
llc.com. IN SOA dns1.llc.com. root.dns1.llc.com. (
001 ; serial
1H ; refresh
15M ; retry
1W ; expiry
1H ; ttl
)
@ IN NS dns1
dns1 IN A 192.168.2.5
@ IN A 192.168.2.5
www IN CNAME dns1
redhat.llc.com. IN NS dns1.redhat.llc.com.
dns1.redhat.llc.com. IN A 192.168.2.10
$ vi /var/named/zones/2.168.192.db
llc.com. IN SOA dns1.llc.com. root.dns1.llc.com. (
001 ; serial
1H ; refresh
15M ; retry
1W ; expiry
1H ; ttl
)
@ IN NS dns1
5 IN PTR dns1.llc.com.

What is an MX record?

MX record allows you to numerically rank the email servers you would prefer to receive email for this namespace, giving preference to some email systems over others. The MX resource record with the lowest is preferred over the others, but you can set multiple email servers with the same value to distribute email traffic between them.

IN MX 10 mail.domain.com.
IN MX 20 mail2.domain.com.