DNS and BIND
DNS is an acronym for Domain Name System. DNS organizes the Internet into a
hierarchy of domains, providing a system to resolve easy to remember host and domain names to
their IP address. An example of this is typing
www.google.com into a browser and having the
google web page come up. Another example is using
ping [hostname] command instead of
ping [IP address] command.
These are both examples of forward lookups. DNS also provides reverse lookups, which is resolving
hostnames when given an IP address. Reverse lookups are handy for web sites tracking users, tools
ping, checking the reverse DNS records of email addresses, which can be
useful against fighting spam, and so on. The Domain Name System also solves name uniqueness problems
on networks: a hostname only needs to be unique to the domain or organization, not the entire
The top of the DNS hierarchy is a "dot", which is the root domain. The root domain holds together all domains underneath it. Below the root domain are the familiar com's, edu's, net's, and so on. These are called global Top Level Domains (gTLD). Below gTLDs are subdomains, for example, google.com.
When working with DNS you will hear about zones, which are basically a group of machines within a domain. Every period in a DNS name indicates a point where authority can be delegated, so you can think of a zone as part of the DNS namespace: with australia.test.com, australia is a zone in the test.com domain. There is debate on the correction definition of a zone.
In most cases a DNS query is sent when you need the IP address of a hostname. The following example will use the host testhost, and the domain testdomain.com. The process is as follows:
- if the DNS server you are using is using cache facilities, the cache is first checked for any information about testhost.testdomain.com. If an A record for testhost.testdomain.com is found, the process is complete.
- if no information about testhost.testdomain.com exists in cache, the cache is then checked for any information on testdomain.com. This process continues, taking away parts of the DNS namespace from left to right.
- when the query reaches the end of com, a query for testhost.testdomain.com is sent to a root level nameserver. The root level name server refers you to a nameserver in the .com domain, which will know more about the query for testhost.testdomain.com
- the .com level nameserver refers you to a testdomain.com level nameserver. The testdomain.com level nameserver will contain the A record (IP address) for the testhost.testdomain.com system.
Types of DNS Queries
There are three types of queries you can send to a DNS server: recursive, iterative, and inverse:
- recursive: DNS server will provide the full answer by following all referrals.
- iterative: non-recursive. The DNS server first checks its cache. If it is not found, a referral is sent to the resolve on your system. Most local resolves are stub resolvers, which means they can not follow referrals. Therefore you should have at least one nameserver in
/etc/resolv.confthat can provide recursive queries.
- inverse: inverse queries map a resource record to a domain.
Types of DNS Servers
- Master: holds zone fails for the domain it is authoritative for. DNS is not owned by one central organizing, instead authority is delegated so that everyone running a domain, or a zone, has control over their DNS.
- Salve: downloads zone information from Master DNS servers. Slave servers will reply with an authoritative answer as long as the information was not from its cache.
- Advertising: only serves information for the zone it is authoritative for. Does not provide recursive queries. An advertising server will not be able to resolve any queries outside the domain it is configured for.
- Cache-only: uses a root hints zone file to provide recursive queries. A cache-only server does not hold authoritative information or serve a domain.