|
⇤ ← Revision 1 as of 2020-12-08 16:24:05
Size: 3583
Comment:
|
Size: 3613
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 1: | Line 1: |
| ## page was renamed from DNS |
DNS
Domain Name System (DNS) Resolution is a core component to the internet. It is both a standard for communication and a multi-layered, distributed infrastructure.
Contents
Internet Protocol
All internet gateways (commonly modems) act as an interface between the internet and local hosts. This is governed by the Internet Protocol (IP).
A set of IP addresses are reserved for local networking:
IP Block |
IP Range |
Reserved for |
127.0.0.0/8 |
127.0.0.0 - 127.255.255.255 |
Loopback |
10.0.0.0/8 |
10.0.0.0 - 10.255.255.255 |
Local network |
172.16.0.0/12 |
172.16.0.0 - 172.31.255.255 |
Local network |
192.0.0.0/24 |
192.0.0.0 - 192.0.0.255 |
Local network |
192.168.0.0/16 |
192.168.0.0 - 192.168.255.255 |
Local network |
::1/128 |
::1 (yes, just one address) |
Loopback |
fc00::/7 |
fc00:: - fdff:ffff:ffff:ffff:ffff:ffff:ffff:ffff |
Local network |
There are also a number of reservations for infrastructure and future use. The remainder are mapped to the public internet.
Any host will have both a private (local network) IP address and a public (internet) IP address. Most users have a dynamic IP address, which means it was assigned randomly and temporarily. This assignment is handled by a Dynamic Host Configuration Protocol (DHCP) server. The alternative is a static IP address, which is a permanent assignment.
Domain Name System
The Domain Name System (DNS) maps human-readable domain names to actual IP addresses. A domain name is queried against a DNS server, and the true destination is returned.
A domain name can be purchased from any number of providers, which then register your actual IP address with the authoritative DNS servers. Each service will have it's own portal or interface for setting the DNS records for your domain.
The primary sorts of DNS records are:
Record Type |
Function |
A |
Maps a name to an IPv4 address |
AAAA |
Maps a name to an IPv6 address |
CNAME |
Aliases a name to another name |
A note about dynamic IP addresses
While a dynamic address is an excellent security-by-design measure, it can be inconvenient for web hosting as DNS records must be adjusted with every re-assignment. Most ISPs will charge for a static IP address. An alternative is Dynamic DNS; see ddclient for more details.
Configuring your DNS
The primary method for adjusting a Linux system's DNS is to edit /etc/hosts. See here for a thorough description of the complete stack.
Running your DNS Server
A DNS server receives (TCP and UDP) queries over port 53. A server could be recursive, which means it will contact other DNS servers to resolve the query authoritatively, or iterative, which means it may fail.
Popular implementations of DNS servers are dnsmasq and bind.
Note that recursive DNS servers are vulnerable to exploitation. DNS amplification attacks, which are a subtype of DDoS attacks, and cache poisoning both rely on the recursive design.