Address Record, assigns an IP address to a domain name. When the domain name system was designed it was recommended that no two A records refer to the same IP address. This is not practical due to the limitations of CNAME records.
- CNAME Record
- IP Address
- Resource Record
- Domain Name
See CNAME record
Term used to describe zones and domain names. Root, written as “.” is the ultimate ancestor zone. All top level domains like com, gov, and org are all its children. example.com is the child of com. gomer.example.com is the child of example.com.
Com is an ancestor of gomer.exaple.com, as is “.”
Another way to think of children is as sub directories (delegations) of parent directories, or as folders within folders.
- Domain Name
Adjective describing a name server or a response from a name server that is referencing its own native data. The authoritative server contains an entire copy of the zone that is derived from local configuration data, possibly with the help of another authoritative name server for the zone. Data is obtained without the need for caches or the help of any resolver. A server can be authoritative about one zone but not authoritative for another.
- SOA Record
Berkeley Internet Name Daemon. The most common DNS software of the internet. Ported to every flavor of Unix and Windows NT (Windows is a Trademark of the Microsoft Corp.). Bind source code is maintained by the Internet Software Consortium.
The act of recording authoritative response to resolver queries for future reference. Generally cached records will be purged after a predetermined time.
The real name of a host. Used in CNAME records, PTR records, NS records and MX records. A canonical name is something of a fiction because many servers have more then one equally valid name. Basically, any domain name that has an A record.
- CNAME Record
- PTR Record
- NS record
- MX record
Classless Inter Domain Routing. Currently subnets are defined by the number of binary bits they have in common. This replaces the older subnet class system. Each octet of the IP address can be broken down into two hexadecimal digits; it takes 8 bits to represent each pair of hexadecimal digits. So a class A subnet which shares the first octet would be an 8 Bit subnet. A class B would be a 16 Bit subnet. A class C subnet would be a 24 bit subnet.
If your ISP provides you with a subnet you will likely have many more bits in common. For example, if you were given a 29 bit subnet, you would have 8 IP addresses, an Identifier address, 6 useable IP addresses, and a broadcast IP address.
- Subnet Class
- IP Address
Class A Subnet
A subnet that shares the first octet
See also: Subnet Class
Class B Subnet
A subnet that shares the first and second octets.
Class C Subnet
A subnet that shares the first, second, and third octets.
Classless Subnet Delegation
Traditionally, subnet delegations were intended to fall along subnet classes defined by the number of octets shared in common. Under this system the smallest subnet that could be created was the class c subnet with 256 IP addresses of which 254 are usable. However as time has passed and the demand on IP addresses has grown dramatically, it is no longer practical for providers to devote 256 addresses to customers only intending to use six or seven.
Classless subnets are delegated in the reverse zone of the parent that is delegating. The key tools for the delegation are PTR records, NS records and CNAME records. The NS records declares the existence of the subnet’s domain name servers. The PTR records attach canonical names to reverse lookup addresses. CNAME records can be used to create aliases for simplification. The ways that these record types can be used to generate classless subnets varies from the crude:
The ISP delegates each IP address as a class D subnet with one or more NS records for each IP address, The customer must create a zone for each IP address, complete with its own SOA record, duplicates the NS records and a PTR record.
To the elegant:
The ISP doesn’t delegate at all, instead using one CNAME record for each reverse IP address in its reverse zone. For example:
220.127.116.11.in-addr.arpa. CNAME 9.example.com.
The 9 attached to Example.com is an arbitrary label, chosen in this case to match the last digit of the reverse IP address. The customer will simply need a PTR record to resolve 9.example.com to an IP address.
Canonical Name Record. Creates an alias of a canonical name. The alias gains all properties of the original, including IP addresses and mail routes. Because of this, it is illegal for there to be any other record with the same owner name as a CNAME record. It is also illegal for any record other than a CNAME record to refer to an alias.
The process of separating a descendant of a zone into a separate zone. The delegation is accomplished with NS records and if necessary, A records. NS records used for this purpose are called “delegation records”, A records used for this purpose are called “glue records.”
Records in a delegation are an exception to the rule that a record should only be defined only in the zone that owns the name of the record.
