DNS: Difference between revisions
→Fields
(→Zone) |
(→Fields) |
||
| (6 intermediate revisions by the same user not shown) | |||
Line 30:
*Therefore DNS ALG is used to close the DNS session on getting a reply message.
*If DNS ALG is disabled, the session table may fill in a short time.
; DNS Flow
{{UC}}
= DNS Headers =
Line 77 ⟶ 80:
* TC - Truncation Flag
When set to 1, indicates that the message was truncated due to its length being longer than the maximum permitted for the type of transport mechanism used.
TCP doesn't have a length limit for messages, while UDP messages are limited to 512 bytes
So this bit being sent usually is an indication that the message was sent using UDP and was too long to fit.
The client may need to establish a TCP session to get the full message.
On the other hand, if the portion truncated was part of the Additional section, it may choose not to bother.
Line 152 ⟶ 156:
Windows Internet Naming Service (WINS)
WINS Reverse Look up (WINSR)
Source: [https://www.cisco.com/c/en/us/support/docs/ip/domain-name-system-dns/12684-dns-resource.html cisco.com]
;SOA Record Data Fields
DOMAIN.NAME
IN
SOA
Hostname.Domain.Name
Mailbox.Domain.Name
Serial number
Refresh
Retry
Expire
TTL
= DNS Record Types =
A Address record Returns a 32-bit IPv4 address,▼
AAAA IPv6 address record ▼
CNAME Canonical name record Alias of one name to another, DNS lookup will continue by retrying the lookup with the new name.▼
LOC Location record Specifies a geographical location associated with a domain name▼
MX Mail exchange record Maps a domain name to a list of message transfer agents for that domain▼
NS Name server record Delegates a DNS zone to use the given authoritative name servers▼
PTR Pointer record Pointer to a canonical name. Unlike a CNAME, DNS processing stops and just the name is returned. The most common use is for implementing reverse ▼
DNS lookups.▼
SOA Start of [a zone of] authority record Specifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial▼
number,etc▼
SRV Service locator Generalized service location record, used for newer protocols instead of creating protocol-specific records such as MX.▼
TXT Text record Originally for arbitrary human-readable text in a DNS record. Now more often carries machine-readable data, opportunistic encryption, Sender Policy▼
Framework, etc.▼
* All cached records Returns all cached records of all types known to the name server. If the name server does not have any information on the name, the request will be ▼
forwarded on.▼
AXFR Authoritative Zone Transfer Transfer entire zone file from the master name server to secondary name servers.▼
IXFR Incremental Zone Transfer Requests a zone transfer of the given zone but only differences from a previous serial number.▼
<br />▼
= Authoritative Nameserver = ▼
A recursive resolver would be a DNS server that queries an authoritative nameserver to resolve a domain/
If I have a DNS server in my network that holds an A record for foobar.com, my DNS server would be authoritative for the foobar.com domain.▼
If clients needed to access foobar.com, they could query my DNS server and they would get an authoritative response.▼
= Zone =
Line 247 ⟶ 295:
<br />
▲= DNS Record Types =
▲ A Address record Returns a 32-bit IPv4 address,
▲ AAAA IPv6 address record
▲ CNAME Canonical name record Alias of one name to another, DNS lookup will continue by retrying the lookup with the new name.
▲ LOC Location record Specifies a geographical location associated with a domain name
▲ MX Mail exchange record Maps a domain name to a list of message transfer agents for that domain
▲ NS Name server record Delegates a DNS zone to use the given authoritative name servers
▲ PTR Pointer record Pointer to a canonical name. Unlike a CNAME, DNS processing stops and just the name is returned. The most common use is for implementing reverse
▲ DNS lookups.
▲ SOA Start of [a zone of] authority record Specifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial
▲ number,etc
▲ SRV Service locator Generalized service location record, used for newer protocols instead of creating protocol-specific records such as MX.
▲ TXT Text record Originally for arbitrary human-readable text in a DNS record. Now more often carries machine-readable data, opportunistic encryption, Sender Policy
▲ Framework, etc.
▲ * All cached records Returns all cached records of all types known to the name server. If the name server does not have any information on the name, the request will be
▲ forwarded on.
▲ AXFR Authoritative Zone Transfer Transfer entire zone file from the master name server to secondary name servers.
▲ IXFR Incremental Zone Transfer Requests a zone transfer of the given zone but only differences from a previous serial number.
▲<br />
▲= Authoritative Nameserver =
▲ An authoritative Nameserver is a nameserver (DNS Server) that holds the actual DNS records (A, CNAME, PTR, etc) for a particular domain/ address.
▲ A recursive resolver would be a DNS server that queries an authoritative nameserver to resolve a domain/ address.
▲ If I have a DNS server in my network that holds an A record for foobar.com, my DNS server would be authoritative for the foobar.com domain.
▲ If clients needed to access foobar.com, they could query my DNS server and they would get an authoritative response.
= DNSSEC =
| |||