In this moment, I am learning how the DNS and domains resolutions work and I have a question.
Let's take a.test.com for example.
As I understand it, first of all, the intermediary ISP DNS server is called. If it has the domain IP in cache, it returns it. Otherwise, it does consecutively these following tasks :
It calls a root DNS server which returns a com DNS server IP
It calls that top level DNS server which returns the test.com DNS server IP
It calls that DNS server to finally get a.test.com's IP
Is it correct ?
And now what does it happen when we resolve a.b.c.test.com ?
Does it call another DNS server or does the c.test.com's DNS server contain the a.b.c.test.com's IP ?
Thanks
Yes, you are pretty much correct. Nothing different will happen in next steps: c.test.com will respond with a referral to more authoritative server (the one for b.c.test.com), or if itself is authoritative then it will respond with an answer.
Related
I've been reading up a lot about DNS lately and have even searched on stack overflow for information, but I can't seem to find this. Please correct me if there's mistake along the way.
Assuming that I want to go to example.com. The way I understand how DNS works is that
It looks on the local client machine for a cached record. If the cache has the record, everything's good. If it doesn't, it moves to step 2.
Makes a request for the domain name to DNS resolver provided by Internet Service Provider (ISP).
If DNS resolver has the domain name record cache, the IP Address is returned and all is well. If it doesn't, it moves to step 4.
DNS resolver uses the DNS Root server hints file to request Root Servers to resolve the appropriate nameserver for Top Level Domain (TLD) (ie: .com, .net, .io).
The request then gets passed down to the TLD server, in this case, responsible for .com. TLD servers have records of nameservers that could resolve "example" called authoritative servers.
The authoritative server then has a record of "example" and returns the IP address to the ISP DNS resolver, who caches that record and returns it to the client who will also cache that record.
My question is lets assume I am typing in "example.ca", but the actual name should be example.com/ca since example.ca does not exist, how does DNS figure out that example.com/ca is the correct entry assuming that neither the local machine nor the ISP DNS resolver has this record cached?
There is no black magic, and it does not have anything to do with DNS: there is a webserver running on http(s)://netflix.ca, and all it does is serve a redirect to https://netflix.com/ca
I am having a bit of a head ache trying to setup my own HA solution with docker and nginx in the front acting as a load balancer.
They are actually configured by now. But as a fallback if the main node shuts down, I want to use another one since the nginx configuration for load balancing is replicated.
I thought that if I have two nodes, both set up with PowerDNS (alongside with nginx and docker), and I set those DNS servers to one of my domains, when a node shuts down, since the node is carrying the DNS server, subsequent requests will fetch the info from the other DNS server, in which the A record is configured to point to the local IP (and that way, points to the other load balancer).
Seems like I can't make that work.
Given that I have the following servers:
server_1 IP = 1.1.1.1
server_2 IP = 1.1.2.2
Each of them have a DNS server set up with PowerDNS (and fully functional, according to dig and other tests).
I got my domain DNS servers pointing to them:
ns1.example.com ---> 1.1.1.1
ns2.example.com ---> 1.1.2.2
ns1.example.com DNS server has:
example2.com A 1.1.1.1
ns2.example.com DNS server has:
example2.com A 1.1.2.2
So. Shouldn't example2.com point to 1.1.1.1/1.1.2.2 when both servers are running, but when the first server is not available, point to 1.1.2.2?
Well. When I shut down the first server and try, it gives me the IP of the first server instead of the second.
Even dig example2.com #ns2.example.com is giving me the IP defined in the A record for example2.com in the first DNS server.
Am I wrong, or there's something weird here?
I don't know where you got the idea that name servers are listed in some sort of priority order, but it's just plain wrong. All name servers authoritative for a zone are expected to have exactly the same content. Resolvers chose name servers to ask at random, to spread the load between them. Providing the authoritative servers with differing contents will only give the end users inconsistent results, not anything useful.
Also, you have forgotten that resolvers cache the answers they get. Even if DNS had worked as you thought (which is doesn't), it would have taken a resolver minutes or hours to notice the "failover".
For example, I've a server hosted at my home with 2 NICs for redundancy obviously.
NIC1 has been assigned with the public IP 103.204.82.22 from ISP1
NIC2 has been assigned with the public IP 144.110.12.64 from ISP2
I can access the server with both IP as usual.
Now, I have a domain acme.com. I've created a subdomain server.acme.com. I want to point server.acme.com to both the IPs so that in case one ISP fails to provide connectivity my server still remains online with the other one.
