• Home
• Syllabus
• Schedule
• Connect
• Checkin
• Homework
  • HW0
  • HW1
  • HW2
  • HW3
  • HW4
  • HW5
  • HW6
  • HW7
• Piazza
• Slides
• Other Info

See this page as a slide show

CT320 DNS

The Problem

• People use names like www.mylittlepony.com.
• Computers uses IP addresses like 203.0.113.44
• How to translate from one to the other?

The Solution

Solution: The Domain Name System

• Application-layer protocol to resolve names
  • convert names like www.mylittlepony.com into IP addresses like 203.0.113.44
  • can use either TCP or UDP packets
• Distributed database implemented in hierarchy of many name servers
• First step in nearly every networky application:
  • Use DNS to convert a name into an IP address

DNS Development

$ grep '129.82.44.1[3-7][0-9]' /etc/hosts
129.82.44.130	austin.cs.colostate.edu austin
129.82.44.131	baton-rouge.cs.colostate.edu baton-rouge
129.82.44.132	bismarck.cs.colostate.edu bismarck
129.82.44.133	boise.cs.colostate.edu boise
129.82.44.134	boston.cs.colostate.edu boston
129.82.44.135	carson-city.cs.colostate.edu carson-city
129.82.44.136	charleston.cs.colostate.edu charleston
129.82.44.137	cheyenne.cs.colostate.edu cheyenne
129.82.44.138	columbia.cs.colostate.edu columbia
129.82.44.139	columbus-oh.cs.colostate.edu columbus-oh
129.82.44.140	concord.cs.colostate.edu concord
129.82.44.141	denver.cs.colostate.edu denver
129.82.44.142	des-moines.cs.colostate.edu des-moines
129.82.44.143	dover.cs.colostate.edu dover
129.82.44.144	frankfort.cs.colostate.edu frankfort
129.82.44.145	harrisburg.cs.colostate.edu harrisburg
129.82.44.146	hartford.cs.colostate.edu hartford
129.82.44.147	helena.cs.colostate.edu helena
129.82.44.148	honolulu.cs.colostate.edu honolulu
129.82.44.149	indianapolis.cs.colostate.edu indianapolis
129.82.44.150	jackson.cs.colostate.edu jackson
129.82.44.151	jefferson-city.cs.colostate.edu jefferson-city
129.82.44.152	juneau.cs.colostate.edu juneau
129.82.44.153	lansing.cs.colostate.edu lansing
129.82.44.154	lincoln.cs.colostate.edu lincoln
129.82.44.155	little-rock.cs.colostate.edu little-rock
129.82.44.156	madison.cs.colostate.edu madison
129.82.44.157	montgomery.cs.colostate.edu montgomery
129.82.44.158	montpelier.cs.colostate.edu montpelier
129.82.44.159	nashville.cs.colostate.edu nashville
129.82.44.160	oklahoma-city.cs.colostate.edu oklahoma-city
129.82.44.161	olympia.cs.colostate.edu olympia
129.82.44.162	phoenix.cs.colostate.edu phoenix
129.82.44.163	pierre.cs.colostate.edu pierre
129.82.44.164	providence.cs.colostate.edu providence
129.82.44.165	raleigh.cs.colostate.edu raleigh
129.82.44.166	richmond.cs.colostate.edu richmond
129.82.44.167	sacramento.cs.colostate.edu sacramento
129.82.44.168	saint-paul.cs.colostate.edu saint-paul
129.82.44.169	salem.cs.colostate.edu salem
129.82.44.170	salt-lake-city.cs.colostate.edu salt-lake-city
129.82.44.171	santa-fe.cs.colostate.edu santa-fe
129.82.44.172	springfield.cs.colostate.edu springfield
129.82.44.173	tallahassee.cs.colostate.edu tallahassee
129.82.44.174	topeka.cs.colostate.edu topeka
129.82.44.175	trenton.cs.colostate.edu trenton
129.82.44.176	washington-dc.cs.colostate.edu washington-dc
129.82.44.177	acorn.cs.colostate.edu acorn
129.82.44.178	almond.cs.colostate.edu almond
129.82.44.179	lang.cs.colostate.edu lang

