DNS Records

Slides

Common DNS records

Name Server (NS): Defines the nameservers for a domain.
IPv4 Address (A): Returns the IPv4 address for a given name
IPv6 Address (AAAA): Returns the IPv6 address for a given name
Canonical Name (CNAME): Alias one name to another
Pointer (PTR): Points to a canonical name. Used for reverse DNS lookup.

Using the `host` command

The host command is part of the bind-utils package on CentOS. It enables a simple way to make DNS queries on your system.

Forward Lookup with `host`

If you make a DNS query for a modern website, such as www.google.com you will likely get both the IPv4 and IPv6 address.

[root@master ~]# host www.google.com
www.google.com has address 172.217.12.164
www.google.com has IPv6 address 2607:f8b0:4006:81a::2004

During this course we will set up our own DNS server to host the .hpc domain. It will know the IP addresses of our systems.

[root@master ~]# host master.hpc
master.hpc has address 192.168.16.1

Reverse Lookup with `host`

In a similar way, if properly configured, a DNS server will be able to determine the name of a system based on its IP.

[root@master ~]# host 192.168.16.1
1.16.168.192.in-addr.arpa domain name pointer master.hpc.

Note that for the IP we got for www.google.com the returned reverse lookup doesn’t actually return www.google.com. Instead it returns the hostname of that particular IP address. What is going on?

[root@master ~]# host 172.217.12.164
164.12.217.172.in-addr.arpa domain name pointer lga25s62-in-f4.1e100.net.

As mentioned each DNS record can have one or more A records. Which IP address you get is then determined by a round-robin algorithm. During forward lookup of the the domain, the DNS server will iterate through the A records and return them in a different order for each query. That means there can be multiple IPs hosting a single domain, which is useful for load balancing. Each host has its own unique name, which is returned in the PTR record of that address.

Note

Advanced configurations allow nameservers to return different results based on on the geographic location of a request. This way data centers in Europe can respond to requests from Europe, while US data centers data centers can respond to requests from the US.

Using the `dig` command

Another utility part of bind-utils is the dig command. It lets you inspect the actual DNS response you get during a query. The text output you see is in the Zone Files Format, which is described in the next section.

Forward Lookup with `dig`

The following is an example for resolving www.google.com. This will ask for the A record, the IPv4 address. As you can see the response returns the A record with an IP address attached.

Additional DNS records are returned containing the nameservers and their IP addresses used to resolve this query.

[root@master ~]# dig www.google.com

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.2 <<>> www.google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60676
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 9

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.google.com.                     IN      A

;; ANSWER SECTION:
www.google.com.              300     IN      A       172.217.12.164

;; AUTHORITY SECTION:
google.com.          154535  IN      NS      ns1.google.com.
google.com.          154535  IN      NS      ns4.google.com.
google.com.          154535  IN      NS      ns3.google.com.
google.com.          154535  IN      NS      ns2.google.com.

;; ADDITIONAL SECTION:
ns1.google.com.              239233  IN      A       216.239.32.10
ns2.google.com.              239233  IN      A       216.239.34.10
ns3.google.com.              239233  IN      A       216.239.36.10
ns4.google.com.              50135   IN      A       216.239.38.10
ns1.google.com.              239233  IN      AAAA    2001:4860:4802:32::a
ns2.google.com.              239233  IN      AAAA    2001:4860:4802:34::a
ns3.google.com.              239233  IN      AAAA    2001:4860:4802:36::a
ns4.google.com.              50135   IN      AAAA    2001:4860:4802:38::a

;; Query time: 23 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Jan 14 15:15:51 EST 2021
;; MSG SIZE  rcvd: 307

Once we’ve configured DNS in our cluster, these responses will be much shorter for hostnames within our own domain:

[root@master ~]# dig master.hpc

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.2 <<>> master.hpc
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25546
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;master.hpc.                 IN      A

;; ANSWER SECTION:
master.hpc.          300     IN      A       192.168.16.1

;; AUTHORITY SECTION:
hpc.                 300     IN      NS      192.168.16.1.

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Jan 14 15:13:06 EST 2021
;; MSG SIZE  rcvd: 81

Reverse Lookup with `dig`

For a reverse lookup with dig you need to add the -x flag. The following shows the reverse lookup of a system in our own .hpc domain that we will configure during this course.

[root@master ~]# dig -x 192.168.16.1

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.2 <<>> -x 192.168.16.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7346
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;1.16.168.192.in-addr.arpa.  IN      PTR

;; ANSWER SECTION:
1.16.168.192.in-addr.arpa. 300       IN      PTR     master.hpc.

;; AUTHORITY SECTION:
16.168.192.in-addr.arpa. 300 IN      NS      192.168.16.1.

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Jan 14 15:12:01 EST 2021
;; MSG SIZE  rcvd: 104

Note again that when doing a reverse lookup for the IP we got from the Google Nameservers, we don’t get www.google.com but the hostname of their server for that IP.

[root@master ~]# dig -x 172.217.12.164

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.el7_9.2 <<>> -x 172.217.12.164
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31115
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 9

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;164.12.217.172.in-addr.arpa.        IN      PTR

;; ANSWER SECTION:
164.12.217.172.in-addr.arpa. 86400 IN        PTR     lga25s62-in-f4.1e100.net.

;; AUTHORITY SECTION:
217.172.in-addr.arpa.        86400   IN      NS      ns4.google.com.
217.172.in-addr.arpa.        86400   IN      NS      ns1.google.com.
217.172.in-addr.arpa.        86400   IN      NS      ns2.google.com.
217.172.in-addr.arpa.        86400   IN      NS      ns3.google.com.

;; ADDITIONAL SECTION:
ns4.google.com.              50412   IN      A       216.239.38.10
ns2.google.com.              239510  IN      A       216.239.34.10
ns1.google.com.              239510  IN      A       216.239.32.10
ns3.google.com.              239510  IN      A       216.239.36.10
ns4.google.com.              50412   IN      AAAA    2001:4860:4802:38::a
ns2.google.com.              239510  IN      AAAA    2001:4860:4802:34::a
ns1.google.com.              239510  IN      AAAA    2001:4860:4802:32::a
ns3.google.com.              239510  IN      AAAA    2001:4860:4802:36::a

;; Query time: 29 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Jan 14 15:11:14 EST 2021
;; MSG SIZE  rcvd: 352

DNS Records

Common DNS records

Using the host command

Forward Lookup with host

Reverse Lookup with host

Using the dig command

Forward Lookup with dig

Reverse Lookup with dig