DNS, What???

More often than not, when I tell people what the company that I work for does, they look at me with a blank stare and a trivial look on their face and say DNS, What… They still seem utterly confused after I try to explain what DNS is and how they are most likely using it everyday.  These people usually just pretend like they get it and walk away, but do they really get it and what’s so hard to “get”?

We have touched on what DNS is quite a few times, but we still get the inevitable comments on surveys and blog posts that people are still very confused.  One person actually compared DNS to buying a bottle of air, open it and there is nothing inside, but that couldn’t be further from the truth!

DNS redirects an IP address, to a static domain name.  So if you want to visit www.no-ip.com, you type the domain name into your browser, not the IP address.  If not for DNS, you would have to remember every IP address of every website! With over 300 million websites on the web, remembering every IP address would be utterly impossible, well unless maybe you’re Kim Peek: The Real Rain Man.

In addition, the transition to IPv6 will make remembering IP addresses even harder! IPv6 addresses are 128 bits long compared to 32 bits of Ipv4 addresses.

They look something like this: 2001:db8:0:1234:0:567:8:1. That’s a lot if numbers to remember! (I can barely remember my phone number!)

So, next time someone asks you, WHAT the heck is DNS?! You can tell them that it is indeed more than just bottle air.  It makes visiting websites by a domain name, possible!

Have you ever had someone look at you confused when you mention DNS? Also, if you like this article, be sure to share it with your friends via Facebook and Twitter!

Dig Tutorial

First and foremost, what the heck is Dig? Dig is an acronym for “domain internet groper”.  Dig is a useful tool for webmasters and system administrators, it can be used to query DNS servers and fix DNS related issues.  Dig is a part of the BIND DNS software.

There are many beneficial and useful ways to use dig.  Do you ever find yourself needing to make changes to DNS records, but aren’t sure how to verify your changes?

Check out the following breakdown of a dig query.

Type the following dig query into your Terminal and follow along!

dig www.no-ip.com

This query will call on the A record for the domain name www.no-ip.com.

So, lets dive into this a little deeper and explain what each part of the response means…

The first two lines tell us the version of dig that is being used, in my case, i am using version 9.4.3-P3, the command line parameters (www.no-ip.com) and the query options (printcmd). The printcmd options means that the command section (the name of these first two lines) is printed. You can disable this response by using the option +nocmd.

; <<>> DiG 9.4.3-P3 <<>> www.no-ip.com
;; global options: printcmd

Next, dig tells you the response that it collected from the DNS server. The answer received was (opcode: QUERY) and that the response contains 1 part in the answer section, 5 parts in the authority section and 6 parts in the additional section. Just before those responses you will see “flags”.  Flags state certain things about the DNS server and its response.

-qr (query response) simply means this is a response to a query
-rd (recursion desired) means that the incoming query requested recursive  support
-ra (recursion available) means that the responding server supports recursive queries

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55423
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 5, ADDITIONAL: 6

The question section is next. This section just states what I queried, in this case, I queried the A record of www.no-ip.com and it is in the Internet class or IN.

;; QUESTION SECTION:
;www.no-ip.com.                       IN                  A

The answer section follows; it adds the IP address of www.no-ip.com, and it also names all of the NS records that are authoritative for the domain.

;; ANSWER SECTION:
www.no-ip.com.    60          IN                  A              204.16.252.112
;; AUTHORITY SECTION:
no-ip.com. 50531              IN                  NS             ns2.no-ip.com.
no-ip.com. 50531              IN                  NS             ns4.no-ip.com.
no-ip.com. 50531              IN                  NS             ns5.no-ip.com.
no-ip.com. 50531              IN                  NS             ns3.no-ip.com.
no-ip.com. 50531              IN                  NS             ns1.no-ip.com.

The additional section lists the IP addresses of all of the NS records, along with what type of record they are.

;; ADDITIONAL SECTION:
ns1.no-ip.com. 7702             IN                  A            204.16.255.55
ns1.no-ip.com. 128              IN                  AAAA         2620:0:2e60::33
ns4.no-ip.com. 128              IN                  A            75.102.60.46
ns2.no-ip.com. 79306            IN                  A            204.16.254.6
ns5.no-ip.com. 79306            IN                  A            75.102.59.82
ns3.no-ip.com. 19260            IN                  A            204.16.253.33

The last section just gives stats about the query: how long it took, the IP address it was queried from and how large the message was.  You can disable this reply by using the +nostats option.

;; Query time: 48 msec
;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Fri Apr  8 11:22:02 2011
;; MSG SIZE  rcvd: 245

Using dig can help you troubleshoot your DNS related issues.  How often do you use dig?

12