Scaler
Academy
Data Science
AI/ML
DevOps
Neovarsity
New
Skill Test
Free Masterclass
Search for Articles, Topics
What is DNS in Linux?

What is DNS in Linux?

By Mou
9 mins read
Last updated: 31 Dec 2023
187 views
Learn via video courses
Topics Covered

Introduction

DNS, short for Domain Name System, is a fundamental component of networking that plays a crucial role in translating human-readable domain names into IP addresses, enabling communication between computers over the internet. In the context of Linux, DNS serves as a vital service for resolving domain names and facilitating the smooth functioning of network connectivity.

At its core, Linux DNS is a distributed database system that contains various types of resource records (RRs) associated with domain names. These records hold valuable information such as IP addresses, mail server details, and other important data required for network communication. When a user enters a domain name into a web browser or attempts to establish a connection to a remote server, the DNS system comes into play to resolve the domain name into its corresponding IP address.

Linux operating systems provide several tools and configurations to manage Linux DNS settings effectively. One of the primary tools used in Linux for DNS resolution is the /etc/resolve.conf file. This file contains the IP addresses of DNS servers that Linux should query when resolving domain names. By modifying this file, you can specify your preferred DNS servers, such as those provided by your ISP, or public DNS servers like Google DNS (8.8.8.8).

In this article, we'll be exploring DNS in Linux and trying out different DNS-related tools.

How does DNS Work?

DNS, or Domain Name System, is the technology that allows us to use human-friendly domain names, like "scaler.com" instead of having to remember and type in the corresponding IP addresses, such as "104.18.35.96". It's like the phonebook of the internet, translating domain names into IP addresses and directing our web requests to the right destination.

When you type a domain name into your web browser, your computer first checks its local DNS cache—temporary storage of previously resolved domain names. If the IP address is found there, the browser uses it and establishes a connection. However, if the IP address is not cached or has expired, your computer reaches out to a DNS resolver to obtain the correct IP address.

The Linux DNS resolver is typically provided by your internet service provider (ISP) or a public DNS service like Google DNS. Your computer sends a query to the resolver, asking for the IP address associated with the domain name. If the resolver has the IP address in its cache, it returns the result to your computer. Otherwise, the resolver contacts other DNS servers to find the answer.

The DNS query starts with the root DNS servers, which are responsible for maintaining a list of authoritative DNS servers for top-level domains (TLDs) like .com, .org, or .net. The root servers direct the resolver to the appropriate TLD server based on the domain name. The TLD server, in turn, refers the resolver to the authoritative DNS server responsible for the specific domain.

The authoritative DNS server is the final stop on the journey. It holds the most up-to-date information about the domain name and its corresponding IP address. Once the resolver receives the IP address from the authoritative server, it sends it back to your computer, which can then establish a connection with the desired website.

DNS works behind the scenes and in a matter of milliseconds, making it appear seamless to users. It's a distributed system, with millions of interconnected DNS servers worldwide, constantly exchanging information to ensure accurate and efficient resolution of domain names.

Where does DNS Get IP Addresses?

Linux DNS obtains IP addresses from authoritative DNS servers. These servers are responsible for maintaining the most up-to-date information about domain names and their corresponding IP addresses. When you enter a domain name in your web browser, your computer's DNS resolver contacts the authoritative DNS server to fetch the IP address.

The journey begins with the root DNS servers. These servers hold information about the top-level domains (TLDs) like .com, .org, .net, etc. When your DNS resolver doesn't have the IP address cached, it reaches out to the root DNS servers to find the appropriate authoritative DNS server for the specific TLD.

Once the root DNS server directs the resolver to the TLD server, the resolver contacts the TLD server responsible for the domain's extension (e.g., .com). The TLD server holds information about the authoritative DNS server associated with the requested domain.

Now, the resolver connects to the authoritative DNS server for the domain. This server is maintained by the domain owner or their DNS service provider. It contains the essential DNS records, including the IP address of the domain.

The authoritative DNS server responds to the resolver with the IP address, which is then passed back to your computer. Your computer can now use this IP address to establish a connection with the desired website.

It's important to note that DNS records are periodically updated to reflect changes in IP addresses. This ensures that when a website moves to a different server or changes its hosting provider, the DNS records are updated accordingly. This dynamic nature of DNS allows for seamless redirection of domain names to the correct IP addresses.

Forward and Reverse DNS Lookups

Forward and reverse lookups are two fundamental operations performed by the Domain Name System (DNS) to translate between IP addresses and domain names.

A forward lookup involves resolving a domain name to its corresponding IP address. For example, when you enter "www.scaler.com" into your web browser, a forward lookup is performed to retrieve the IP address associated with that domain. This allows your computer to establish a connection with the correct server.

On the other hand, a reverse lookup involves finding the domain name associated with a given IP address. This operation is useful when you want to determine the domain name of a specific IP address. Reverse lookups are commonly used for troubleshooting purposes, such as identifying the source of network traffic or verifying the legitimacy of incoming connections.

