DNS (Domain Name System) resolves domain names to IP addresses

TLD (Top Level Domain)

• gTLD: .com, .net, .org, etc.
• ccTLD: .us, .ca, etc.

13 root DNS server clusters with over 1000 servers

FQDN (Fully Qualified Domain Name) - A complete and unambiguous domain name that specifies the exact location of a device or resource on the internet

• www.businesscompany.com
• east.businesscompany.com
• john.east.businesscompany.com

Primary and Secondary DNS Servers - Offer redundancy

• Primary - contains all zone info for a domain. Changes and updates are made to the primary server
• Secondary - zone info is read-only. Zone transfers are pushed from the primary DNS server

Local name resolution - We can override the DNS server to resolve domain names locally. This is configured with a "hosts" file, containing a list of IP addresses and host names

DNS Forward Lookup - Type in domain name, DNS server returns IP

Reverse DNS - Type in IP address, DNS server returns FQDN

Authoritative DNS Server - The primary DNS server for a domain. It is the authority for an entire DNS zone

Non-authoritative server - Secondary DNS server or cache. Possibility to be outdated

• TTL - How long information will be cached

Recursive DNS queries - Recursively populate local DNS server to cache information

• Large cache improves speed

Recursive DNS Query Process

looking for "google.com"

1. Device queries local name server, result not found
2. Local name server queries root name server, .com name server returned
3. Local name server queries .com name server, google.com name server returned
4. Local name server queries google.com, IP address returned and cached

Securing DNS

DNSSEC (DNS Security Extensions)

• Responses from DNS servers are digitally signed to ensure authenticity

Encryption

• DNS over TLS (DoT)
• DNS over HTTPS (DoH)