DNS: Difference between revisions
From DWIKI
mNo edit summary |
mNo edit summary |
||
(23 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
= | = Links = | ||
===BIND== | *[http://www.oreilly.com/catalog/dns4/toc.html The O'Reilly Bind Book] | ||
*[http://www.vix.com/isc/bind/ Bind homepage] | *[http://en.tldp.org/HOWTO/DNS-HOWTO.html DNS Howto] | ||
*[http://www.dnsreport.com DNS Check] | |||
*[http://www.dns.net/dnsrd/ http://www.dns.net/dnsrd/] | |||
*[http://www.madboa.com/geek/dig/ Dig HOWTO] | |||
*[http://www.dns.net/dnsrd/trick.html DNS tips&tricks] | |||
*[https://www.dns-oarc.net/oarc/services/dnsentropy DNS entropy] | |||
*[https://www.ripe.net/manage-ips-and-asns/db/support/configuring-reverse-dns Configuring reverse dns] | |||
*[https://docstore.mik.ua/orelly/networking_2ndEd/dns/ch09_04.htm DNS subdomains] | |||
*[https://dnsinstitute.com/documentation/dnssec-guide/ch03s05.html What's EDNS All About (And Why Should I Care)?] | |||
==DNS chcecks== | |||
*[http://www.webdnstools.com/dnstools/domain_check Domain Check] | |||
*[https://mxtoolbox.com/dnscheck.aspx mtoolbox dns check] | |||
*[https://dnsviz.net/ dnviz] | |||
=HOWTO= | |||
=Documentation= | |||
==Zone files== | |||
*[https://arstechnica.com/gadgets/2020/08/understanding-dns-anatomy-of-a-bind-zone-file/ Anatomy of a bind zone file] | |||
===SOA record=== | |||
ns1.example.com admin.example.com 2013022001 86400 7200 604800 300 | |||
* The primary name server for the domain, which is ns1.dnsimple.com or the first name server in the vanity name server list. | |||
* The responsible party for the domain: admin.dnsimple.com. | |||
* A timestamp that changes whenever you update your domain. | |||
* The number of seconds before the zone should be refreshed. | |||
* The number of seconds before a failed refresh should be retried. | |||
* The upper limit in seconds before a zone is considered no longer authoritative. | |||
* The negative result TTL (for example, how long a resolver should consider a negative result for a subdomain to be valid before retrying). | |||
==Glue records== | |||
*[https://ns1.com/blog/glue-records-and-dedicated-dns Glue Records and Dedicated DNS] | |||
= Software = | |||
== BIND == | |||
*[http://www.vix.com/isc/bind/ Bind homepage] | |||
== Maradns == | |||
A nice caching DNS. | A nice caching DNS. | ||
== | *[http://www.maradns.org/ http://www.maradns.org/] | ||
===Get hints file== | |||
= Tools = | |||
==dnstop== | |||
Show what is being looked up | |||
dnstop -l 3 eth0 | |||
and then hit '''3''' | |||
*[[Dig]] | |||
*dnsping | |||
*dnsdiag | |||
*[https://dnsviz.net dnzviz] | |||
= FAQ = | |||
== Get hints file == | |||
dig @m.root-servers.net. ns . | dig @m.root-servers.net. ns . | ||
===Wildcard record== | == Find server handling reverse == | ||
@ IN | |||
* IN | dig -x 10.11.12.13 | ||
== Wildcard record == | |||
;seems unwise to use CNAMES for this | |||
@ IN A 10.0.0.1 | |||
* IN A 10.0.0.1 | |||
| |||
== DNS amplification test == | |||
dig +short +tries=1 +time=2 test.openresolver.com TXT @$ip | |||
==Local NS list does not match Parent NS list== | |||
Probably a slave/secundary server out of sync | |||
= Terms = | |||
== SOA == | |||
Start Of Authority | |||
*[https://bobcares.com/blog/understanding-soa-records/ Understanding SOA records] | |||
[[Category:Networking]] |
Latest revision as of 11:02, 12 July 2024
Links
- The O'Reilly Bind Book
- DNS Howto
- DNS Check
- http://www.dns.net/dnsrd/
- Dig HOWTO
- DNS tips&tricks
- DNS entropy
- Configuring reverse dns
- DNS subdomains
- What's EDNS All About (And Why Should I Care)?
DNS chcecks
HOWTO
Documentation
Zone files
SOA record
ns1.example.com admin.example.com 2013022001 86400 7200 604800 300
- The primary name server for the domain, which is ns1.dnsimple.com or the first name server in the vanity name server list.
- The responsible party for the domain: admin.dnsimple.com.
- A timestamp that changes whenever you update your domain.
- The number of seconds before the zone should be refreshed.
- The number of seconds before a failed refresh should be retried.
- The upper limit in seconds before a zone is considered no longer authoritative.
- The negative result TTL (for example, how long a resolver should consider a negative result for a subdomain to be valid before retrying).
Glue records
Software
BIND
Maradns
A nice caching DNS.
Tools
dnstop
Show what is being looked up
dnstop -l 3 eth0
and then hit 3
FAQ
Get hints file
dig @m.root-servers.net. ns .
Find server handling reverse
dig -x 10.11.12.13
Wildcard record
;seems unwise to use CNAMES for this @ IN A 10.0.0.1 * IN A 10.0.0.1
DNS amplification test
dig +short +tries=1 +time=2 test.openresolver.com TXT @$ip
Local NS list does not match Parent NS list
Probably a slave/secundary server out of sync
Terms
SOA
Start Of Authority