How to check DNS? - dns

When troubleshooting DNS issues (specifically whether a domain is resolving), what is the proper way to check so that you get accurate results? DNS info is cached throughout the internet, and different machines (like local machine) or service (like pingdom) has different results.
How to check the DNS so that you know what you will get after it propagates?
Working with Heroku and CloudFlare.

In most common cases you can use tools such as: dig or host. Both tools are made for query name servers to retrieve info. You can also use a simple "ping something.domain.com" in order to see if IP has changed. But I suggest you to use different DNS's on the computer you're using to test. Actually Google DNS replicate so fast ( 8.8.8.8 ).
Not on purpose DNS poisoning: Keep in mind if you're pinging something that is recently configured/changed on your name server and still not propagated you'll "poison" the DNS's cache and this data is going to expire, but later...( Always depending on domain name TTL's of course ).
Using a new DNS wich never has known that domain you're sure the request is made for the first time and it's going to be made without asking any cache.
Example:
To get all the DNS servers for domain.com:
$ host -t ns domain.com
domain.com name server ns2.domain.com.
domain.com name server ns3.domain.com.
To ask a domain name for something.domain.com:
$ dig #nameserver something.domain.com
You can also ask for TXT, CNAME types and so on...
Examples:
AXFR retrieval test:
$ dig #domainname domain.com AXFR
Or get all Mail Exchange (MX) server for a domain:
$ host -t MX domain.com
domain.com mail is handled by 10 smtp.godo.com.
domain.com mail is handled by 20 smtp2.godo.com.
Hope it helps.
Cheers! :)

http://en.wikipedia.org/wiki/Nslookup
To get a "Non-authoritative" answer from your local name server that would be e.g.:
nslookup test.com
To check the name server where the domain is listed that would be e.g.:
nslookup test.com nameServerOfTest.com

Related

How to distribute DNS queries to many resolvers?

for a research project I want to get the IP addresses of millions of domains. I don't want to overload a single DNS server of course. My idea would be to distribute the queries to a (few) hundred or so open dns resolvers (i.e. from http://public-dns.tk/). How can I do this? Would it be enough to install dnsmasq and add the 100 or so DNS servers to /etc/resolv.conf or would dnsmasq only query the first/second entry of the list? Caching doesn't matter since every domain is only once in the list.
I guess installing a full blown dns server with querying the root server directly is not a good idea?
You can specify the IP/address of DNS server in the dig query, that you fire:
dig #<IP_OF_DNS_SERVER> www.google.com
Example, below queries go against OpenDNS, and Google DNS respectively:
dig #208.67.222.222 www.manish-m.com
dig #8.8.8.8 stackoverflow.com

DNS using BIND with Subdomains - Multiple Servers and Hosting Accounts

Hopefully someone can help clarify this.
I have a domain ie example.com registered with Go Daddy. I host the website with TSOHost so in my domain configuration, I have set the following NS records.
Nameserver 1: ns1.tsohost.co.uk
Nameserver 2: ns2.tsohost.co.uk
I am now able to serve the website both www and non www from this hosting package. I simply have an A record for example.com and a CNAME for www.example.com to point to example.com (this is being configured in the cpanel Advanced DNS Zone Editor). So now we have the website showing as expected and required.
I would also like to setup a kind of DDNS service using a different server entirely, (this will hold DNS records that I will create on the fly using a Radius database).
So I want to use the subdomain ddns.example.com for this DDNS service, ie bob.ddns.example.com for Bob (so that when I ping bob.ddn.example.com, I can alter the IP to 8.8.8. say). In Cpanel I have an A record for ddns.example.com and an A record for *.ddns.example.com to point to my server that will manage this, for example 85.214.214.214.
I have installed Bind on the server (currently using a digital ocean server for this, to which I have added ddns.exmaple.com as an A record to the droplet and *.ddns.example.com also), I have created a zone for ddns.example.com, within this I have set the ns record as the digital ocean details.
I have then added the following to my file /var/named/ddns.example.com.hosts
$ttl 38400
ddns.example.com. IN SOA ns1.digitalocean.com. jon#example.com. (
1414575123
10800
3600
604800
38400 )
ddns.example.com. IN NS ns1.digitalocean.com.
bob.ddns.example.com. IN A 8.8.8.8
When I ping bob.ddns.example.com on the server with bind installed I get 8.8.8.8, but when pinging for anywhere else I get the bind server IP.
Can I ask if what I am doing is possible ie, going from godaddy to tso, to another server and if so what NS records should I specify for bind? or is there something in the named config I need to change, I have set the following options in named.conf in an attempt to solve this issue.
listen-on port 53 { any; };
listen-on-v6 port 53 { any; };
allow-query { any; };
recursion yes;
I am aware that recursion may leave me open to DOS attacks and I intend to turn this to no eventually, but for the moment during testing I have left this to yes.
Any help or information would be greatly appreciated, I have been trying different variations of zone files etc without success, I am really though unsure as to if I am going in the right direction.
Hopefully I have made sense, but any further info I can provide, please let me know.
My first question would be - Are you sure you've updated the Registrar with this server as the DNS nameserver for this domain?
Use nslookup to find out:
# nslookup
> set querytype=NS
> server 4.2.2.1 (a DNS server on the Internet)
> ddns.example.com. (a closing dot helps avoid lookups using preferred search domains.)
and confirm that the Internet knows who to communicate with, and that your NS host is authoritative for the domain.
Next would be - Do you have any other nameservers up to "answer" for that subdomain, causing other problems?
BTW - glad to hear you fixed this issue!

