What is DNS and How it Works?
In this post I will be covering the topic How to set up your own Domain Name System in short we call it DNS.
Without any doubt the process of setting up your own DNS server in very simple and concise manner is absolutely easy unless you don’t have basic understanding of the DNS. Therefore, below there are series of basic information is given to understand DNS.
What is DNS?
DNS stands for Domain Name System. It is the essential tool required to translate a domain name into IP address such as www.KaliLinuxCode.Com. This translation enables computers to identify each other on the network.
How DNS Works?
Domain Name Resolution
When you enter a domain name in a web browser like Safari, Firefox, or Chrome, the browser attempts to reach a DNS resolver. This resolver might be managed by your Internet Service Provider (ISP) or a public DNS service.
DNS Resolver
The DNS resolver first tries to return the IP address for the domain from its cache, if available. If the IP address is not already in the cache, the resolver initiates a series of queries to find the IP address associated with the domain name.
Recursive Querying
The resolver first reaches a Root DNS Server. Root servers are at the top of the DNS hierarchy and can direct the resolver to the appropriate top-level domain (TLD) server, such as .com, .org, etc.
From there, the TLD server can direct the resolver to the authoritative DNS server for the specific domain.
Authoritative DNS Server
The Authoritative DNS server is the one who has the actual details of the IP Address against the Domain Name was searched initially in the browser therefore from this point IP Address for the domain can be returned to the resolver.
Response to Client
The moment Resolver receives the IP Address from the Authoritative DNS Server, it passes to the browser, I mean web browser. After receiving the IP Address, the browser reach to the web server for the associated IP Address to request the web page.
Each and every component of the DNS is very important to understand, so let’s start with:
What are DNS Records?
There are number of DNS records which can be stored in Authoritative DNS Servers for example:
A Record: Well, this record maps the domain name to an IPv4 address.
AAAA Record: This record maps the domain name to an IPv6 address.
CNAME Record: This record maps the domain to another domain (alias).
MX Record: Specifies the mail servers for a domain.
TXT Record: Holds various text information for a domain.
DNS Hierarchy
- Root Servers: Serve the root zone and direct queries to TLD servers.
- TLD Servers: Manage domains at the top level (e.g., .com, .net).
- Authoritative Servers: Hold the DNS records for specific domains.
Caching
To improve efficiency and reduce latency, DNS responses are cached at various levels:
Local Cache: Your computer’s operating system maintains a cache of DNS responses.
DNS Resolver Cache: The DNS resolver caches responses to serve future requests quickly.
DNS is essential for the functioning of the internet, as it allows users to access websites using easy-to-remember domain names instead of complex numerical IP addresses. By leveraging a hierarchical and distributed system, DNS ensures robust, scalable, and efficient domain name resolution.
The DNS system is a globally distributed and hierarchical system, with different entities managing different levels. Here’s a more detailed breakdown of who manages each component:
Management:
Root DNS Servers
Root DNS servers are managed by various organizations around the world. There are 13 sets of these servers, labeled A through M, which are managed by different entities such as Verisign, ICANN, the US Army Research Lab, and others.
The root zone is administered by ICANN (Internet Corporation for Assigned Names and Numbers) in cooperation with the US Department of Commerce.
Top-Level Domain (TLD) Servers
Management:
TLD servers are managed by organizations called registries. Each TLD, like .com, .org, .net, and country-specific ones like .uk or .jp, has its own registry.
Examples include Verisign for .com and .net, Public Interest Registry for .org, and Nominet for .uk.
Authoritative DNS Servers
Management:
These servers are managed by individual domain owners or by DNS hosting providers. For example:
A company that owns a domain might manage its own authoritative DNS server.
Many companies use third-party DNS hosting services like Cloudflare, Amazon Route 53, or GoDaddy to manage their DNS records.
DNS Resolver (Recursive Resolver)
Management:
Typically managed by ISPs (Internet Service Providers) like Comcast, Verizon, or AT&T.
