{"id":7742,"date":"2019-01-10T00:48:12","date_gmt":"2019-01-10T00:48:12","guid":{"rendered":"https:\/\/www.appservgrid.com\/paw92\/?p=7742"},"modified":"2019-01-12T09:40:17","modified_gmt":"2019-01-12T09:40:17","slug":"dns-domain-name-service-a-detailed-high-level-overview-linux-com","status":"publish","type":"post","link":"https:\/\/www.appservgrid.com\/paw92\/index.php\/2019\/01\/10\/dns-domain-name-service-a-detailed-high-level-overview-linux-com\/","title":{"rendered":"DNS (Domain Name Service): A Detailed, High-level Overview | Linux.com"},"content":{"rendered":"<h1 class=\"entry-title\"><a href=\"https:\/\/hyperonomy.com\/2019\/01\/02\/dns-domain-name-service-a-detailed-high-level-overview\/\" rel=\"bookmark\">DNS (Domain Name Service): A Detailed, High-level\u00a0Overview<\/a><\/h1>\n<div class=\"entry entry-content\">\n<p>How\u2019s that for a\u00a0<a href=\"https:\/\/hyperonomy.com\/2018\/12\/18\/definition-confuding\/\" target=\"_blank\" rel=\"noopener\">confuding\u00a0<\/a>title?\u00a0 In a recent email discussion, a colleague compared the\u00a0<a href=\"https:\/\/hyperonomy.com\/2018\/12\/21\/decentralized-identifiers-dids-architecture-reference-model-arm\/\" target=\"_blank\" rel=\"noopener\">Decentralized Identifier<\/a>\u00a0framework to\u00a0<a href=\"https:\/\/en.wikipedia.org\/wiki\/Domain_Name_System\" target=\"_blank\" rel=\"noopener\">DNS\u00a0<\/a>\u2026suggesting they were similar.\u00a0 I cautiously tended to agree but felt I had an overly simplistic understanding of DNS at a protocol level.\u00a0 That email discussion led me to learn more about the deeper details of how DNS actually works \u2013 and hence, this article.<\/p>\n<p>On the surface, I think most people understand DNS to be a service that you can pass a domain name to and have it resolved to an IP address (in the familiar nnn.ooo.ppp.qqq format).<\/p>\n<blockquote><p>domain name =&gt; nnn.ooo.ppp.qqq<\/p><\/blockquote>\n<p>Examples:<\/p>\n<ol>\n<li>If you click on\u00a0<a href=\"https:\/\/dns.google.com\/query?name=microsoft.com&amp;type=A&amp;dnssec=true\" target=\"_blank\" rel=\"noopener\">Google DNS Query for microsoft.com<\/a>, you\u2019ll get a list of IP addresses associated with the Microsoft\u2019s corporate domain name\u00a0<a href=\"http:\/\/microsoft.com\/\" target=\"_blank\" rel=\"noopener\">microsoft.com<\/a>.<\/li>\n<li>If you click on\u00a0<a href=\"https:\/\/dns.google.com\/query?name=www.microsoft.com&amp;type=A&amp;dnssec=true\" target=\"_blank\" rel=\"noopener\">Google DNS Query for www.microsoft.com<\/a>, you\u2019ll get a list of IP addresses associated with the Microsoft\u2019s corporate web site\u00a0<a href=\"https:\/\/www.microsoft.com\/\" target=\"_blank\" rel=\"noopener\">www.microsoft.com<\/a>.<\/li>\n<\/ol>\n<p>NOTE: The Google DNS Query page returns the DNS results in JSON format. This isn\u2019t particular or specific to DNS. It\u2019s just how the Google DNS Query page chooses to format and display the query results.<\/p>\n<p>DNS is actually much more than a domain name to IP address mapping.\u00a0 Read on\u2026<\/p>\n<h2>DNS Resource Records<\/h2>\n<p>There is more to the DNS Service database than these simple (default) IP addresses.\u00a0 The DNS database stores and is able to return many different types of service-specific IP addresses for a particular domain.