DNS Configuration - Lesson 2.4 | CompTIA A+ Core 1 Notes

Introduction to DNS

DNS stands for Domain Name System, a critical network service that translates human-readable domain names (e.g., www.example.com) into machine-readable IP addresses.
Eliminates the need to memorize IP addresses by allowing users to connect using domain names.
DNS operates as a distributed database scattered across servers worldwide.

The DNS database is organized hierarchically, starting with root servers at the top.

There are 13 root server clusters, comprising over 1,000 individual servers globally.
Root servers direct queries to top-level domains (TLDs) such as .com, .org, and .net.

Country-code TLDs (ccTLDs) represent specific countries (e.g., .us for the United States, .uk for the United Kingdom).
Below TLDs are domain names (e.g., example.com), which can further subdivide into subdomains (e.g., www.example.com, mail.example.com).
This hierarchical structure allows for scalable and organized domain management.

When a user enters a domain name (e.g., www.example.com), a DNS query is initiated to resolve the name into an IP address.
The query follows the hierarchy: root servers → TLD servers → authoritative DNS servers for the domain.
Redundancy is built into DNS; multiple IP addresses may be returned for load balancing and fault tolerance.

dig (Domain Information Groper): A command-line tool available on Linux, macOS, and some Windows systems for querying DNS servers.

Example: nslookup www.example.com returns IP addresses associated with the domain.

DNS databases store resource records (RRs), which contain information about domains and their associated services.
Common record types include:

A Record: Maps a domain name to an IPv4 address (e.g., www.example.com → 192.0.2.1).
AAAA Record: Maps a domain name to an IPv6 address (e.g., www.example.com → 2001:0db8::1).
CNAME (Canonical Name): Creates an alias for a domain name, pointing one domain to another (e.g., ftp.example.com → www.example.com).
MX (Mail Exchanger): Specifies the mail server responsible for receiving emails for a domain (e.g., example.com → mail.example.com).
TXT (Text): Stores human-readable text, often used for verification, spam prevention, and policy enforcement.
SOA (Start of Authority): Contains administrative information about the domain, such as the primary DNS server and contact details.

DNS configurations should be handled carefully; errors can disrupt domain accessibility.

Time to Live (TTL): Specifies how long a DNS record is cached by resolvers before refreshing.

Shorter TTLs (e.g., 15 minutes) allow faster propagation of changes but increase DNS query load.
Longer TTLs (e.g., 24 hours) reduce query load but delay updates.

DNS plays a critical role in email security by preventing spam and verifying sender authenticity.
Key email-related DNS records include:

DKIM (DomainKeys Identified Mail): Uses public-key cryptography to verify email authenticity.

A TXT record stores the public key, while the private key signs outgoing emails.
Recipients use the public key to verify the email’s digital signature.

SPF (Sender Policy Framework): Lists authorized email servers for a domain to prevent spoofing.

DMARC (Domain-based Message Authentication, Reporting, and Conformance): Defines policies for handling emails that fail SPF or DKIM checks.

Example: v=DMARC1; p=quarantine; rua=mailto:reports@example.com.
Policies can instruct receivers to quarantine, reject, or allow failed emails.
Reports on email disposition can be sent to a specified email address for monitoring.