An Early Centralized System:

• Initially created as a “hosts.txt” file
• Each line in the file listed the hostname and corresponding IP address
• Distant centralized database
• Need one entry for every Internet host!
  • When host changes IP, notify central repository

DNS Development

DNS Today

• Distributed organization
• Still provides hostname to IP address mapping
• Also provides:
  • Host aliasing
    • www.colostate.edu is an alias for another machine
  • Mail server identification
    • cs.colostate.edu mail server doesn’t handle its own mail
  • Load distribution
  • Phone numbers, host locations, service records, …

Examples

www.colostate.edu is just an alias:

$ host www.colostate.edu
www.colostate.edu is an alias for 1weufa17x3uh.wpeproxy.com.
1weufa17x3uh.wpeproxy.com has address 141.193.213.21
1weufa17x3uh.wpeproxy.com has address 141.193.213.20

Similarly, cs.colostate.edu is an alias, and it doesn’t handle its own mail:

$ host cs.colostate.edu
cs.colostate.edu has address 129.82.45.48
cs.colostate.edu mail is handled by 0 cs-colostate-edu.mail.protection.outlook.com.
cs.colostate.edu mail is handled by 20 chico.cs.colostate.edu.

Domain Name Service Data

A typical host name: “denver.cs.colostate.edu.” is a Fully Qualified Domain Name (FQDN) made up of parts:

• “denver” = Hostname
• “cs.colostate.edu.” = domain name
• “cs.colostate.edu.” = a subdomain of “colostate.edu.” which is a subdomain of “edu.”
• “edu.” is a Top Level Domain (TLD)
• “.” = the root of DNS data and technically all DNS names should end in “.” but is typically left out.

Domain Name Space

A partial DNS hierarchy

                    root
                      │
           ┌──────────┼───────┬───────┐
           │          │       │       │
          edu        com     mil     se
           │          │       │       │
         ┌─┴────┐     │       │       │
         │      │     │       │       │
    colostate  mit    hp      │      mil
         │                    │
     ┌───┼────┐             ┌─┴──┐
     │   │    │             │    │
    engr cs  www           af  navy
         │                  │
     ┌───┴────┐             │
     │        │             │
    www     denver       buckley

DNS Organization

                 root
                   │
           ┌───────┼────┬────┐
          edu     com  mil  se
         ┌─┴────┐  │    │    │
    colostate  mit hp   │   mil
     ┌───┼────┐       ┌─┴──┐
    engr cs  www     af  navy
     ┌───┴────┐       │
    www     denver buckley

• Data organized as tree structure.
  • Each zone is authoritative for its local data.
• Each zone operates a set of name servers that contain the zone data (in NS records).
  • Change to host.cs.colostate.edu is entered at cs.colostate.edu servers.
• Tree structure directs queries to the appropriate name server.
  • Root knows how to reach edu
  • Edu knows how to reach colostate.edu

DNS Query and Response

┌────────┐
│ Home   │
│ laptop │
│        │
└────────┘

My laptop’s browser wants the IP address of www.colostate.edu.

Step 1

┌────────┐                           ┌────────┐
│ Home   │--“www.colostate.edu?”(1)-▷│ Home   │
│ laptop │                           │ router │
│        │                           │        │
└────────┘                           └────────┘

My laptop doesn’t know the IP address, so it asks its smart friend, my home router, which functions as a DNS server.

Step 2

┌────────┐                           ┌────────┐
│ Home   │--“www.colostate.edu?”(1)-▷│ Home   │--“www.colostate.edu?”(2)┐
│ laptop │                           │ router │                         │
│        │                           │        │                         │
└────────┘                           └────────┘                         │
                                                                        ▽
                                                           ┌─────────────┐
                                                           │             │
                                                           │             │
                                                           │             │
                                                           │             │
                                                           │   Comcast   │
                                                           │     DNS     │
                                                           │   server    │
                                                           │             │
                                                           │             │
                                                           │             │
                                                           │             │
                                                           └─────────────┘

The DNS server inside my router doesn’t know, either, so it asks its smart friend, the Comcast DNS server I was told to use.

