Top frequently asked questions and answers about the Domain Name System (DNS) which are asked frequently in interviews
How do you explain DNS in an interview?
DNS is an application layer protocol that translates domain names into IP addresses and vice versa. For example, whenever a user types a domain name in a web browser likes www.protec.com it will translate the domain name to the corresponding IP address.
DNS[Domain Name Server] works on port number 53.
3. What are the protocols used by DNS?
DNS Works on both UDP and TCP.
4. Why DNS uses both UDP and TCP?
DNS uses UDP for queries and responses only as UDP being a connectionless protocol ensures the faster response because of small header size and lesser processing time as compared to TCP.
DNS clients/resolvers issue DNS requests using UDP as an underlying transport protocol. However, DNS uses TCP when the response is more than 512B, and the TC flag is set by the DNS Server and also while performing zone transfers.
5. What is the Root Zone?
DNS is organized in form of the hierarchical tree database where each node represents the domain. The root of the domain tree is represented by a dot (.) and Root Zone is a zone that contains the resource records for the topmost nodes in the domain tree.
6. What are Root Servers?
Root servers are the Name Servers that are authoritative for the root zone.
There are around 13 Root Name servers in the world, with names from a.root-servers.net to m.root-servers.net. Root Name Servers are queried by resolvers or recursive nameservers if the result is not found in their local store.
7. Why there are only 13 root servers?
The concept of 13 Root Nameservers has been originated from the fact that all root nameservers addresses can be obtained in single DNS Responses which was originally limited to 512B.
8. Whether 13 root servers are sufficient to take a load of the whole internet?
There are multiple instances of the root nameservers spread all across the world. Each instance of a particular nameserver responds to the same IP using the concept known as anycasting, where each server advertises the same IP using anycast addressing and the user’s server can query the nearest one.
9. What is TLD?
The top-level domains are referred to as TLDs, gTLDs and ccTLDs are two types of TLDs.
- gTLD are generic top-level domains that include com, org, gov, mil, org, net,...etc
- ccTLD is a country-code Top-level domain that contains domains ending with Country codes like co.in, gov.in or in.
10. What is a zone?
DNS is organized in form of a tree where each node represents the domain. The zone is a region of contiguous space from top to bottom of the tree which contains authoritative data for the domains included in the region.
For Example, Consider a domain name “blog.in” administered by PROTEC. PROTEC can make any changes in the domain and can also make subdomains like “protec.blog.in”,“tech.blog.in”. However, we have delegated the task of making entries below “tech.blog.in” like “cyber.tech.blog.in” to TECH nameservers and hence PROTEC Zone starts from “blog.in” and up to “tech.blog.in”
11. What are the different types of Zone?
Zones are of the following types
- Forward Lookup zone
- Reverse Lookup Zone
- Stub Zone
- Active Directory Integrated Zones
12. What is Forward Lookup Zone?
A forward lookup zone is a zone that is used for translating domain names to IP only. It contains resource records such as A, MX, CNAME, etc.
13. What is Reverse Lookup Zone?
A reverse lookup zone is a zone that is used for translating IP to domain names. This is done through the help of the PTR Resource record.
14. What is Stub Zone?
Stub zone is a zone that does not contain all resource records for a given domain but only contains NS records for the domain and queries primary or secondary nameservers to get the results.
15. What is an Active Directory Integrated Zone?
Active Directory-integrated zone is the concept formulated by Microsoft. In such cases, primary and secondary servers do not replicate each other using standard DNS procedure, however active directory domain File replication is being used for replicating information between servers.
16. What is a Master/Primary Nameserver?
The primary nameserver is the Nameserver that is authoritative for a given domain and also contains a writable copy of the zone file. Any changes made on the primary nameserver get replicated to the secondary Nameservers using zone transfer procedures.
17. What is a slave/Secondary Nameserver?
Secondary Nameservers are the authoritative Nameservers for the particular domain but are not capable of making changes into the zone instead of the read the zone information from the Primary Nameserver and updates itself on regular basis.
18. What is caching Nameserver?
Caching Nameservers are the Nameservers that are not authoritative for any domain and are used to perform recursive lookups based on the user’s request. Whenever a user queries for a particular resource record of a particular domain, Caching Nameservers through recursive queries obtain the answers and also save them in their cache so that answers can be given next time at a faster pace.
19. What is an Authoritative Nameserver?
An authoritative nameserver is a nameserver for a domain that is being delegated by a top-level domain as a nameserver for the domain.
For example, consider a domain name “protec.org” the Authoritative Nameserver for protec.org is actually the Nameserver that once queried to “org” Nameserver comes as output against Nameserver query.
20.What is the Primary Master?
The primary master is the nameserver which is also published in the SOA record of the domain and contains a writable copy of the zone file.
21. What is a Stealth Server?
A secret server is known as a stealth name server. There is no information on this sort of name server anywhere. It can only be accessed by servers that have their IP address set as a static value in their configuration. It's a server that has a lot of authority. With the aid of a zone transfer, it obtains data for the zone. It might act as the zone's primary server. If your local servers are down, stealth servers can be utilized as a backup. If the local servers are unavailable, stealth servers can be used as a local backup.
22. What is the Hidden master?
If a Primary Nameserver is not published anywhere in NS and SOA records and it is only known to Secondary Nameservers through its configurations such a Nameserver is known as a hidden master.
23. What are resource records? What are different types, give example.
All the records which are found in the DNS database are known as resource records. Resource records are like A record (Address IP4), CNAME (Canonical names), MX (Mail Exchange) etc.