\u00a0 These are called DNS Resource Records. Here\u2019s a partial list from\u00a0<a href=\"http:\/\/dns-record-viewer.online-domain-tools.com\/\" target=\"_blank\" rel=\"noopener\">http:\/\/dns-record-viewer.online-domain-tools.com<\/a>:<\/p>\n<ul>\n<li><a class=\"rfc-help\" title=\"RFC link: rfc1035#page-12\" href=\"http:\/\/tools.ietf.org\/html\/rfc1035#page-12\" data-rfc=\"rfc1035#page-12\">Address Mapping records<\/a>\u00a0(A) \u2013 the default\/common type (see the previous Examples)<\/li>\n<li><a class=\"rfc-help\" title=\"RFC link: rfc3596#page-3\" href=\"http:\/\/tools.ietf.org\/html\/rfc3596#page-3\" data-rfc=\"rfc3596#page-3\">IP Version 6 Address records<\/a>\u00a0(AAAA) \u2013 newer version of the above<\/li>\n<li><a class=\"rfc-help\" title=\"RFC link: rfc1035#page-14\" href=\"http:\/\/tools.ietf.org\/html\/rfc1035#page-14\" data-rfc=\"rfc1035#page-14\">Canonical Name records<\/a>\u00a0(CNAME)<\/li>\n<li><a class=\"rfc-help\" title=\"RFC link: rfc1035#section-3.3.9\" href=\"http:\/\/tools.ietf.org\/html\/rfc1035#section-3.3.9\" data-rfc=\"rfc1035#section-3.3.9\">Mail exchanger record<\/a>\u00a0(MX) \u2013 mail server IP address<\/li>\n<li><a class=\"rfc-help\" title=\"RFC link: rfc1035#section-3.3.11\" href=\"http:\/\/tools.ietf.org\/html\/rfc1035#section-3.3.11\" data-rfc=\"rfc1035#section-3.3.11\">Name Server records<\/a>\u00a0(NS) \u2013 authoritative DNS server for this domain<\/li>\n<li><a class=\"rfc-help\" title=\"RFC link: rfc1035#section-3.3.12\" href=\"http:\/\/tools.ietf.org\/html\/rfc1035#section-3.3.12\" data-rfc=\"rfc1035#section-3.3.12\">Reverse-lookup Pointer records<\/a>\u00a0(PTR)<\/li>\n<li><a class=\"rfc-help\" title=\"RFC link: rfc1035#section-3.3.13\" href=\"http:\/\/tools.ietf.org\/html\/rfc1035#section-3.3.13\" data-rfc=\"rfc1035#section-3.3.13\">Start of Authority records<\/a>\u00a0(SOA)<\/li>\n<li><a class=\"rfc-help\" title=\"RFC link: rfc1035#section-3.3.14\" href=\"http:\/\/tools.ietf.org\/html\/rfc1035#section-3.3.14\" data-rfc=\"rfc1035#section-3.3.14\">Text records<\/a>\u00a0(TXT)<\/li>\n<\/ul>\n<p>Most APIs only support the retrieval of one Resource Record type at a time (which may return multiple IP addresses of that type). Some APIs default to returning A records; while some APIs will only return A records. Caveat emptor.<\/p>\n<p>To see a complete set of DNS Resource Records for microsoft.com, click on\u00a0<a href=\"https:\/\/dnsquery.org\/dnsquery\/microsoft.com\/ANY\" target=\"_blank\" rel=\"noopener\">DNSQuery.org query results for microsoft.com<\/a>\u00a0and scroll down to the bottom of the results page \u2026to see the complete response (aka authoritative result). It will look something like this:<\/p>\n<p><a href=\"https:\/\/hyperonomy.files.wordpress.com\/2019\/01\/DNSQUery-org1.png\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" class=\" size-full wp-image-4164 aligncenter\" src=\"https:\/\/hyperonomy.files.wordpress.com\/2019\/01\/DNSQUery-org1.png?w=500\" sizes=\"(max-width: 500px) 100vw, 500px\" srcset=\"https:\/\/hyperonomy.files.wordpress.com\/2019\/01\/DNSQUery-org1.png?w=500 500w, https:\/\/hyperonomy.files.wordpress.com\/2019\/01\/DNSQUery-org1.png?w=150 150w, https:\/\/hyperonomy.files.wordpress.com\/2019\/01\/DNSQUery-org1.png?w=300 300w, https:\/\/hyperonomy.files.wordpress.com\/2019\/01\/DNSQUery-org1.png 