I am curious, I am analyzing the DNS section for the website imgur.com. My doubt is that when I run "dig imgur.com" dig only returns an IP address, if I run again the same command dig returns another IP address or sometimes the same.
Another question:
By using dig www.imgur.com get a CNAME to another domain, is this normal?, Can someone explain to me?
Thanks
You should check Round-robin DNS.
Round Robin DNS is a technique of load distribution, load balancing,
or fault-tolerance provisioning multiple, redundant Internet Protocol
service hosts, e.g., Web server, FTP servers, by managing the Domain
Name System's (DNS) responses to address requests from client
computers according to an appropriate statistical model.
In its simplest implementation, Round-robin DNS works by responding to
DNS requests not only with a single potential IP address, but with one
out of a list of potential IP addresses corresponding to several
servers that host identical services. The order in which IP addresses
from the list are returned is the basis for the term round robin. With
each DNS response, the IP address sequence in the list is permuted.
Usually, basic IP clients attempt connections with the first address
returned from a DNS query, so that on different connection attempts,
clients would receive service from different providers, thus
distributing the overall load among servers.
Related
I understand that local DNS servers do some caching, which can help reduce traffic in root/TLD/authoritative DNS servers. However, I do not understand why the final hosts can't ask for addresses themselves, instead of through local DNS servers. Hosts could also do the caching themselves, which loses somewhat in terms of saving network traffic, but increases privacy.
Is some kind of clearance or other technical requirement needed to request addresses to a DNS server? (e.g., to request addresses to root servers)
Or is it just customary for us to request records through a local DNS server, and we could do it directly if we wanted to? (by running DNS in our own computer)
My understanding is that when querying a domain's DNS records, the response can vary depending on the client's IP address. Is there a simple way to obtain all DNS records for all possible IP addresses?
You can not.
The response can vary on many factors.
You can not from remote discover the business policies of a nameserver, or in fact any server. It can decide to reply 192.0.2.1 for odd hours and 192.0.2.11 for even ones, or any other non trivial business rule.
A more realistic one: there can be a service on 3 IP addresses. A nameserver may be programmed to reply with the IP address of the box being currently less loaded. Hence you will never be able to see those details remotely.
My problem is how can i manage my servers in different ips using just using one domain and same name such as google Have many servers but using just one domain like gmail , youtube and cloud .
How can i make it happen
This is done by adding in front of all the servers load balance. And assign the domain to this LB.
Also you can add resolve to the same hostname as many IP addresses. (try to exec nslookup google.com and you will see)
For loadbalancing mail servers you can play with weight parameter in MX records in DNS
I've only recently begun scratching the surface of hosting my own DNS, but I'm looking to do so in the hopes that I can facilitate my own reverse lookups.
My idea being that if I can manage my own DNS, I can give it tables I've complied about IP / FQDN relations so I can do a reverse lookups on dynamic ips (of which I know the FQDN of) without my ISP's support; I'd pair the return of something like an nslookup somewhere within my own hosted DNS then have that DNS server facilitate reverse DNS lookups for some programs that require the function (like for a CFEngine Hub)
Near as I can tell, the 'PRT' record is what I want to spoof; Right?
I'm wondering if there are better resources out in the wild to use. This and this are the best I've found about hosting DNS in this manner.
Any pitfalls I'm not seeing about trying to pursue this convoluted solution?
Reverse lookup requires the IP address owner to delegate reverse lookup DNS to you. Note that the owner here is not the DHCP recipient, but whoever assigns the IP address.
For a completely internal network, it would be possible to configure your own PTR records since you control the IP addresses being assigned.
On third party networks, the third party (who assigns IP addresses to you) would need to delegate reverse lookup for those IPs to you. In a dynamic IP situation, this delegation is unlikely because your IP comes out of a pool that is used for assigning IP addresses to many customers, not just you. Some ISPs allow allow programmatic access to configure reverse lookups, but this again seems unlikely for dynamic DNS for the same reason as delegation -- the addresses are part of pool assigned to any customer using it, not just you.
It might be possible to hack ("shadow"?) it by requiring your users / clients to use your DNS server and populating "fake" (since you don't actually have ownership of the IPs) PTR records.
Article on reverse lookup sequence and info.
http://www.dnsstuff.com/reverse-dns-faq
A way around this might be to create your own tool for looking through your forward lookup table for a specific IP address. However, this would be a custom tool separate from the usual DNS lookup tools like nslookup and dig.
I have someone telling me that DNS servers only start responding after the whois record is updated to point at their DNS servers. Is this normal behaviour? Or should a DNS server respond before the whois record is updated?
Also, once the domain is active, (so either after the domain is added or after the whois record is update, depending on the answer to the above question) how long till the name servers should start responding?
I'm not referring to the time that it takes to propagate acorss the internet, but just the time on the name server for the domain. I am also not concerned with when the rest of the internet sees the change, only wondering when that DNS server should respond when using a command such as:
nslookup www.example.com ns1.dnsserver.com
For the DNS servers to be found what you call the whois record must know where to find them.
Stricly speaking, the whois record contains much more than just the DNS servers for a domain, but let's not nitpick.
Say your DesktopA needs to connect to example.com, the following servers will be contacted, assuming the answer wasn't already cached by your ISP's DNS or the local machine.
DesktopA has DNS settings pointing to the ISP, so DektopA will ask the ISP's DNS servers if they know where example.com. is located (its IP).
ISP DNS server doesn't know, so it will contact the root domain database for com. (all Fully Qualified Domain Names end in a ., even though we generally don't use it explicitly, but you can try insert it in web requests, it should work fine).
This bootstrap list of global root servers is usually updated by the OS regularly.
The root servers will know which Top Level Domain TLD server to contact for each global domain such as .com, .org, .uk, etc.
In our example, the ISP will ask the root which server to query for com domains.
The root server answers with the IP address of one of the the .COM TLD servers.
The ISP DNS server will now contact the .COM TLD server and ask it where to find EXAMPLE.
The .COM database record for example.com will contain the 2 (or more) DNS servers registered along with the domain name example.com. These are part of your whois record.
The ISP now has the IP addresses of the DNS servers for example.com as setup in the whois. It will query the first one (or the second one if the first isn't available) and ask it: what's the IP of 'example.com'?
The DNS server for example.com will look in its records and return the A record defined for the example.com domain as IP 1.2.3.4 for instance.
Your ISP's DNS server will cache this information for a predetermined amount of time (TTL) and return the IP 1.2.3.4 to DesktopA.
Desktop A can now contact the server for example.com directly by its IP.
DesktopA may cache this information for a little while for fast lookup.
Tis would be the same for subdomains such as www.example.com or john.people.example.com. Everything before the domain example.com must be declared in your DNS server so when someone query for their address, your DNS server for example.com can look up the definitions and answer them (it could very well pass them on to another server as well if necessary).
In conclusion
So, to go back to your question, your whois record must be set with the proper DNS records for your domain before anyone can access them using that domain name.
DNS Servers operate completely separate from the Whois server. The relation of how fast DNS is updated after Whois depends completely on the registrar. A registrar or web host may update DNS within a second or 2 of a customer making a change in the control panel, or it may take minutes or hours if they make updates in batch mode.
Ideally all DNS changes that a customer request should happen very quickly on the DNS server (within a few seconds), but as you note, there may be a delay until changes propagate across the internet.