Step 3

┌────────┐                           ┌────────┐
│ Home   │--“www.colostate.edu?”(1)-▷│ Home   │--“www.colostate.edu?”(2)┐
│ laptop │                           │ router │                         │
│        │                           │        │                         │
└────────┘                           └────────┘                         │
                                                                        ▽
                                                           ┌─────────────┐
┌────────────────────┐◁----“www.colostate.edu?”(3)---------│             │
│ j.root-servers.net │                                     │             │
└────────────────────┘                                     │             │
                                                           │             │
                                                           │   Comcast   │
                                                           │     DNS     │
                                                           │   server    │
                                                           │             │
                                                           │             │
                                                           │             │
                                                           │             │
                                                           └─────────────┘

The Comcast server DNS doesn’t know, either, so it asks a random root DNS server.

Step 4

┌────────┐                           ┌────────┐
│ Home   │--“www.colostate.edu?”(1)-▷│ Home   │--“www.colostate.edu?”(2)┐
│ laptop │                           │ router │                         │
│        │                           │        │                         │
└────────┘                           └────────┘                         │
                                                                        ▽
                                                           ┌─────────────┐
┌────────────────────┐◁----“www.colostate.edu?”(3)---------│             │
│ j.root-servers.net │                                     │             │
└────────────────────┘-----“Ask c.edu-servers.net”(4)-----▷│             │
                                                           │             │
                                                           │   Comcast   │
                                                           │     DNS     │
                                                           │   server    │
                                                           │             │
                                                           │             │
                                                           │             │
                                                           │             │
                                                           └─────────────┘

The root DNS server doesn’t know the IP address, but it knows who handles the .edu domain.

Step 5

┌────────┐                           ┌────────┐
│ Home   │--“www.colostate.edu?”(1)-▷│ Home   │--“www.colostate.edu?”(2)┐
│ laptop │                           │ router │                         │
│        │                           │        │                         │
└────────┘                           └────────┘                         │
                                                                        ▽
                                                           ┌─────────────┐
┌────────────────────┐◁----“www.colostate.edu?”(3)---------│             │
│ j.root-servers.net │                                     │             │
└────────────────────┘-----“Ask c.edu-servers.net”(4)-----▷│             │
                                                           │             │
┌────────────────────┐◁----“www.colostate.edu?”(5)---------│   Comcast   │
│ c.edu-servers.net  │                                     │     DNS     │
└────────────────────┘                                     │   server    │
                                                           │             │
                                                           │             │
                                                           │             │
                                                           │             │
                                                           └─────────────┘

The Comcast DNS server asks the .edu DNS server to resolve www.colostate.edu.

Step 6

┌────────┐                           ┌────────┐
│ Home   │--“www.colostate.edu?”(1)-▷│ Home   │--“www.colostate.edu?”(2)┐
│ laptop │                           │ router │                         │
│        │                           │        │                         │
└────────┘                           └────────┘                         │
                                                                        ▽
                                                           ┌─────────────┐
┌────────────────────┐◁----“www.colostate.edu?”(3)---------│             │
│ j.root-servers.net │                                     │             │
└────────────────────┘-----“Ask c.edu-servers.net”(4)-----▷│             │
                                                           │             │
┌────────────────────┐◁----“www.colostate.edu?”(5)---------│   Comcast   │
│ c.edu-servers.net  │                                     │     DNS     │
└────────────────────┘-----“Ask dns1.colostate.edu”(6)----▷│   server    │
                                                           │             │
                                                           │             │
                                                           │             │
                                                           │             │
                                                           └─────────────┘

The .edu DNS server knows several authoritative DNS servers for .colostate.edu.