598w\" alt=\"DNSQUery-org1\" data-attachment-id=\"4164\" data-permalink=\"https:\/\/hyperonomy.com\/2019\/01\/02\/dns-domain-name-service-a-detailed-high-level-overview\/dnsquery-org1\/\" data-orig-file=\"https:\/\/hyperonomy.files.wordpress.com\/2019\/01\/DNSQUery-org1.png?w=500\" data-orig-size=\"598,386\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"DNSQUery-org1\" data-image-description=\"\" data-medium-file=\"https:\/\/hyperonomy.files.wordpress.com\/2019\/01\/DNSQUery-org1.png?w=500?w=300\" data-large-file=\"https:\/\/hyperonomy.files.wordpress.com\/2019\/01\/DNSQUery-org1.png?w=500?w=500\" \/><\/a><\/p>\n<p>Figure 1. DNS Resource Records for microsoft.com: Authoritative Result<\/p>\n<p>NOTE: The Resource Record type is listed in the fourth column: TXT, SOA, NS, MX, A, AAAA, etc.<\/p>\n<h2>DNS Protocol<\/h2>\n<p>The most interesting new information\/learnings is about the DNS protocol.\u00a0 It\u2019s request\/response \u2026nothing new here.\u00a0 It\u2019s entirely binary \u2026to be expected given its age and the state of technology at that time. Given how frequently DNS is used by every computer on the planet, the efficientcy of a binary protocol also makes sense. The\u00a0<a title=\"\" href=\"https:\/\/en.wikipedia.org\/wiki\/Internet_Engineering_Task_Force\">IETF<\/a>\u00a0published the original specifications in\u00a0<a class=\"external mw-magiclink-rfc\" href=\"https:\/\/tools.ietf.org\/html\/rfc882\" rel=\"nofollow\">RFC 882<\/a>\u00a0and\u00a0<a class=\"external mw-magiclink-rfc\" href=\"https:\/\/tools.ietf.org\/html\/rfc883\" rel=\"nofollow\">RFC 883<\/a>\u00a0in November 1983.<\/p>\n<p>The new part (for me) is that an API typically doesn\u2019t \u201cdownload\u201d the entire authoritative set of DNS Resource Records all at once for a particular domain, the most common API approach is to request the list of IP addresses (or relevant data) for a particular Resource Record type for a particular domain.<\/p>\n<p>The format of a sample DNS request is illustrated in the following figure:<\/p>\n<p><a href=\"https:\/\/hyperonomy.files.wordpress.com\/2019\/01\/messages-request.gif\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" class=\" size-full wp-image-4168 aligncenter\" src=\"https:\/\/hyperonomy.files.wordpress.com\/2019\/01\/messages-request.gif?w=500\" alt=\"messages-request\" data-attachment-id=\"4168\" data-permalink=\"https:\/\/hyperonomy.com\/2019\/01\/02\/dns-domain-name-service-a-detailed-high-level-overview\/messages-request\/\" data-orig-file=\"https:\/\/hyperonomy.files.wordpress.com\/2019\/01\/messages-request.gif?w=500\" data-orig-size=\"600,215\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"messages-request\" data-image-description=\"\" data-medium-file=\"https:\/\/hyperonomy.files.wordpress.com\/2019\/01\/messages-request.gif?w=500?w=300\" data-large-file=\"https:\/\/hyperonomy.files.wordpress.com\/2019\/01\/messages-request.gif?w=500?w=500\" \/><\/a>Figure 2. Sample DNS Request [<a href=\"https:\/\/www.codeproject.com\/Articles\/12072\/%2fArticles%2f12072%2fC-NET-DNS-query-component\" target=\"_blank\" rel=\"noopener\">CODEPROJECT<\/a>]<\/p>\n<p>It\u2019s binary. The QTYPE (purple cells on the right side) defines the type of query. In this case 0x0F is a request for an MX record; hence, this is a request for the data that describes microsoft.com\u2019s external email server interface.<\/p>\n<p>NOTE: The \u201crelevant data\u201d isn\u2019t always an IP address or a list of IP addresses. For example, response may include another domain name, subdomain name, or, in some cases, simply some unstructured text (as far as the DNS specification is concerned).