DNS (Domain Name System)

• Resolves human readable domain names into machine-usable IP addresses through a distributed, hierarchical database system
• Eliminates need for maintaining local host.txt files and memorizing IP addresses
• Provides structured delegation of domain management across multiple authoritative servers
• The DNS namespace is a directory tree structure, read from right to left

DNS Hierarchy Structure

• Root Level (.) - Top of DNS tree, managed by root nameservers (13 worldwide clusters)
• Top-Level Domains (TLD) - Generic (.com, .org, .net) or Country Code (.us, .uk, .ca)
• Second-Level Domains - Organization-specific (cisco.com, google.com)
• Subdomains - Department or service-specific (www.cisco.com, mail.cisco.com)

DNS Record Types

DNS Server Types

• Authoritative Servers - Hold actual DNS records for domains they manage
• Recursive Resolvers - Query other servers on behalf of clients, cache responses
• Forwarders - Forward queries to specific DNS servers instead of performing recursion
• Root Servers - Respond with TLD server information (13 logical servers)

Vocabulary

• TTL (Time To Live) - Specifies how long records can be cached
• Negative Caching - Caches NXDOMAIN responses to prevent repeated queries
• Cache Poisoning - Security concern where malicious data is inserted into DNS cache

Notes

• DNS uses UDP port 53 for queries, TCP port 53 for zone transfers
• Configure multiple DNS servers for redundancy
• Use nslookup or dig commands for DNS troubleshooting
• Always implement redundant DNS servers in production networks
• Consider DNS security extensions (DNSSEC) for cryptographic authentication