DNS---The Internet's Directory Service

=============================================
Linux Commands For DNS
host -t A yahoo.com
    -> Get domain/host IP address
host 66.59.134.88
    -> Find IP mapping
dig yahoo.com
    -> Get domain/host IP address
dig 66.59.134.88
    -> Find IP mapping
name server file:/etc/resolv.conf
==============================================
Terminology
host aliasing
canonical hostname
alias hostname
mail server aliasing
load distribution
a distributed, hierarchical database
root DNS servers
top-level domain (TLD) DNS servers
authoritative DNS servers
local DNS server
recursive queries and iterative queries
DNS caching
resource records (RRs)  --- (Name, Value, Type, TTL)
query chain
DNS messages
security of DNS service
DDos bandwidth-flooding attack
man-in-the-middle attack
reflection attack
==============================================
Example:
1. canonical hostname and alias hostname

chenqi@chenqi-laptop ~ $ host www.baidu.com
www.baidu.com is an alias for www.a.shifen.com.
www.a.shifen.com has address 61.135.169.125
www.a.shifen.com has address 61.135.169.105 

2. mail server aliasing
a company's mail server and Web servercan have identical (aliased) hostnames

chenqi@chenqi-laptop ~ $ host baidu.com
baidu.com has address 220.181.111.85
baidu.com has address 220.181.111.86
baidu.com has address 123.125.114.144
baidu.com mail is handled by 10 mx.mailcdn.baidu.com.
baidu.com mail is handled by 20 mx1.baidu.com.
baidu.com mail is handled by 20 jpmx.baidu.com.
baidu.com mail is handled by 20 mx50.baidu.com.

3. load distribution
for replicated web servers (also mail servers having the same alias name), a set of IP addresses is associated with one canonical hostname
DNS rotates the ordering of the addresses within each reply, thus performing load distribution.

chenqi@chenqi-laptop ~ $ host baidu.com
baidu.com has address 220.181.111.86
baidu.com has address 123.125.114.144
baidu.com has address 220.181.111.85
baidu.com mail is handled by 20 mx50.baidu.com.
baidu.com mail is handled by 10 mx.mailcdn.baidu.com.
baidu.com mail is handled by 20 mx1.baidu.com.
baidu.com mail is handled by 20 jpmx.baidu.com.
chenqi@chenqi-laptop ~ $ host baidu.com
baidu.com has address 220.181.111.85
baidu.com has address 220.181.111.86
baidu.com has address 123.125.114.144
baidu.com mail is handled by 20 jpmx.baidu.com.
baidu.com mail is handled by 20 mx50.baidu.com.
baidu.com mail is handled by 10 mx.mailcdn.baidu.com.
baidu.com mail is handled by 20 mx1.baidu.com.
chenqi@chenqi-laptop ~ $ host baidu.com
baidu.com has address 220.181.111.85
baidu.com has address 220.181.111.86
baidu.com has address 123.125.114.144
baidu.com mail is handled by 10 mx.mailcdn.baidu.com.
baidu.com mail is handled by 20 mx1.baidu.com.
baidu.com mail is handled by 20 jpmx.baidu.com.
baidu.com mail is handled by 20 mx50.baidu.com.

4. local DNS server
When a host connects to an ISP, the ISP provides the host with the IP addresses of one or more of its local DNS servers (typically through DHCP). When a host makes a DNS query, the query is sent to the local DNS server, which acts a proxy, forwarding the query into the DNS hierarchy.

chenqi@chenqi-laptop ~ $ cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 202.106.195.68
nameserver 202.106.46.151

5. DNS records and messages
Each DNS reply message carries one or more resource records, which is stored in the local DNS server's cache.
(Name, Value, Type, TTL) : TTL -> time to live in cache
(hostname, IP, A)
    -> hostname to ip services
(domain, hostname of DNS server who knows how to obtain IP address of hosts in the domain, NS)
    -> route DNS queries further along the query chain
(alias name, canonical hostname, CNAME)
    -> alias -> canonical hostname servcie
(alias name, canonical name of a mail server, MX)
    -> by using MX records, a company may have the same alias name for its mail server and other servers

chenqi@chenqi-laptop ~ $ host -t NS www.baidu.com
Host www.baidu.com not found: 2(SERVFAIL)
chenqi@chenqi-laptop ~ $ host -t NS baidu.com
baidu.com name server ns3.baidu.com.
baidu.com name server ns4.baidu.com.
baidu.com name server ns2.baidu.com.
baidu.com name server dns.baidu.com.
chenqi@chenqi-laptop ~ $ host -t A www.baidu.com
www.baidu.com is an alias for www.a.shifen.com.
www.a.shifen.com has address 61.135.169.125
www.a.shifen.com has address 61.135.169.105
chenqi@chenqi-laptop ~ $ host -t A baidu.com
baidu.com has address 123.125.114.144
baidu.com has address 220.181.111.85
baidu.com has address 220.181.111.86
chenqi@chenqi-laptop ~ $ host -t MX baidu.com
baidu.com mail is handled by 20 jpmx.baidu.com.
baidu.com mail is handled by 20 mx50.baidu.com.
baidu.com mail is handled by 10 mx.mailcdn.baidu.com.
baidu.com mail is handled by 20 mx1.baidu.com.
chenqi@chenqi-laptop ~ $ host -t CNAME baidu.com
baidu.com has no CNAME record
chenqi@chenqi-laptop ~ $ host -t CNAME www.baidu.com
www.baidu.com is an alias for www.a.shifen.com.

6. inserting records into the DNS database
register a domain name:
    -> provide the registrar with the name and IP address of your authoritative DNS server
    -> the registrar inserts records into the TLD server
        -> (domain name, dns server name, NS)
        -> (dns server name, dns server IP, A)
==============================================
Security Issue
DNS has demonstrated itself to be surprisingly robust against attack.
To date, there hasn't been an attack that has successfully impeded the DNS service.
==============================================
Resources and References
http://nixcraft.com/getting-started-tutorials/1103-unix-linux-command-dns.html
http://www.linuxjournal.com/article/4597