Step 7

┌────────┐                           ┌────────┐
│ Home   │--“www.colostate.edu?”(1)-▷│ Home   │--“www.colostate.edu?”(2)┐
│ laptop │                           │ router │                         │
│        │                           │        │                         │
└────────┘                           └────────┘                         │
                                                                        ▽
                                                           ┌─────────────┐
┌────────────────────┐◁----“www.colostate.edu?”(3)---------│             │
│ j.root-servers.net │                                     │             │
└────────────────────┘-----“Ask c.edu-servers.net”(4)-----▷│             │
                                                           │             │
┌────────────────────┐◁----“www.colostate.edu?”(5)---------│   Comcast   │
│ c.edu-servers.net  │                                     │     DNS     │
└────────────────────┘-----“Ask dns1.colostate.edu”(6)----▷│   server    │
                                                           │             │
┌────────────────────┐◁----“www.colostate.edu?”(7)---------│             │
│ dns1.colostate.edu │                                     │             │
└────────────────────┘                                     │             │
                                                           └─────────────┘

The Comcast DNS server asks dns1.colostate.edu to resolve the name.

Step 8

┌────────┐                           ┌────────┐
│ Home   │--“www.colostate.edu?”(1)-▷│ Home   │--“www.colostate.edu?”(2)┐
│ laptop │                           │ router │                         │
│        │                           │        │                         │
└────────┘                           └────────┘                         │
                                                                        ▽
                                                           ┌─────────────┐
┌────────────────────┐◁----“www.colostate.edu?”(3)---------│             │
│ j.root-servers.net │                                     │             │
└────────────────────┘-----“Ask c.edu-servers.net”(4)-----▷│             │
                                                           │             │
┌────────────────────┐◁----“www.colostate.edu?”(5)---------│   Comcast   │
│ c.edu-servers.net  │                                     │     DNS     │
└────────────────────┘-----“Ask dns1.colostate.edu”(6)----▷│   server    │
                                                           │             │
┌────────────────────┐◁----“www.colostate.edu?”(7)---------│             │
│ dns1.colostate.edu │                                     │             │
└────────────────────┘-----“It is 129.82.103.106”(8)------▷│             │
                                                           └─────────────┘

The dns1.colostate.edu DNS server, on the CSU campus, replies with the IP address.

Step 9

┌────────┐                           ┌────────┐
│ Home   │--“www.colostate.edu?”(1)-▷│ Home   │--“www.colostate.edu?”(2)┐
│ laptop │                           │ router │                         │
│        │                           │        │◁--“129.82.103.106”(9)   │
└────────┘                           └────────┘                     △   │
                                                                    │   ▽
                                                           ┌─────────────┐
┌────────────────────┐◁----“www.colostate.edu?”(3)---------│             │
│ j.root-servers.net │                                     │             │
└────────────────────┘-----“Ask c.edu-servers.net”(4)-----▷│             │
                                                           │             │
┌────────────────────┐◁----“www.colostate.edu?”(5)---------│   Comcast   │
│ c.edu-servers.net  │                                     │     DNS     │
└────────────────────┘-----“Ask dns1.colostate.edu”(6)----▷│   server    │
                                                           │             │
┌────────────────────┐◁----“www.colostate.edu?”(7)---------│             │
│ dns1.colostate.edu │                                     │             │
└────────────────────┘-----“It is 129.82.103.106”(8)------▷│             │
                                                           └─────────────┘

The Comcast DNS server sends the IP address to my home router.

Step 10

┌────────┐                           ┌────────┐
│ Home   │--“www.colostate.edu?”(1)-▷│ Home   │--“www.colostate.edu?”(2)┐
│ laptop │                           │ router │                         │
│        │◁--“129.82.103.106”(10)----│        │◁--“129.82.103.106”(9)   │
└────────┘                           └────────┘                     △   │
                                                                    │   ▽
                                                           ┌─────────────┐
┌────────────────────┐◁----“www.colostate.edu?”(3)---------│             │
│ j.root-servers.net │                                     │             │
└────────────────────┘-----“Ask c.edu-servers.net”(4)-----▷│             │
                                                           │             │
┌────────────────────┐◁----“www.colostate.edu?”(5)---------│   Comcast   │
│ c.edu-servers.net  │                                     │     DNS     │
└────────────────────┘-----“Ask dns1.colostate.edu”(6)----▷│   server    │
                                                           │             │
┌────────────────────┐◁----“www.colostate.edu?”(7)---------│             │
│ dns1.colostate.edu │                                     │             │
└────────────────────┘-----“It is 129.82.103.106”(8)------▷│             │
                                                           └─────────────┘

My home router tells my laptop the IP address.