I've already tried with A and CNAME records. But it isn't working. It's working with A record if I use only one IP for the subdomain.
Can anyone tell me what and how can I point both the IPs to the single subdomain?
Thanks in advance
What you are describing is called DNS round robin, but that won't give you your expected outcome.
Anything you do with DNS if one ISP connection is down, traffic will still go there.
You may have your terminology mixed up a little to start with.
in this case, I suspect you really mean that server.acme.com is a host record, rather than a subdomain. (A subdomain would mean that the server address would be at servername.server.acme.com)
If you create an A record, and put both IP addresses in, and keep the TTL (time to live) short, then when a client wants to contact your machine it will randomly pick one of the addresses. If that address is unavailable, it will move on to the next. If that address stops working, it will keep trying it for the 'TTL' time.
Presuming that the IP addresses don't change, which would be a different problem altogether, then this provide basic load balancing and failover to both connections.
Amazon provide a more advanced type of DNS, that will actively monitor your connections and only provide responses that are live. - https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html
Short Question:
Is it possible that example.com points to an IP address, but example.com/something points to another IP?
More Details:
example.com was previously hosted with my client's host company. I have designed a new website for them and now host it myself (by pointing their IP to mine). They are now letting me know that there used to be a sub-directory where another application was hosted under. It would take me a while to re-install that application in the new host, I was just wondering if it'd be possible to serve any request to that sub-directory through the old host/IP.
That's not possible. Resolving the host (example.com) is a separate task (DNS query) from connecting to the http server (HTTP connection) that the host points to. None of the URL, except for the hostname, is queried via DNS so there is no way that DNS can be made to behave differently based on other parts of the URL as it doesn't see it.
A subdomain is part of the hostname and that's why www.example.com and www1.example.com can point to different addresses. If you need to have www.example.com/something go elsewhere, you'll need to use HTTP redirects.
Reading a lot about servers, load balancing and similar topics, a question came to mind.
DNS servers are servers which gives you the IP for a given domain name. Is there a "dictator" knowing all the valid DNS servers in the world? If I want to make a DNS server, and someone requests a website it doesn't have. How would it know which other DNS to redirect the request to? What if I tell facebook.com to have a spoof IP, and everyone getting the IP from my DNS server would be communicating with a spoof facebook server? Obviously, this isn't how it works (at least not at a big degree), because then someone would have done it already to attack hundreds of people.
When one registers a domain, one has to specify the name server for that domain. What happens during this process? Is a request sent to this DNS server to notify it there is a new domain to save in the database? If so, how can anyone own the top domains like .com? And why cannot I for example make my own top domain name if I can make my own DNS server?
After looking at nginx as a load balancing system, I'm starting to wonder a bit. Is it so that a request to http://www.google.com/ works like this? The computer asks a DNS server for the IP address for google.com, and then requests it? This will only be one IP, and all requests to Google ends up at this one server? And then this IP will be connected to a nginx server, or a more basic hardware unit to route the request internally to other servers? So all requests go to one server before it redirects the request to a data center?
After looking up google.com, it says the name servers are ns1.google.com etc.. But what is the point of them, if you need a different name server to get to ns1.google.com in the first place?
Obviously what I've written doesn't make sense, because if it were true, the web as a whole would be unusable because of people exploiting the possibilities for malicious causes. And I can't imagine how ONE server could handle ALL the requests thrown at google.com.
I've tried searching Google, but all I get is theoretical explanations that led me to where I am now. It would have been great if someone would point me to some articles that explain this thoroughly, and hopefully a lot of other people will find this question useful.
Anyone can run a DNS server, but the challenge is getting someone to use it. Normally the DNS server IP is provided as a DHCP option or is statically assigned. If you can get someone to use your server, you can return any IP for any hostname, including creating new top-level domains (subject to any filtering at the client, of course. Web browsers might have difficulty with a new TLD, for example). Note that with DNSSEC, this will eventually change, as the name record will be digitally signed and your server won't be able to fake the signature exactly.
DNS servers operate in a tree. When one server receives a request for a domain it does not control, it forwards the request on to another DNS server. The other DNS server may be the one which returns the IP (this is called the authoritative server), or it may return a NS record which points to another server which then must be queried. The DNS root servers provide for resolving TLDs.
A DNS server does not need to always return the same IP for a given name. It may choose to return a different IP based on region, client IP, or even per-request. This is the most typical way to load balance. Multiple DNS servers can also load balance the DNS requests by using anycast routing, where many servers share the same public IP and traffic is routed to them randomly by publishing multiple routes for the same IP.