Home
Main website
Display Sidebar
Hide Ads
Recent Changes
View Source:
DNS
Edit
PageHistory
Diff
Info
LikePages
An [Acronym] for __D__omain __N__ame __S__ervice. The glue that binds the InterNet together -- the [Protocol] that takes you from typing <tt>www.JRandomWebsite.com</tt> into your web browser to the InternetProtocol address of the site which would look something like <tt>123.45.67.89</tt> so that: * You can remember <tt>www.amd.com</tt> instead of <tt>64.41.192.105</tt> * They can change the name to point somewhere else if they need to (if something like the CodeRedBungle happens). [DNS] does more than just that (a ForwardLookup) though -- there are different types of ResourceRecord~s. It is usually provided by a program called named(8) -- commonly a version of bind, the Berkeley Internet Name Daemon. ----- This is pasted here from a conversation on IRC because this information is important but I don't have time to sit down and write it up as a nice paragraph, it should also have it's facts verified: <verbatim> <Isomer> people set up dns so that replies don't come from the same ip sometimes <quantum_> i wonder about this: client c sends a resquest to s1 <quantum_> which forwards the request to s2 <quantum_> but using a wierd packet so the reply goes right back to c <quantum_> bypassing s1 completely <Isomer> that doesn't happen <Isomer> it's more when you have a machine <Isomer> h1 <Isomer> with two interfaces i1 and i2 <quantum_> (which is just stupid, because then s1 cant cache) <Isomer> which have one unique IP each <Isomer> now the default route goes out i1 <Isomer> but i2 is the IP in DNS as the nameserver <Isomer> you send a query to i2, but when h1 creates a new packet and sends it <Isomer> the OS attaches i1 as the source address instead of i2 <Isomer> because it uses the IP of the interface that the packet leaves from <Isomer> see? <Isomer> this can't be easily fixed either, coz if you use the IP of i1 <Isomer> then people on i2 have the same issue <Isomer> bind fixes this by opening one port per interface <Isomer> hence why you see lots of :53's for bind <Isomer> but it can't bind to new port 53's when you bring up another interface after it's started and has dropped privileges <quantum_> ah <Isomer> so yeah <Isomer> I should wiki this <quantum_> yes <quantum_> because many things were just made clear <Isomer> which is why so many things have cone nat's <Isomer> because if they were restrictive nats <quantum_> all because recv() can tell you who sent the packet <Isomer> then you can't query some dns servers <quantum_> but not where it arrived in the machine. <Isomer> thats not the problem <Isomer> the problem is sending a packet with a specific source address <quantum_> im sure ive seen log messages about bind discovering new interfaces <quantum_> so they could leave a suid root child which communicates to its parent over unix domain socket <quantum_> to pass file descs <quantum_> and does nothing else, so is (hopefully) mostly secure <Isomer> you run bind as root? <quantum_> (maybe they do this, i dont admin any bind nameservers, nor have looked at the source) </verbatim> ---- More crud, from the deleted page about the A6 ResourceRecord: I tried setting this up at home - debian woody, bind9. I could do host -t A6 $domain fine, and host -t A6 $host.$domain worked too, although it returned the fragment for the host and the domain name as part of the record - not what its supposed to do. Glibc under debian woody doesn't appear to support it, and its listed as a bug as of June 15 2003, tagged 'wishlist'. Pity too, as A6 addressing makes a LOT of sense for dynamic IP. I had: <verbatim> $ORIGIN element.tla. test 10 IN A6 0 2002:6to4:prefix:: $ORIGIN test.element.tla. helium 10 IN A6 0 ::1 test.element.tla. </verbatim> which is how I interpreted the bind9 docs on setting up A6 addressing. If i'm doing this wrong let me know. -- DanielLawson ''Some name servers (bind9?) support <tt>A6</tt> -> <tt>AAAA</tt> translations, can this be enabled?'' ''I can find no mention of this. Bind9 supports A6 addresses in full, which are essentially identical to AAAA addresses, but thats not what I want'' ---- !NZ Zone Push Times Added here for lack of ideas about a better page to put it on. Currently the .nz zone push occurs every hour on the hour. ---- See also: * NameServer * NamedNotes * [DNSHowto] * RFC:1034 (Domain Names -- Concepts and Facilities) * RFC:1035 (Domain Names -- Implementations and Specification) * [ICANN] ---- Part of CategoryDns, CategoryNetworking and CategoryProtocols
81 pages link to
DNS
:
NetworkStack
SRV
ResourceRecord
MetaNetToDo
AdministrativeTools
HostName
Squid
ifconfigd
NS
SMTPBestPractices
SPF
RBL
Hesiod
CC
InNeedOfRefactor
KeyServer
DHCP
NetworkAdministrator
CategoryDns
TTL
DomainController
NewZealandLinuxMirrors
RR
DonStokes
LdapSystemAdministrationReview
RouterAdvertisements
RoundRobin
LinuxServer
AFSNotes
OpportunisticEncryption
MetaNetConfiguration
AptNotes
SendmailNotes
GSLB
ICANN
DNSHowto
CodeRedBungle
RootNameServer
xtraceroute(1)
LinuxRouterBox
ReverseLookup
AXFR
SCO
M11
MacSambaNotes
AAAAvsA6
MessageWall
SSHErrors
Delegation
TCP/IP
E164.org
ForwardLookup
AnyCast
ThingsToDoWithYourLinuxBox
InterNet
ZoneTransfer
AsteriskNotes
ZoneFile
MailExchanger
IPv6
DomainName
DNSSEC
TLD
BIND
LOC
TransparentProxy
IspFlames
NameServer
WPAD
TinyDns
DNSBestPractices
BindVsTinyDNS
AsteriskItalkSetup
IHUG
TroubleshootingStartUp
AppleTalk
AdvancedUserTips
ISP
WlugBladeServer
EximNotes
NTPServers