Caching

That was the worst case. Really, caching occurs at all levels:

• my browser
• my laptop
• my router
• the Comcast DNS server
• the edu server
• the colostate.edu server

Caching

• I expect that the local Comcast DNS server will pretty much always know the IP address for colostate.edu. It’s in Fort Collins—some CSU student must access colostate.edu often enough to keep the address in its cache.
• Further, once my router’s DNS server learns the IP addr, it’ll remember it.
• Further, once my laptop learns the IP addr, it’ll remember it.

But, for how long?

Redundancy

Multiple servers for each zone in case any one server fails:

• 13 root servers
  • That is, 13 IP addresses. Each has multiple hardware backing it, using IP anycast.
• 13 edu servers
• 5 colostate.edu servers

Querying

• Sometimes, it’s recursive
• Sometimes, it’s not
• Sometimes, it’s “ask the next smarter server”
• Sometimes, it’s not

Types of DNS Servers

• Authoritative DNS servers:
  • Every DNS zone must be assigned a set of authoritative name servers (information contained in NS record of parent zone)
  • Provide authoritative records for a particular zone (eg colostate.edu, cisco.com, edu, uk, etc)
  • Can be maintained by organization or service provider
  • Top-level domain (TLD) servers:
• Authoritative servers responsible for com, org, net, edu, etc, and all top-level country domains uk, fr, ca, jp.
• Network solutions maintains servers for com TLD
• Educause for edu TLD
• Caching Servers
  • Accept queries for end hosts, lookup requested data, and cache answers for later replies.

Types of Queries

Recursive query:

• Puts burden of name resolution on contacted name server
• Heavy load on the name server, but less network traffic.
• In the example above, the Comcast DNS server handles recursive queries.

Iterated query:

• Contacted server replies with name of server to contact
• “I don’t know this name, but ask this server”
  • It might be that the other server really knows
  • It might be that the other server is just smarter than this one

Iterated/Recursive Clerks

Typical trip to a hardware store:

Ideal trip to a hardware store:

Either system works, I suppose.

DNS Caching

• Local caching name server saves results:
  • Cache entries timeout (disappear) after some time
  • TLD servers typically cached in local name servers
• Thus root name servers not often visited
• DNS changes are slow to propagate

DNS Record Types: SOA

The Start of Authority (SOA) record defines global parameters for a “zone”:

• Time To Live (TTL) — number of seconds records may be cached.
• Primary DNS server — FQDN of an authoritative DNS server.
• Email Addr — Contact info for domain. e.g., dnsadmin.colostate.edu.
• Serial number — Updated when data changes; used for replication.
• Refresh — Interval in seconds a secondary tries to refresh zone data.
• Retry — Interval in seconds between refresh attempts after failure.
• Expiry — Interval in seconds secondary data is valid without refresh.

DNS Record Types: SOA (cont.)

DNS RFC defines a text representation for records as well as a binary or “wire” representation. SOA records have the following text format:

    ; Name             TTL  Class RType Email
    acns.colostate.edu 3600 IN    SOA   dnsadmin.colostate.edu. (
        249427 ; sn
        900    ; refresh (15 min)
        600    ; retry (10 min)
        86400  ; expiry (1 day)
        3600   ; minTTL (1 hour)
    )

DNS Record Types: NS

Name Server (NS): Defines the authoritative name server(s) for a domain. Actually located both at the root of the zone and at the point of delegation in the parent zone.