<\/p>\n<p>Here is a typical response for the above sample request:<\/p>\n<p><a href=\"https:\/\/hyperonomy.files.wordpress.com\/2019\/01\/messages-response.gif\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" class=\" size-full wp-image-4169 aligncenter\" src=\"https:\/\/hyperonomy.files.wordpress.com\/2019\/01\/messages-response.gif?w=500\" alt=\"messages-response\" data-attachment-id=\"4169\" data-permalink=\"https:\/\/hyperonomy.com\/2019\/01\/02\/dns-domain-name-service-a-detailed-high-level-overview\/messages-response\/\" data-orig-file=\"https:\/\/hyperonomy.files.wordpress.com\/2019\/01\/messages-response.gif?w=500\" data-orig-size=\"600,362\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"messages-response\" data-image-description=\"\" data-medium-file=\"https:\/\/hyperonomy.files.wordpress.com\/2019\/01\/messages-response.gif?w=500?w=300\" data-large-file=\"https:\/\/hyperonomy.files.wordpress.com\/2019\/01\/messages-response.gif?w=500?w=500\" \/><\/a>Figure 3. Sample DNS Response [<a href=\"https:\/\/www.codeproject.com\/Articles\/12072\/%2fArticles%2f12072%2fC-NET-DNS-query-component\" target=\"_blank\" rel=\"noopener\">CODEPROJECT<\/a>]<\/p>\n<p>The response in turn is also binary. In this case, DNS has responded with 3 answers; that is, 3 subdomain names: mailc, maila, and mailb \u2013 each with a numerical preference (weight).<\/p>\n<p>The ANY Resource Record Type<\/p>\n<p>There is also a \u201cmeta\u201d Resource Record Type called ANY that, as you might guess, requests a collection of all of the different Resource Record type records.\u00a0 This is illustrated in Figure 1 above.<\/p>\n<\/div>\n<p><a href=\"https:\/\/www.linux.com\/learn\/dns-domain-name-service-detailed-high-level-overview\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>DNS (Domain Name Service): A Detailed, High-level\u00a0Overview How\u2019s that for a\u00a0confuding\u00a0title?\u00a0 In a recent email discussion, a colleague compared the\u00a0Decentralized Identifier\u00a0framework to\u00a0DNS\u00a0\u2026suggesting they were similar.\u00a0 I cautiously tended to agree but felt I had an overly simplistic understanding of DNS at a protocol level.\u00a0 That email discussion led me to learn more about the deeper &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/www.appservgrid.com\/paw92\/index.php\/2019\/01\/10\/dns-domain-name-service-a-detailed-high-level-overview-linux-com\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;DNS (Domain Name Service): A Detailed, High-level Overview | Linux.com&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-7742","post","type-post","status-publish","format-standard","hentry","category-linux"],"_links":{"self":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts\/7742","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/comments?post=7742"}],"version-history":[{"count":1,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts\/7742\/revisions"}],"predecessor-version":[{"id":7978,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts\/7742\/revisions\/7978"}],"wp:attachment":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/media?parent=7742"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/categories?post=7742"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/tags?post=7742"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}