There are also public DNS resolvers like Google Public DNS (8.8.8.8), Cloudflare DNS (1.1.1.1), and OpenDNS.
How to Set Up Your Own DNS Server: A Comprehensive Guide
Setting up your own DNS server can provide greater control over your domain and improve your network’s security and efficiency. Here’s a step-by-step guide to help you get started, incorporating key DNS records like MX and TXT to manage email and domain information effectively.
Step 1: Choose Your DNS Server Software
First, select the DNS server software that suits your needs. Popular choices include:
BIND (Berkeley Internet Name Domain): Highly configurable and widely used.
Microsoft DNS: Integrated with Windows Server, ideal for Windows environments.
Unbound: Lightweight and focuses on security.
PowerDNS: Offers both authoritative and recursive DNS capabilities.
Step 2: Install the DNS Server Software
On Linux (e.g., Ubuntu):
sudo apt update
sudo apt install bind9
On Windows:
- Install the DNS Server role through the Server Manager.
Step 3: Configure Your DNS Zones
Create a configuration file for your domain. Here, we’ll set up example.com with necessary records.
Primary Zone File (/etc/bind/db.example.com):
$TTL 3600
@ IN SOA ns1.example.com. admin.example.com. (
2024061501 ; Serial
3600 ; Refresh
1800 ; Retry
1209600 ; Expire
86400 ; Minimum TTL
)
@ IN NS ns1.example.com.
@ IN NS ns2.example.com.
@ IN MX 10 mail1.example.com.
@ IN MX 20 mail2.example.com.
@ IN TXT “v=spf1 include:_spf.google.com ~all”
ns1 IN A 192.0.2.1
ns2 IN A 192.0.2.2
mail1 IN A 192.0.2.3
mail2 IN A 192.0.2.4
Explanation:
- SOA (Start of Authority): Defines the primary DNS server for the zone.
- NS (Name Server): Specifies the authoritative DNS servers for the domain.
- MX (Mail Exchange): Directs email to the correct mail servers.
- TXT (Text): Holds SPF records to specify authorized email servers.
- A Record: Maps domain names to IP addresses.
Step 4: Configure the DNS Server
Edit the BIND configuration file to include your zone.
BIND Configuration (/etc/bind/named.conf.local):
zone “example.com” {
type master;
file “/etc/bind/db.example.com”;
};
Step 5: Start and Test Your DNS Server
Start BIND:
sudo systemctl start bind9
sudo systemctl enable bind9
Test Your DNS Server: Use tools like nslookup or dig to ensure your DNS server is working correctly.
dig @192.0.2.1 example.com
nslookup example.com 192.0.2.1
Step 6: Set Up Reverse DNS (Optional)
To handle reverse DNS lookups, configure PTR records in a reverse zone file.
Reverse Zone File (/etc/bind/db.2.0.192):
$TTL 3600
@ IN SOA ns1.example.com. admin.example.com. (
2024061501 ; Serial
3600 ; Refresh
1800 ; Retry
1209600 ; Expire
86400 ; Minimum TTL
)
@ IN NS ns1.example.com.
@ IN NS ns2.example.com.
1 IN PTR ns1.example.com.
2 IN PTR ns2.example.com.
3 IN PTR mail1.example.com.
4 IN PTR mail2.example.com.
BIND Configuration (/etc/bind/named.conf.local):
zone “2.0.192.in-addr.arpa” {
type master;
file “/etc/bind/db.2.0.192”;
};
Step 7: Maintain Your DNS Server
Regularly update your DNS records and zone files to reflect changes in your network. Monitor the server’s performance and security to ensure it runs smoothly.
By setting up your own DNS server, you gain full control over your domain’s DNS records, including MX records for email routing and TXT records for additional information. This setup not only enhances your network’s reliability and performance but also boosts security by preventing unauthorized changes to your DNS records.
Leave a Reply