DNS training from A to Z, Part 7

Jumpstart your DNS training from wherever you are!

Before we jump into DNS training trivia, we wanted to let you know that you can jump ahead in your DNS training this October.

Following our first fully online DNS course earlier this year, Men&Mice is happy to open registrations for the next DNS&BIND Jumpstart class.

For details and signing up, go to our training page.

S is for "SOA"

Which, in turn, stands for "Start of Authority."

SOA is a special DNS record used by authoritative DNS servers to store the respective domain's administrative details.

A SOA record contains information about:

• MNAME: the primary name server
• RNAME: the owner (or designated operator) of the domain (an email address, separated by dots, where the first . stands instead of the @ symbol)
• SERIAL: the serial number for the zone (often storing a timestamp for the last update)
• REFRESH: the refresh rate to detect zone changes (but when primary servers are updated, they notify any secondary/slave servers that in turn can request an update immediately)
• RETRY: the time between retries for secondary/slave servers to get the serial number from the primary
• EXPIRE: the expiration of the zone if there's no response for the query for the new serial number
• TTL: the Time-To-Live, used in negative caching
  

Interestingly, while most DNS queries use UDP (see below), zone transfers that use SOA records often use TCP for data integrity and transfer more information.

T is for "top-level domain"

DNS, by design, is highly structured and hierarchical. We've covered the "labels" in fully qualified domain names (FQDNs) in part 4 of this series, and now let's take a closer look at the second (or third, depending on where you're counting from) label.

Top-level domain (TLD), simply put, is the end of the url: the '.com', '.org', and so on. It can be up to 63 octets long (63x8 bits).

Following the structured and hierarchical design of DNS, TLDs are structured into several different types, each maintained by different authorities:

• ARPA (.arpa) is the infrastructure top-level domain, and is managed by IANA
• gTLD (.com, .info, etc.) is a generic top-level domain, three characters or longer
• grTLD (.nyc) is a restricted top-level domain, managed by registrars sanctioned by ICANN
• sTLD (.gov) is a sponsored top-level domain, managed by registrars sanctioned by ICANN
• ccTLD (.is) is a country code top-level domain, restricted similarly to grTLD and are often managed by a specialized national organization (like ISNIC for .is)
  

There are more variants of TLDs, like IDN ccTLD (internationalized country code TLD) and tTLD (test TLD, not present in the root zone). New TLD types can also be added or specified from existing ones if the need arises, but the process is long.

U is for "UDP"

More often than not, DNS uses the UDP transport layer for data transfer. UDP stands for 'User Datagram Protocol.'

UDP is a good fit for DNS because it's fast and carries little overhead. (And because it is also capable of being broadcast and multicast.) A typical DNS query fits into a single UDP packet, and so does a DNS response.

Because the upper limit of a UDP packet is 512 bytes and the protocol unordered, larger data transfers (such as a zone transfer) are using TCP instead. This size limit of UDP is also useful in response rate limiting (RRL) to protect against attacks.

Want to learn more?

This series consists of small pieces of interesting information, but many more can be said and done.

A lot of things have changed in 2020, but our commitment to teaching DNS in-depth hasn't. We're converting our comprehensive DNS training program into fully online courses that students can take from anywhere.

We're already offering our new DNS&BIND Jumpstart course, with a DNS&BIND Leap Ahead course also planned for advanced topics.

Keep an eye on our 2020 training calendar, and subscribe to our email list to get notified when new courses are added.