The NS records for acns.colostate.edu reside in the parent zone, “colostate.edu”, like this :

    Name    TTL	Class	RecordType  Data
    acns	IN	NS	    dns1.colostate.edu
    acns	IN	NS	    dns2.colostate.edu

And they exist in the acns.colostate.edu zone where they look like:

    Name    TTL	Class	RecordType  Data
    @		IN	NS	    dns1.colostate.edu
    @		IN	NS	    dns2.colostate.edu

DNS Record Types: A, AAAA

IPv4 Address (A): Associates a name with an IPv4 address The A record for chico.cs.colostate.edu resides in the “cs.colostate.edu” zone and looks like:

    Name    TTL	Class	RecordType  Data
    www		IN	A	    129.82.45.30

IPv6 Address (AAAA): Associates a name with an IPv6 address An AAAA record looks like:

    Name    TTL	Class	RecordType  Data
    www		IN	AAAA	    2002:8152:e6d2::8052:f8d1

DNS Record Types: CNAME

Canonical Name (CNAME): Associates an alias with another DNS name record. The CNAME record for www.cs.colostate.edu looks like:

    Name    TTL	Class	RecordType  Data
    www		IN	CNAME	    parsons.cs.colostate.edu

According to the RFC, you may not create any other records with the same name as a CNAME record. Recently added exceptions for DNSSEC record types RRSIG, NSEC and KEY.

Other DNS Record Types

Others… There are ~71 record types. The other, more common records include:

• MX — Mail Exchanger. Specify mail servers for a mail domain name.
• PTR — Pointer. Maps IPv4 addresses to names (reverse lookup).
• SRV — Service record. Defines network service information available for zone (LDAP, Kerberos, etc.). Used heavily by Windows domains.
• TXT — Text information associated with a name. Basically a note. Also used in Sender Policy Framework (SPF) system to validate email.

DNS Forward and Reverse Lookups

• Most common use is forward lookup (name to IP).
• Also need reverse lookup (IP to name).

This is also a tree structure, delegated in a similar fashion. All reverse space is rooted in the special domain called “in-addr.arpa”. .arpa is the remnant of a special domain used in the transion from the ARPANET to domain-style naming.

For delegation to work as in the forward space, the networks are listed most specific to least specific. Thus CSU’s IP space (129.82/16) has a reverse DNS zone of “82.129.in-addr.arpa”

DNS Reverse Data Organization

         arpa
           │
        in-addr
           │
     ┌─────┼─────┐
    128   129   130
           │
     ┌─────┼─────┐
    81    82    83
           │
     ┌─────┼─────┐
    44    45    46
           │
     ┌─────┼─────┐
    113   114   115

$ host www.cs.colostate.edu
www.cs.colostate.edu is an alias for beethoven.cs.colostate.edu.
beethoven.cs.colostate.edu has address 129.82.45.48

$ host 129.82.45.114
114.45.82.129.IN-ADDR.ARPA domain name pointer parsons.cs-win.colostate.edu.
114.45.82.129.IN-ADDR.ARPA domain name pointer parsons.cs.colostate.edu.

DNS servers

$ cat /etc/resolv.conf
search cs.colostate edu colostate.edu
nameserver 129.82.45.181
nameserver 129.82.103.78
nameserver 129.82.103.79

• Usually, your ISP provides a DNS server, via DHCP.
• Or, it can be hard-coded in /etc/resolv.conf.
• Some people, fearing ISP censorship, use external DNS servers such as Google’s 8.8.8.8 and 8.8.4.4, or other public servers.
• Some public DNS servers censor for various reasons:
  • block phishing & malware sites
  • religious censorship
  • use by children
  • governmental censorship
• Some DNS servers anti-censor (e.g., .onion).

DNS Authorities

Internet Assigned Numbers Authority (IANA) and Internet Network Information Center (InterNIC) originally established by various US Government agencies and now run under contract by a private, non-profit organization.

Internet Corporation for Assigned Names and Numbers (ICANN) is responsible for:

• Coordination of DNS Root globally
• Coordination of IP space globally
• Maintaining the list of gTLDs (generic top level domains) and ccTLDs (country code top level domains).
• Root Hints: https://www.internic.net/zones/named.root

DNS Registries and Registrars

DNS Registry — the authoritative source for a DNS domain.

DNS Registrar — entity authorized to manage registry data.

• Registrars sell domains to others and maintain that data in the registry.
• VeriSign operates the current registry for .com and .net but does not act as a registrar.
• Hundreds of Registrars are certified with Verisign to sell .com domains (e.g. Tucows, GoDaddy, etc.)
• Reverse Registries run by regional entities (ARIN, LACNIC, RIPENCC, AFRINIC, APNIC).