Similar to nslookup. Another command line tool for querying DNS servers. Somewhat unwieldy, bundled with BIND.
Like all Unix terms, dig is case sensitive and must always be used in lower case.
The basic purpose of spoofing is to confuse a DNS server into giving out bad information. The way it works is that an attacker sends a recursive query to the victim’s server, using the victim’s server to resolve the query. The answer to the query is in a zone the attacker controls. The answer given by the attacker’s name server includes an authoritative record for a domain name controlled by a third party. That authoritative record is FALSE. The victim’s server caches the bogus record. (Most modern servers will not cache a fake record because it does not fall in the same parent zone as the record that was requested.)
Once spoofed the victim’s resolver will continue to use the false record it has in its cache, potentially misdirecting E-Mail, or any other internet service. This is a potential major security leak for credit card information, trade secrets, and other highly sensitive information.
Recent surveys indicate that 25-30% of servers on the Internet are spoofable. Further readings on DNS spoofing.
Most often used to refer to a domain zone, domain is also used to decribe a zone, or a domain name. This ambiguity results in an unbelieveable number of technical support questions, and is a driving force in the sales rate of “DNS and Bind.”
A unique designator on the Internet made up of symbols separated by dots, such as
The individual words or characters between the dots are called labels. The label furthest right represents the top level domain name, com, org, uk and so on. The second most right represents the second level of the domain name, or “second level domain.”
Other terms are child and parent.
Scrooge.com is the parent of Cratchet.Scrooge.com
Scrooge.com is the child of com.
There are certain rules required in domain name creation.
- The full domain name is limited to 255 characters.
- No label can be longer then 63 characters.
- Labels are made up of letters, numbers and hyphens, and may not start with hyphens. Under certain circumstances, the “/” and “_” characters are allowed.
- Labels are case insensitive.
- A domain name must be defined in its closest ancestral zone (The one with the most labels).
Domain Name System
The domain name system is a distributed database arranged hierarchically. Its purpose is to provide a layer of abstraction between other Internet services (web, email, etc.) and the numeric addresses (IP addresses) used to uniquely identify any given machine on the Internet.
This has several advantages:
- It permits use of names instead of numbers to identify hosts (usually servers). Names are much easier to remember.
- It permits a server to change numeric addresses without requiring notification of everyone on the Internet, by simply retargeting a name to the new numeric address.
- One name can refer to multiple hosts, to share the load.
There are more benefits, of more esoteric nature.
Dynamic IP Address
Sixth field in an SOA record. Measured in seconds. If the refresh and retry attempts fail after that many seconds the server will stop serving the zone. Typical value is 1 week. Not used by a primary server.
Archaic, See Domain Zone
See Domain Zone.
The process of sending a recursive query sent from a host to a resolver, to a second predetermined resolver. Reasons for forwarding might involve a resolver having little or no net access, or if one resolver has a significantly larger cache.
Fully Qualified Domain Name
A domain name that extends all the way back to root. Often written as FQDN.
gomer.gimboid.com. is an FQDN.
A common error is to leave the “.” at the end off.
gomer.example.com is NOT an FQDN, by leaving out the last “.” Root is not included.
So if an MX record in exampe.com, pointing to Gomer.example.com does not include the final “.” it will be appended as Gomer.example.com.example.com.
However, if the MX record in the example had merely pointed to “Gomer”, the auto-append would have created gomer.example.com.
Fully Qualified Host Name
A glue record is an A record that is created as part of a delegation. If a zone is delegated to a name server whose hostname is a Descendant of that particular zone, then a glue record for that hostname must be included in the delegation.
Base 16 math. Computers normally “think” in base two math, called binary. The only two digits are 1 and 0. So in binary the number 5 would be represented by. 101 (1 in the fours place, and one in the ones place.)
This binary thinking is generally translated into base 16 math. That is to say, you can have a single digit number as high as 15. Single digit numbers higher then 9 are usually represented by letters A-F.
So the hexadecimal number C5 translates to 197 in normal base 10 math; 12 in the 16’s place and 5 in the ones place.
Host Information Record. Strictly informational, not functional. Used to declare the computer type and operating system of a host.
A host is any machine on any network. On TCP/IP networks, each host has one or more unique IP addresses.
