DNS – Basics with dig – Part1


What is the domain name system (DNS)?

The unique address on the Internet, can be found on the server and calculator, is only the IP address: Bsp. IPv4 address: 13.1.5.128.

This address have the disadvantage, that she hard noticeably and only flat hierarchical structures.

To solve the problem the DNS addresses have been introduced (Domains), Example: www.Google.de.

These addresses are the IP addresses of the server mapped through domain server name. This means, If you type in the address www.google.de in the browser a DNS lookup request is executed first, determining the IP address. This may be the dig-Command under Ubuntu be traced.

The dig command on Ubuntu

dig  www.google.de

; <<>> DiG 9.8.1-P1 <<>> www.google.de
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59072
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.google.de.            IN    A

;; ANSWER SECTION:
www.google.de.        5    IN    A    173.194.47.87
www.google.de.        5    IN    A    173.194.47.88
www.google.de.        5    IN    A    173.194.47.95

;; Query time: 33 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Feb  6 01:56:54 2013
;; MSG SIZE  rcvd: 79

The interesting part of the response is:

www.google.de.        5    IN    A    173.194.47.87
www.google.de.        5    IN    A    173.194.47.88
www.google.de.        5    IN    A    173.194.47.95

This part States, that the domain www.google.de under 3 IP addresses can be reached: 173.194.47.87, 173.194.47.88 and 173.194.47.95.

That is to say, If you type the addresses in the browser, to get on the Web site Google.de: 173.194.47.87 (IP address has been changed by Google).

The A stands for IPv4 address. If you want to know the IPv6 address, can you extend the call parameter AAAA:

dig  www.google.de AAAA

...
;; ANSWER SECTION:
www.google.de.        5    IN    AAAA    2a00:1450:4013:c00::5e
...

The IN stands for Internet in contrast to the local network.

The 5 stands for time to live (TTL) -How long the query should be cached in ms.

The point behind google.de. stands for an absolute URL, d.h. This is in contrast to a relative URL to add behind it no longer.

CNAME

Interesting is also the call:

dig  www.abc.com
...
;; ANSWER SECTION:
www.abc.com.        5    IN    CNAME    abc.com.
abc.com.        5    IN    A    199.181.132.250
...

This tells a, that the domain under a different name is also available (Common name) and although abc.com and then lists the IP address of this domain.

More to dig there here.

DNS – Basics with dig – Part1

DNS name resolution with name servers - part 2

DNS - Bind9 nameserver configuration - part 3