0

DNS Questions and Answers

  1. What is DNS?
  2. What is a domain name?
  3. What is a fully qualified domain name?
  4. What type of domain name doesn't include all of the components / isn't fully qualified?
  5. What types of DNS software is there?
  6. What roles do different the different types of DNS software have?
  7. What is a DNS client?
  8. What is a DNS server?
  9. What types of DNS servers are there?
  10. What is the difference between recursive and authoritative DNS servers?
  11. What is the difference between a DNS zone and a DNS domain name?
  12. How does the recursive DNS server get answers for clients?
  13. What is iteration / what are iterative queries?
  14. What is a domain?
  15. What is a sub-domain?
  16. What is a parent domain?
  17. What is a zone?
  18. What is a top level domain?
  19. What is the invisible domain component?
  20. What makes "www.sluug.org.(root)" a record inside of the SLUUG.org zone / domain instead of it's own zone / domain?
  21. What is the root zone?
  22. What is delegation?
  23. What is a Public Suffix?

1

What is DNS?

Domain Name System / Domain Name Service / Domain Name Server

DNS is a system of many interconnected DNS servers that work in concert with each other to providing the DNS service to clients.

DNS is a distributed eventually consistent database.

2

What is a domain name?

A domain name is the name of a domain, or collection of systems. Often, the domain name reflects the organization that is using the domain name.

sluug.org is the domain name of the SLUUG organization.

3

What is a fully qualified domain name?

A fully qualified domain name is a full / complete domain name of a system.

A fully qualified domain name is a domain name that includes all the components vs one that doesn't include all the components.

4

What type of domain name doesn't include all of the components / isn't fully qualified?

A domain name that is only partially qualified and is used in relation to some other component.

bock(.sluug.org) / test.lab(.example.net)

5

What types of DNS software is there?

  • client
  • server

6

What roles do different the different types of DNS software have?

  • client
  • recursive server
  • authoritative server

7

What is a DNS client?

A DNS client is something that utilizes DNS services offered by something else.

8

What is a DNS server?

A DNS server is something that offers DNS services to DNS clients.

9

What types of DNS servers are there?

  • recursive
  • authoritative

10

What is the difference between recursive and authoritative DNS servers?

A recursive DNS server receives the (DNS) query from the client and gets an answer from the authoritative (DNS) servers.

Authoritative DNS servers provide answers for the DNS zone(s) they are authoritative for.

11

What is the difference between a DNS zone and a DNS domain name?

A little of ${THIS} and some of ${THAT}.

A zone is collection of one or more domains grouped together for administrative purposes.

For the purposes of this discussion, you can consider them roughly the same.

We'll get into the minutia in that differentiates zones and domains in the future.

12

How does the recursive DNS server get answers for clients?

The recursive DNS server sends multiple iterative queries to multiple authoritative (DNS) servers to eventually get an answer (or authoritative error) to return to the (DNS) client.

13

What is iteration / what are iterative queries?

Iteration is the process a recursive (DNS) server uses to get answers from servers authoritative for different zones in the DNS tree.

Let's review / re-enact last month's The Five SLUUGs and talk more about who is performing what role.

  1. Who is the DNS client? Phil (client)
  2. Who is the recursive DNS server? Grant (recursive)
  3. Who is the Root DNS server? Stan (root)
  4. Who is the top (first) level domain DNS server? Gary (ORG)
  5. Who is the second level domain DNS server? Lee (SLUUG)

Life of a DNS Request

  1. Phil is the DNS client and wants to know what the IP address is of www.sluug.org
  2. Grant is the recursive DNS server and does all the leg work to get an answer for Phil.
  3. Stan is a DNS server that is authoritative for the root DNS domain and knows about all the domains in the root, including .org.
  4. Gary is a DNS server that is authoritative for the .org domain and knows about all the domains in .org, including sluug.org.
  5. Lee is a DNS server that is authoritative for the sluug.org domain and knows about all the records in the sluug.org domain, including www.sluug.org.
  1. Phil asks Grant.
  2. Grant asks Stan, then Gary, then Lee to find the answer.
  3. Grant tells Phil that answer.

Some important things to note:

  • Phil, the DNS client, only had to ask one question.
  • Each authoritative server; Stan, Gary, and Lee, only had to answer one question each.
  • Grant, the recursive DNS server had to ask four different servers and ultimately give the answer to Phil, the DNS client. -- The recursive DNS server did as much work as the other four parties combined.

Recursive DNS servers are optimized for getting information from other servers.

Authoritative DNS servers are optimized for providing information to others.

Clients are optimized for whatever their program is doing which is NOT DNS.

14

What is a domain?

A domain technical collection of DNS records in the same dot separated component of the DNS tree.

Every dot boundary separates domains.

A domain is a technical construct.

15

What is a sub-domain?

A sub-domain is a domain which is a child of a parent domain.

16

What is a parent domain?

A parent domain which has one or more child sub-domains.

17

What is a zone?

A zone is an administrative collection of DNS records which contains at least one domain and may contain multiple sub-domains.

Zones can span dot boundaries.

A zone is a human construct.

Humans decide which dot boundary separate zones.

Frequently domains are zones, particularly on the Big Bad Internet. However when you get inside of organizations, there may be many domains inside a single zone. This is because different entities control the different components.

You could compare a zone to a mounted file system and a domain to a (sub)directory therein.

18

What is a top level domain?

The first visible / right most domain component.

19

What is the invisible domain component?

The root zone is described as having a null / invisible domain component.

The root zone is used as an anchor to terminate the DNS hierarchy.

The proper way to write an FQDN in DNS sense is; "www.sluug.org." with the trailing period.

You could stylize the same record as "www.sluug.org.(root)".

Often the trailing period is omitted outside of DNS specific discussions.

The "(root)" is a representation of the root zone / domain. -- "org.(root)" is a representation of the org top level zone / domain. -- "sluug.org.(root)" is a representation of the SLUUG.org zone / domain. -- "www.sluug.org.(root)" is a representation of the FQDN inside of the SLUUG.org zone / domain?

20

What makes "www.sluug.org.(root)" a record inside of the SLUUG.org zone / domain instead of it's own zone / domain?

The simple fact that the SLUUG administrators haven't delegated it.

Yes, how records are used influences if something is a sub-domain or the start of a new zone. ;-)

21

What is the root zone?

The root zone is the parent zone that all other zones are delegated from.

22

What is delegation?

Delegation is the process a parent domain / zone uses to point to a child / sub-domain that is in a separate zone.

23

What is a Public Suffix?

How does a PS differ from a TLD?

A Public Suffix is sort of like a top level domain (TLD) in the general Internet sense and not in the strictly technical DNS sense. This has to do more with administrative boundaries and is most often seen in the web in the form of the Public Suffix List (a list of public suffixes) and used to inform behaviors around organizational boundaries.

re-broach after zone vs domain minutia discussion