The second field of an SOA record. Informational only, it holds the E-Mail address of the person responsible for maintaining the zone. Originally formatted as if it was a Hostname, the @ symbol was an invalid character. The @ symbol was replaced by a “. “, and any “.” preceding the “@” was replaced by “\.”. Examples:
|Email address||Hostmaster field|
Relatively recently, the rules were changed to permit arbitrary characters in the Hostmaster field. Thus, the above rule is no longer necessary; however, it is still used by the majority of hostmasters, and it is assumed by many DNS validators.
Zone A owns domain name D if:
There are no other zones in the line of ancestry between A and D.
A unique identifier number for any host on any TCP/IP network, including the Internet. An IP address is made up of four octets. Each octet has a value between 0-255.
An element of a domain name. No label can be longer then 63 characters. Labels are made up of letters, numbers and hyphens, but may not start with hyphens. Labels in a domain name are separated from each other by “.”’s. Labels are case insensitive.
For Example: WWW.All.These.8.labels.are.very-good.gov
- A zone is delegated to a server that has not been properly configured to be authoritative for the zone.
- A server that is authoritative for the zone has an NS record that points to another that is not authoritative for the zone.
This will cause resolvers to direct queries to servers that will not respond authoritatively, if at all. This causes unnecessary network traffic and extra work for servers. 1/4th of all zones have lame delegations (source Domain Health Survey).
See Lame Delegation.
Location Record. Experimental, proposed in 1996. Informational, not functional. Used to give latitude and longitude, in degrees minutes and seconds, altitude in meters, and dimensions (in terms of meters) of a host.
Of no practical use except to hi-tech thieves with a GPS tracker.
The process of sending a message from one point to another through an intermediary. Any mail server that supports this should have some kind of filter system in place to avoid unauthorized use by spammers. Mail servers without this protection are open to hijacking. More on mail relay.
See also: MX Record
See Primary Server.
Seventh field in an SOA Record. The default TTL for every record in the zone. Can be overridden for any particular record. Typical values range from eight hours to four days. When changes are being made to a zone, often set at ten minutes or less.
Mail Exchange Record. Creates a mail route for a domain name. A domain name can have multiple mail routes, each assigned a priority number. The mail route with the lowest number identifies the server responsible for the domain. Other mail servers listed will be used as backups.
When iteratively querying a server in the ancestral line of the record that:
The server will respond with an authoritative negative response. A resolver with negative caching will cache the negative response for a set time period, usually ten minutes. The resolver will reply with a non-authoritative negatives response to the query for that set period
Name Server Record. An NS record declares that a given zone is served by a given name server. Every NS record is either a delegation record or an authority Record. If the name of the NS record is the name of the zone it appears in, it is an authority record. If the name of the NS record is that of a descendant zone, then it is a delegation record.
Standard tool for querying name servers in command line operating systems like Unix and NT.
An octet is one of the four numbers making up an IP address. Octets values can range from 0 to 255. Each octet can be expressed as 8 binary bits, hence the name octet. An octet can also be represented by 2 digits of Hexadecimal.
A zone owns itself and all descendant names that are not delegated.
Also called a master server. An authoritative name server that gets its zone data from local configuration, not from an outside source. This term is used in terms of a specific zone. The primary server of one zone could be a secondary server in regards to another zone. Despite a common misconception, from a resolver‘s point of view, primary and secondary servers are equal in authority and priority.
Pointer Record. Also called a reverse record. A PTR record associates an IP address with a canonical name. PTR records should point to a name that can be resolved back to the IP address. The name of the pointer record is not the IP address itself, but is the IP address’ four IP octets in reverse order followed by IN-ADDR.ARPA. for Example:
192.168.0.1 becomes 18.104.22.168.IN-ADDR.ARPA.
A request for records of a certain name to be sent to a certain DNS server.
A query is properly answered by:
An answer section, containing any records the server has that answer the query.
An authority section, containing NS records indicating where to look for more information.
an additional section, containing any additional records that might be useful in interpreting the answer and authority sections. This typically includes A records that give the IP addresses for hosts named in the first two sections.
See, Resource Record.
There are three schemes for record systems, Internet, Hesiod, and Chaos.
Hesiod is only used at M.I.T, and maybe not even there anymore.