DNS Server Software

• BIND — originally UNIX.
• Windows 2000 move to heavy reliance on DNS
• Network traffic: UDP and TCP port 53
• Authoritative-only servers only respond to queries for zones they host. No gossip!
• Recursive/Caching Servers: Resolve any DNS request for clients. Store answers locally to answer other requests.
• Replication: Slave and master. Uses zone serial numbers, refresh and retry intervals to update slaves which have a read-only copy of data.

Dynamic DNS

Dynamic DNS (DDNS) — Allows clients to update A and PTR records on the fly. It’s handy when your ISP doesn’t guarantee a constant IP address.

• Periodically, the client contacts the registrar.
  • I use wget from cron.
• The registrar notes the inbound IP address, and changes the A and PTR records for the corresponding name.

DNS Commands

ping example

$ ping -c2 localhost
PING localhost(localhost (::1)) 56 data bytes
64 bytes from localhost (::1): icmp_seq=1 ttl=64 time=0.013 ms
64 bytes from localhost (::1): icmp_seq=2 ttl=64 time=0.034 ms

--- localhost ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1008ms
rtt min/avg/max/mdev = 0.013/0.023/0.034/0.011 ms

nslookup example

$ nslookup whitehouse.gov
Server:		129.82.45.181
Address:	129.82.45.181#53

Non-authoritative answer:
Name:	whitehouse.gov
Address: 192.0.66.168
Name:	whitehouse.gov
Address: 2a04:fa87:fffd::c000:42a8

• There are several IP addresses there—which one is it?
• What’s the #53 mean?

dig example

$ dig www.frii.com

; <<>> DiG 9.11.36-RedHat-9.11.36-11.el8_9 <<>> www.frii.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17303
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 3

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: dba1cf58756406d5cdcf003b66230125f6723f92998bf85d (good)
;; QUESTION SECTION:
;www.frii.com.			IN	A

;; ANSWER SECTION:
www.frii.com.		14400	IN	CNAME	frii.com.
frii.com.		14400	IN	A	204.144.128.57

;; AUTHORITY SECTION:
frii.com.		88292	IN	NS	ns2.cpanel.frii.com.
frii.com.		88292	IN	NS	ns1.cpanel.frii.com.

;; ADDITIONAL SECTION:
ns1.cpanel.frii.com.	88292	IN	A	204.144.128.56
ns2.cpanel.frii.com.	88292	IN	A	204.144.128.55

;; Query time: 77 msec
;; SERVER: 129.82.45.181#53(129.82.45.181)
;; WHEN: Fri Apr 19 17:41:25 MDT 2024
;; MSG SIZE  rcvd: 174

• dig produces a straightforward dump of the actual DNS query.
• Comments start with semicolons.
• What are these “sections”?

host example

$ host ebay.com
ebay.com has address 23.194.127.29
ebay.com has address 23.194.127.4
ebay.com mail is handled by 10 mx1.hc2186-24.iphmx.com.
ebay.com mail is handled by 10 mx2.hc2186-24.iphmx.com.

• How many different IP addresses‽
• What’s this about mail?

whois example

$ whois colostate.edu | sed '1,/^---/d'

Domain Name: COLOSTATE.EDU

Registrant:
	Colorado State University
	Colorado State University
	Ft. Collins, CO 80523
	USA

Administrative Contact:
	Domain Admin
	Colorado State University
	Colorado State University
	Ft. Collins, CO 80523
	USA
	+1.9704915600
	dns.admin@colostate.edu

Technical Contact:
	Domain Admin
	Colorado State University
	Colorado State University
	Ft. Collins, CO 80523
	USA
	+1.9704915600
	dns.admin@colostate.edu

Name Servers:
	DNS2.COLOSTATE.EDU
	DNS1.COLOSTATE.EDU
	DNS3.COLOSTATE.EDU

Domain record activated:    27-May-1987
Domain record last updated: 07-Feb-2024
Domain expires:             31-Jul-2024

Web sites

These websites can look up things for you:

• https://www.dnstools.com
• https://www.dnsstuff.com
• https://network-tools.com

User: Guest