DNS: Difference between revisions

From DWIKI
mNo edit summary
mNo edit summary
 
(14 intermediate revisions by the same user not shown)
Line 10: Line 10:
*[https://www.dns-oarc.net/oarc/services/dnsentropy DNS entropy]  
*[https://www.dns-oarc.net/oarc/services/dnsentropy DNS entropy]  
*[https://www.ripe.net/manage-ips-and-asns/db/support/configuring-reverse-dns Configuring reverse dns]  
*[https://www.ripe.net/manage-ips-and-asns/db/support/configuring-reverse-dns Configuring reverse dns]  
*[https://docstore.mik.ua/orelly/networking_2ndEd/dns/ch09_04.htm DNS subdomains]  
*[https://docstore.mik.ua/orelly/networking_2ndEd/dns/ch09_04.htm DNS subdomains]
*[https://dnsinstitute.com/documentation/dnssec-guide/ch03s05.html What's EDNS All About (And Why Should I Care)?]
 
==DNS chcecks==
*[http://www.webdnstools.com/dnstools/domain_check Domain Check]
*[https://mxtoolbox.com/dnscheck.aspx mtoolbox dns check]
*[https://dnsviz.net/ dnviz]
=HOWTO=
 
=Documentation=
==Zone files==
*[https://arstechnica.com/gadgets/2020/08/understanding-dns-anatomy-of-a-bind-zone-file/ Anatomy of a bind zone file]
===SOA record===
ns1.example.com admin.example.com 2013022001 86400 7200 604800 300
 
*    The primary name server for the domain, which is ns1.dnsimple.com or the first name server in the vanity name server list.
*    The responsible party for the domain: admin.dnsimple.com.
*    A timestamp that changes whenever you update your domain.
*    The number of seconds before the zone should be refreshed.
*    The number of seconds before a failed refresh should be retried.
*    The upper limit in seconds before a zone is considered no longer authoritative.
*    The negative result TTL (for example, how long a resolver should consider a negative result for a subdomain to be valid before retrying).
 
==Glue records==
*[https://ns1.com/blog/glue-records-and-dedicated-dns Glue Records and Dedicated DNS]


= Software =
= Software =
Line 22: Line 46:
A nice caching DNS.
A nice caching DNS.


*[http://www.maradns.org/ http://www.maradns.org/]  
*[http://www.maradns.org/ http://www.maradns.org/]
 
= Tools =
==dnstop==
Show what is being looked up
dnstop -l 3 eth0
and then hit '''3'''
*[[Dig]]
*dnsping
*dnsdiag
*[https://dnsviz.net dnzviz]


= FAQ =
= FAQ =
Line 45: Line 79:


  dig +short +tries=1 +time=2 test.openresolver.com TXT @$ip
  dig +short +tries=1 +time=2 test.openresolver.com TXT @$ip
==Local NS list does not match Parent NS list==
Probably a slave/secundary server out of sync


= Terms =
= Terms =


== Soa ==
== SOA ==


  Start Of Authority
  Start Of Authority
        
        
*[https://bobcares.com/blog/understanding-soa-records/ Understanding SOA records]


[[Category:Networking]]
[[Category:Networking]]

Latest revision as of 11:02, 12 July 2024

Links

DNS chcecks

HOWTO

Documentation

Zone files

SOA record

ns1.example.com admin.example.com 2013022001 86400 7200 604800 300
  • The primary name server for the domain, which is ns1.dnsimple.com or the first name server in the vanity name server list.
  • The responsible party for the domain: admin.dnsimple.com.
  • A timestamp that changes whenever you update your domain.
  • The number of seconds before the zone should be refreshed.
  • The number of seconds before a failed refresh should be retried.
  • The upper limit in seconds before a zone is considered no longer authoritative.
  • The negative result TTL (for example, how long a resolver should consider a negative result for a subdomain to be valid before retrying).

Glue records

Software

BIND

Maradns

A nice caching DNS.

Tools

dnstop

Show what is being looked up

dnstop -l 3 eth0

and then hit 3

FAQ

Get hints file

dig @m.root-servers.net. ns .

Find server handling reverse

dig -x 10.11.12.13

Wildcard record

;seems unwise to use CNAMES for this
@ IN A 10.0.0.1
* IN A 10.0.0.1

 

DNS amplification test

dig +short +tries=1 +time=2 test.openresolver.com TXT @$ip


Local NS list does not match Parent NS list

Probably a slave/secundary server out of sync

Terms

SOA

Start Of Authority