DevOps Journey

DNS

Domain Name System

DNS

Domain Name System translates human-readable domain names into IP addresses.

How DNS Works

Resolution Process

1. User enters URL: www.example.com
2. Browser queries recursive resolver (ISP DNS)
3. Resolver queries root nameserver
4. Root returns TLD nameserver address
5. Resolver queries TLD nameserver
6. TLD returns authoritative nameserver
7. Resolver queries authoritative nameserver
8. Authoritative returns IP address
9. Resolver returns IP to browser
10. Browser connects to IP address

DNS Record Types

A Record

Maps domain to IPv4 address

www.example.com A 192.168.1.1

AAAA Record

Maps domain to IPv6 address

www.example.com AAAA 2001:db8::1

CNAME Record

Canonical name (alias)

blog.example.com CNAME example.com

MX Record

Mail exchange (email routing)

example.com MX 10 mail.example.com

DNS Tools

# Query DNS
nslookup example.com
dig example.com
host example.com

# Query specific record
dig example.com A
dig example.com MX

# Reverse lookup
dig -x 8.8.8.8

# Trace DNS resolution
dig +trace example.com

DNS Ports

Port 53/UDP - DNS queries (default)
Port 53/TCP - Large responses, zone transfers

Public DNS Servers

Google: 8.8.8.8, 8.8.4.4
Cloudflare: 1.1.1.1, 1.0.0.1
Quad9: 9.9.9.9

DNS Security

DNSSEC (DNS Security Extensions)

  • Cryptographic signing of DNS records
  • Prevents DNS spoofing

DNS Filtering

  • Block malware domains
  • Ad blocking

Best Practices

  • Use reliable DNS servers
  • Monitor DNS query performance
  • Implement DNSSEC
  • Cache DNS responses
  • Use multiple DNS servers
  • Monitor DNS logs
  • Keep DNS software updated

UDP

User Datagram Protocol

HTTP/HTTPS

HyperText Transfer Protocol

On this page

DNSHow DNS WorksResolution ProcessDNS Record TypesA RecordAAAA RecordCNAME RecordMX RecordDNS ToolsDNS PortsPublic DNS ServersDNS SecurityDNSSEC (DNS Security Extensions)DNS FilteringBest Practices