Trying to understand FQDN's

I am struggling to understand the FQDN for servers.
At the moment mine is just localhost if i type hostname in to my server terminal it just says localhost.
I understand you need a different one from this if you want to set up cpanel, or postfix or anything really.
As i know its comprised of two parts:
hostname.domainname
can domain name be made up, or does it have to be one of your domains that is set up for use on your server?
and host name can be anything, or it has to be the servername? and does it have to be set up as a sub domain of the domain?
I hope you understand my issues.
Thanks
Try typing
hostname --fqdn
FQDN means Fully Qualified Domain Name, composed mainly of two parts:
Your hostname
The domain name where your hostname is located.
It can be as easy as mycomputername.myfamilydomainname.tld, or as complex as cor-th3-1.par.fr.eu.mynetwork.net.
All of this can technically be made up, though, if you use for example, google.com as local domain, your local resolver may use this info and believe you're in the google.com DNS zone, you may then have problems resolving entries that are in the google.com DNS zone.
More info at: http://en.wikipedia.org/wiki/Hostname

DNS - Site with subdomains - A NAME, CNAME?

I am launching the site with many subdomains. Currently when I'm tweaking it on my hosting using hosts file to point to the IP address all if fine. But when I made it live for the whole world, some parts are broken and do not want to load. for example the www and others.
I'm using a third party DNS for DNS. What should I use A NAME records or CNAME records to make it work.
Currently I have 2 records for A records:
localhost
and mydomain IP address
in CNAME I have:
two records for mail and ftp
What type of record you should use depends on what you are referencing to:
A records are used to reference an IPv4 address. (173.194.70.100)
CNAME records are used when referencing to another DNS name (google.com)
I don't understand why you want to make a DNS record that points to localhost. Since localhost like 127.0.0.1 always means the local machine anyone trying to connect to that address will connect to their local machine.
Some good examples of the use of common DNS record types: http://www.debianhelp.co.uk/dnsrecords.htm

How can I test a new nameserver before updating the registrar records?

I have configured a set of DNS records at a new DNS provider. The configuration is complex, with load-balancing, SSL, etc, there are things that could go wrong.
I want to test this configuration before changing the namespace records at registrar.
Is there any way to locally provide my machine with the new nameserver for the domain?
Are there any tools that might help with this?
Please note: I don't want to just update the A records (e.g. in /etc/hosts) - I want to specifically check the nameserver is returning the A and CNAME records.
If you're on a *nix system, you should be able to use either nslookup or dig. With both of those commands you can specify what server you would like to query. Simply use your new nameserver as the server. With dig, the query would look something like
dig #<your-nameserver> <hostname-to-look-up>
So, if you wanted to query google's public dns server and ask it about the address www.google.com, you'd use
dig #8.8.8.8 www.google.com
which, amongst other things, would tell you that www.google.com is an alias for www.l.google.com -- and then would give you a bunch of IP address (A records) for that name.
For both Windows and my remote Linux(CentOS) servers I use nslookup tool which works on both platforms:
nslookup new-sub.domain.com 8.8.8.8
// and for more details:
nslookup -debug new-sub.domain.com 8.8.8.8

Resources