Skip to main content

DNS

Domain Name System (DNS) is responsible for properly mapping a domain name to an IP address. It operates at Application Layer (Layer 7). DNS traffic uses UDP (port 53) by default and TCP (port 53) as a default fallback.

List of DNS record types​

Example DNS records
| NAME            |    TYPE    |     VALUE        |
|-----------------|------------|------------------|
| foo.example.com |     A      | 192.0.2.23       |
| baz.example.com |   AAAA     | 2001:db8::1      |
| bar.example.com |   CNAME    | foo.example.com  |
| example.com     |    MX      | mail.example.com |

Commands​

Simple DNS lookup utility
host <DOMAIN> 8.8.8.8
host <IP>
DNS lookup for domain name resolution
dig <DOMAIN>
dig +short <DOMAIN> # Short output
dig <DOMAIN> @8.8.8.8 # Use specific DNS server
Query DNS records for a domain
nslookup <DOMAIN> # Alternative DNS lookup
Whois lookup for domain information
whois example.com
whois 8.8.8.8
Ping a host to check connectivity
ping <HOST_IP>
ping -c 5 -i 0.2 <HOST_IP> # Ping with 5 packets, 0.2s interval
ping -s 1200 -M do -t 64 8.8.8.8 # Ping with 1200 bytes, don't fragment, TTL 64
Traceroute to a host to find the path taken by packets
traceroute <HOST_IP>
traceroute -I <HOST_IP> # Use ICMP instead of UDP
traceroute -T <HOST_IP> # Use TCP SYN packets
traceroute -p 80 <HOST_IP> # Specify port

Security Topics​

  • DNS over TLS: Encrypts DNS queries for privacy (Cloudflare guide)
  • DNS Cache Poisoning: Attack that corrupts DNS cache, redirecting traffic (Cloudflare guide)
  • DNS Spoofing: Faking DNS responses to redirect users (Wikipedia)
  • DNS Hijacking: Redirecting DNS queries to malicious servers (Wikipedia)

Notes​

  • DNS is critical for internet usability and security.
  • Using secure DNS (like DNS over TLS or DNS over HTTPS) helps protect privacy.
  • Public DNS providers (Cloudflare 1.1.1.1, Google 8.8.8.8, Quad9) offer alternatives to ISP DNS.