DNS
The Domain Name System (DNS) plays a crucial role in the Internet's infrastructure by translating hostnames into IP addresses. This process enables users to access websites and services using easy-to-remember domain names. On the client side, DNS functions in a straightforward manner: the client sends a query to its local DNS server, and in return, it receives a response. Behind the scenes, DNS servers communicate with each other in a hierarchical structure to resolve the query, either recursively or iteratively. However, from the perspective of the DNS client, the process remains simple—a query is sent to the local DNS server, and the client receives a response.
Use NSlookup for DNS Queries .
nslookup is available in most Linux/Unix and Microsoft platforms today which can be extensively used to query the DNS configurations . You just have to run nslookup in your Command line .In it is most basic operation, nslookup tool allows the host running the tool to query any specified DNS server for a DNS record. The queried DNS server can be a
- root DNS server,
- a top-level-domain DNS server,
- an authoritative DNS server,
- or an intermediate DNS server .
To accomplish this task, nslookup sends a DNS query to the specified DNS server, receives a DNS reply from that same DNS server, and displays the result.
See the example below. In this example, the client is the local PC and the default local DNS server is home router . When running nslookup, if no DNS server is specified, then nslookup sends the query to the default DNS server.
nslookup <domain name>
In words, this command is saying “please send me the IP address for the host cam.ac.uk”. As shown in the screenshot, the response from this command provides two pieces of information:
(1) the name and IP address of the DNS server that provides
the answer
(2) the answer itself, which is the hostname and IP address of cam.ac.uk .
Although the response came from the local DNS server it is quite possible that this local DNS server iteratively contacted several other DNS servers to get the answer.
Non Authoritative and Authoritative Answer
Authoritative DNS Server: This is a DNS server that holds the actual DNS records for a domain (e.g., cam.ac.uk). When a query is resolved directly by this server, it's considered an authoritative answer.
Non-authoritative Answer: This means the DNS server that responded to your query is not the original source of the DNS records for the domain. Instead, it has cached the information from a previous query to the authoritative server. This is normal behavior for most DNS lookups because DNS servers cache responses to improve performance.
In this case, the DNS server (with the IP address 192.168.8.1, is the home router which act as local DNS resolver) is returning the cached results from the authoritative servers, hence the "Non-authoritative answer" message. The data is still valid, but it's not coming directly from the authoritative source.
How to Find Authoritative DNS Servers ?
nslookup -type=NS <domain name>
However, nslookup also indicates that the answer is “non-authoritative,” meaning that this answer came from the cache of some server rather than from an authoritative Cambridge server .
Finally, the answer also includes the IP addresses of the authoritative DNS servers at Cambridge. Even though the type-NS query generated by nslookup did not explicitly ask for the IP addresses, the local DNS server returned these “for free” and nslookup displays the result.
How to Send a DNS Query to a Particular DNS server ?
This can be done by providing the DNS server address at the end of the command .
nslookup <domain-name> <dns-server>
Check the below example .Here it used the google DNS server address which is 8.8.8.8 , you can see that in the answer , server address has been changed to dns.google
2 Comments
Great post !
ReplyDeleteVery informative.
ReplyDelete