Chaos is almost extinct, BIND uses it to check its version number, but that’s about it.
Internet is the system that 99.999% of servers use.
Fourth field in an SOA record. Refresh determines the number of seconds between a successful check on the serial number on the zone of the primary, and the next attempt. Usually around 2-24 hours. Not used by a primary server.
In other words, a resolver is a DNS server that looks up DNS records on behalf of a client machine.
A resource record consists of five components:
A Resource record starts with a domain name , usually a fully qualified domain name. If anything other then a fully qualified domain name is used, the name of the zone the record is in will automaticly be appended to the end of the name.
Third is the Record class: Internet, Hesiod, or Chaos
Fourth is the record type: CNAME, PTR, A, etc.
Fifth is the record data: (depends on record type) If the record data includes a domain name that is not a Fully Qualified Domain Name it goes through the same appending process as the domain name at the start of the record.
Many servers will permit comments as a sixth component.
Archaic, see Reverse Zone.
See PTR Record.
The process of mapping IP addresses to names is useful:
- For use in tracing routes on the internet to identify routers between source and destination. Assigning names on the train stations between point A and point B.
- For Chat and FTP servers it is useful to restrict access to hosts in certain zones.
- To reverse the tide of SPAM, some mail servers will not connect to a mail server whose reverse record is misconfigured.
There are currently 13 servers that are authoritative for the root zone. They are named a.root-servers.net – m.root-servers.net. Every resolver must have the IP addresses of one or more of these root servers coded in so that it can resolve domain name.
Round Robin Load Sharing
Primitive load sharing system without any fault tolerance. A native feature of most major servers; If multiple resource records of the same name and type are found, all will be sent; However, their order will be rotated for successive queries. For example, identical A records could point to different IP Addresses. This works for load sharing because web browsers and other clients usually only expect only one record of the appropriate type in response, and ignore further records after the first. Can cause problems with PTR records, causing mail delivery problems because IP addresses might not resolve back to the name expected.
Responsible Person. Informational, not functional. Used to indicate the person responsible for the domain.
Sometimes called a slave server: A secondary name server is an authoritative name server that gets its data from outside sources, usually a zone transfer from a primary server. This term only applies to relations with a specific zone, a secondary server for one zone could be a primary for another. Despite a common misconception, from a resolvers point of view, primary and secondary servers are equal in authority and priority.
Serial Number Field
Third Field in an SOA record. Used by a secondary server to determine if it requires a zone transfer from the primary server. If the Secondary’s Number is lower than the Primary’s, then the secondary server knows that its records are out of date. Not used by a primary server.
See Secondary Server.
Start of Authority Record. The SOA is the first record in every properly configured zone. The SOA record contains information about the zone in a string of fields. The SOA record tells the server to be authoritative for the zone.
Serial Number Field
Also known as a Service record. An SRV record is intended to provide information on available services. A SRV record has four fields and a unique system for naming. The naming system is an underscore followed by the name of the service, followed by a period, and underscore, and then the protocol, another dot, and then the name of the domain. The four fields are.
- Priority, just a in MX records
- Weight, used to determine relative capacity between to SRV fields with the priority. Hits will be assigned proportionately by weight, allowing a powerful and a weak server to share appropriate loads.
- Port, the port of the service offered
_http._tcp.example.com. SRV 10 5 80. www.example.com
Static IP Address
A static IP Address is an IP addressis an IP address assigned by a service provider that never changes. This requires that the service provider keep at least one IP address per customer. Because their IP address remains fixed, static IP addresses can be used for hosting name servers.
Dynamic IP Address
A contiguous string of IP addresses. The first IP address in a subnet is used to identify the subnet, the last IP address in the subnet is always used as a broadcast address. Anything sent to the last address is sent to every host on the subnet.
Class A was any subnet that shared the first octet. Apple for example has a class A subnet. The first octet was 0017. All IP addresses starting with 17 are controlled by Apple. A class A subnet has over 16 Million possible IP addresses. Apple thus effectively controls 1/255th of the Internet.
Class B subnets share the first two octets. Class C subnets share the first three octets, effectively giving a class C subnet 254 possible IP addresses. (Remember that the first and last IP addresses are used as a network number and a broadcast address.)