Both forward and reverse lookups rely on the distributed nature of the Linux DNS system, with authoritative DNS servers maintaining the necessary records. These operations enable seamless communication by bridging the gap between human-readable domain names and machine-readable IP addresses.

Install and Configure DNS

To install and configure DNS, follow these steps:

  1. Choose a DNS server software like BIND or PowerDNS.
  2. Install the chosen DNS server software using your Linux distribution package manager.
  3. Configure the DNS server by editing its configuration file, usually located at /etc/named.conf or /etc/bind/named.conf.
  4. Specify the DNS zones you want to manage, such as example.com, and define their records.
  5. Set up forwarders or root hints to enable DNS resolution beyond your local server.
  6. Start the DNS server service and ensure it automatically starts on system boot.
  7. Update your network configuration to use the local DNS server as the primary DNS resolver.
  8. Test the DNS server by querying domain names and verifying proper resolution.

Forward and Reverse Zones

Forward and reverse zones are two types of DNS zones used in the Domain Name System (DNS) to facilitate the translation between domain names and IP addresses.

A forward zone is the most common type and is used for forward lookups. It maps domain names to their corresponding IP addresses. For example, it associates the domain name "example.com" with the IP address "192.168.1.1". The forward zone contains various types of resource records (RRs) like A records (IPv4 addresses) or AAAA records (IPv6 addresses) that provide the necessary mapping information.

On the other hand, a reverse zone is used for reverse lookups. It maps IP addresses to their corresponding domain names. This zone is organized based on the structure of the IP address in reverse order. For instance, the reverse zone for the IP address "192.168.1.1" would be configured as "1.168.192.in-addr.arpa". The reverse zone contains PTR (pointer) records that link IP addresses to their associated domain names.

Add the Nameserver IP to /etc/resolv.conf

To add the nameserver IP to the /etc/resolv.conf file, follow these steps:

  1. Open the /etc/resolv.conf file using a text editor with administrative privileges.
  2. Locate the line that begins with "nameserver" (if present) or add a new line if it doesn't exist.
  3. On the new or existing line, enter the IP address of the nameserver you want to use. For example: "nameserver 8.8.8.8" for Google DNS.
  4. If you have multiple nameservers, you can add additional lines for each IP address.
  5. Save and close the file.

Start/Restart and Enable the named Service

To start/restart and enable the named service, which is the Linux DNS server service for BIND, follow these steps:

  1. Open a terminal or command prompt with administrative privileges.
  2. Enter the command to start or restart the named service based on your Linux distribution:
    • For systems-based systems (e.g., Ubuntu, CentOS 7+): sudo systemctl start named or sudo systemctl restart named
    • For sysvinit-based systems (e.g., CentOS 6): sudo service named start or sudo service named restart
  3. Verify that the named service has started or restarted successfully without any errors.
  4. Next, enable the named service to start automatically on system boot:
    • For systems-based systems: sudo systemctl enable named
    • For sysvinit-based systems: `sudo chkconfig named on
  5. Confirm that the named service is now set to start automatically on system boot.
  6. You can also check the status of the named service to ensure it is running properly: sudo systemctl status named or sudo service named status

Verify DNS Name Resolution

To verify DNS name resolution using nslookup and dig, follow the instructions below for each tool:

Using nslookup

  1. Open a terminal or command prompt.
  2. Type nslookup followed by the domain name you want to query. For example, nslookup example.com.
  3. Press Enter to execute the command.
  4. The output will display the IP address associated with the domain name, along with additional information such as the DNS server used for the query.

Using dig

  1. Open a terminal or command prompt.
  2. Type dig followed by the domain name you want to query. For example, dig example.com.
  3. Press Enter to execute the command.
  4. The output will provide detailed information about the DNS query, including the IP address associated with the domain name, authoritative DNS servers, and additional DNS records.

Both nslookup and dig provide useful tools for verifying DNS name resolution. They display the IP address associated with the queried domain name, allowing you to confirm that the DNS resolution is functioning correctly. Additionally, they provide valuable information about DNS records, name servers, and other related data that can aid in troubleshooting and verifying DNS configurations.

Conclusion

In this article, we learned:

  • DNS (Domain Name System) is essential for translating human-readable domain names into IP addresses and enabling internet communication.
  • Linux provides tools like nslookup and dig to verify DNS name resolution, allowing users to check IP addresses and DNS server information.
  • DNS obtains IP addresses from authoritative DNS servers, starting with root servers and moving through TLD and authoritative servers.
  • Forward lookups translate domain names to IP addresses, while reverse lookups find domain names associated with IP addresses.
  • Installing and configuring DNS involves selecting a server software, editing configuration files, setting up zones, and starting the DNS service.
  • Adding nameserver IP addresses to /etc/resolv.conf enables Linux to use specific DNS servers for resolution.
  • Starting/restarting and enabling the named service ensures the DNS server (BIND) runs and starts automatically on system boot.
  • nslookup and dig are tools for verifying DNS name resolution, providing information about IP addresses, DNS servers, and DNS records.