Top Level Domain
com, edu, gov, mil, net, org, int, arpa, country codes.
Time To Live, the number of seconds remaining on a cached record before it is purged. For authoritative records the TTL is fixed at a specific length. If a record is cached, the server providing the record will provide the time remaining on the TTL rather then the original length it was given.
Text Record: Strictly informational, not functional. Used to provide up to 255 characters of free form text, hopefully about the zone. Multiple TXT records are permitted but their order is not necessarily retained, a bad forum for presenting War and Peace.
Unqualified Domain Name
A domain name that is intentionally written incompletely with the understanding that some ancestor domain name will be appended to form a fully qualified domain name.
Denoted with an “*”.
Allows one record to stand in for a number of other records:
- Of the same type.
- Pointing to same data.
- In the same zone.
The wildcard will be used in the response to any query for its type of record that:
- A. The asterisk in the wildcard could be expaned into a group of labels that would match the query. (This is called pattern matching.)
- B. There are no records of any type which excatly match the domain name of the query
- C. No ancestor of the domain name used in the query meets meets A. and not B.
For Example: example.com, an ISP, offers web space to its 1 billion subscribers using www.example.com/account name, and also wants to offer that as account.gimboid.com. By using a Wildcard. By setting up a CNAME record:
*.example.com. CNAME www.example.com.
And a corresponding A record for www.example.com, they save themselves the bother of generating 1 billion CNAME records.
Because wildcards are a commonly misunderstood concept, below are examples of queries that would, and would not, acivate a wildcard.
$ORIGIN example.com. @ SOA ns1 ( postmaster 2000081100 28800 7200 604800 86400) NS ns1 NS ns2 MX 10 mail A 192.168.0.1 ns2 A 192.168.0.2 * A 192.168.0.1 ssl A 192.168.0.1 lists MX 10 mail
Which of the following query names will match the wildcard if the query type is A?
For two reasons, there is another record by that name, and because the name doesn’t fit the wild card pattern, there is no child label in front of example.com to match the *,
No record of that name, and meets the *.example.com pattern
ns2.example.com is specificly provided for so it won’t match a wildcard.
No record of that name, and meets the *.example.com pattern
ssl.gimboid.com is provided for, the fact that www.ssl.example.com isn’t is irrelevant.
No record of that name, and meets the *.example.com pattern. remember that * can match more then one label.
Even if the record is of another type, if there is an existing name match the wildcard won’t be used.
Well Known Service Record. Experimental, not yet adopted or used by any browser. WKS is generalized version of the MX record. Which is not just for mail but for any service. Examples would be POP, HTTP and FTP. If adopted, it will allow greater flexibility in resolving names from IP addresses and will lessen some of the problems cause by native round robin load sharing in servers.
Any domain name that has been delegated by an ancestor zone.
Also includes all descendant domain names that have not been delegated.
A special type of query that asks a name server for the entire contents of a Zone. Cached records are never reported in a zone transfer. Zone transfers are usually used by secondary servers to update its own zone data from its primary server.
- A Record
- Canonical Name
- Class A Subnet
- Class B Subnet
- Class C Subnet
- Classless Subnet Delegation
- Chref Record
- DNS Server
- DNS Spoofing
- Domain Name
- Domain Name System
- Domain Zone
- Dynamic IP Address
- Expire Field
- Forward Domain
- Forward Zone
- Fully Qualified Domain Name
- Fully Qualified Host Name
- Glue Record
- HINFO Record
- Hostmaster field
- IP Address
- Iterative query
- Lame Delegation
- Lame Server
- LOC Record
- Mail Relay
- Master Server
- Minimum Field
- MX Record
- Name Server
- Negative Caching
- NS Record
- Primary Field
- Primary Server
- PTR Record
- Record Class
- Recursive Query
- Refresh Field
- Resource Record
- Retry field
- Reverse Domain
- Reverse Record
- Reverse Zone
- Root Server
- Root Zone
- Round Robin Load Sharing
- RP Record
- Secondary Server
- Serial Number Field
- SOA Record
- SRV Record
- Static IP Address
- Subnet Class
- Top Level Domain
- TXT Record
- Unqualified Domain Name
- WKS Record
- Zone Transfer