24. What is in-addr.arpa?
In-addr.arpa is a special domain for reverse mapping of the particular domain. This domain name starts from the IP addresses in reverse.
For example, IP address of the webserver is A.B.C.D then its corresponding entry in arpa domain would be D.C.B.A.in-addr.arpa. This domain is being used for maintaining PTR record entries for resource records. Whenever a nameserver is being queried for PTR record for a resource record, nameservers query the arpa name servers to get a reverse ptr.
25. What are stub resolvers?
Stub resolvers are the application programs that reside in both windows and Linux which are capable of forwarding the user’s DNS queries to DNS servers specified in the Network cards, however, they are not capable of performing full recursive queries up to the root servers.
26. What is an Iterative Query?
An iterative query is the query used by Nameservers when it is expected a result from another Nameserver. local cache or authoritative data only. The answer given as a result of the iterative query is the best possible answer obtained from the server.
For example whenever a user issues a query “what is abc.org” to the Nameserver mentioned in its NIC. That server receives a recursive query from a client. If it doesn’t know the answer it forwards the same to the root zone. The query sent to the root zone is an iterative query as Nameservers are aware root zone does not support a recursive query.
27. What is a Recursive query?
A recursive query is a query issued by users to their Local Nameserver such that if the Local Nameserver does not contain information, it can perform a recursive lookup and get the desired result.
28. What is an Inverse Query?
Inverse query is the query where users query for “A” record and enter an IP address instead of the domain name and expects a domain name. Such types of queries are now obsolete and it is not mandatory for Nameservers to support them. It should be understood that this is different from reverse query where user issues query based on PTR record and not A record.
29. What is SOA?
SOA stands for Start of Authority Records, it is mandatory to record for the domain and should be the first resource record in the zone file. This record gives the information about
- Primary nameserver of the domain.
- Responsible person email address.
- Time interval in seconds after which Secondary nameserver should query primary nameserver for any change/update.
- Time interval in seconds after which secondary nameserver should retry if not able to update itself in the time specified in refresh interval.
- Time interval in seconds after which nameserver should not answer any query if it failed to receive an update from primary nameserver from that duration of time.
- Negative cache TTL: Time interval in seconds for which nameservers should keep in cache the negative results.
30. What are MX records? What is the use of them?
MX records stand for mail exchange records. These are the records used to specify the address/domain name of the servers responsible for receiving emails on behalf of the domain.
It is recommended to have two or more MX records for a domain for ensuring high availability. Each MX record has a field called preference, the lower the value of that field, the more preferred is the MX record.
31. Can the same nameserver be master for one zone and slave for another?
Yes, it is possible to a single nameserver can be master for one zone and slave for another.
32. What are forwarding nameservers?
Nameservers that forwards all those queries to another nameserver for which it is not capable of answering are called forwarding nameservers. Nameservers can forward selective domain queries to other nameservers using a concept called forward zone.
33. What is a forward zone?
The forward zone is a concept used by BIND and a similar concept has been used by windows DNS with the name “Conditional forwarding” where the nameserver can forward the queries related to a specific domain and its child domains for which it doesn’t contain any information in zone file or cache to specific nameservers.
34. What is the significance of CNAME?
CNAME is a canonical name or alias for an existing A record. This helps in segregating services from a user point of view. For example, the same server is providing both FTP and web service, cname record helps in defining www.domain.com for web and ftp.domain.com for FTP service. The same can be done through creating a separate A record, however with cname record once changed for webserver automatically updates the value for FTP as both are pointing to the same A record.
35. What is NS Record?
Defines name servers that are authoritative for the zone or domain. There must be two or, more NS RRs in a zone file. NS RRs may reference servers in this domain or in a foreign domain. These RRs are mandatory.
36. What is the format of A record?
Name ttl class rr IPv4 For example, A record for ftp.protec.org would be ftp.protec.org. 300 IN A x.x.x.x
37. What is AXFR?
AXFR stands for full zone transfer, as per DNS specifications secondary nameserver poll the primary nameserver for any update, if any update is being found the secondary nameserver initiates a process in which it transfers the entire zone file from the master. Such a process is known as Full Zone transfer.
38. What is IXFR?
IXFR stands for incremental zone transfer, as per DNS specifications secondary nameserver poll the primary nameserver for any update, if any update is being found the secondary nameserver initiates a process in which it transfers the changes in the primary zone file and secondary zone file. Such a process is known as Incremental zone transfer.
39. What is DNS notify?
RFC 1996 describe a scheme where an authoritative zone name server (either master or slave) will send a NOTIFY message to the zone name servers (defined by the NS RRs for the that zone) whenever the zone is loaded or updated. This message indicates that a change may have occurred in the domain records. The name server on receipt of the NOTIFY message will request the SOA(Start of Authority) RR(Resource Record) from the zone master, and if the serial number is greater than the one presently configured, will attempt a zone transfer using either an AXFR) or an IXFR
40. What is DDNS?
The classic method of updating zone RRs(Resource Record) as per requirment is to manually edit the zone file and then stop and start the dns services to read the zone files and propagate the changes. When the number of modifications exceeds a certain threshold, this might become operationally unacceptable, especially in organizations that deal with a high number of zone files, such as service providers, where BIND can take a long time to restart due to the huge number of zone files it maintains.
Many larger DNS users need a method to rapidly change the zone records while the name server continues to respond to DNS user queries.
There are two approaches for solving such problems:
- It shlould Allowed runtime updating of the zone RRs from an external source or application.
- Directly feed the zone RRs from a database, which can be dynamically updated.
RFC 2136 takes the first approach and defines a process, called Dynamic DNS (DDNS), whereby zone records can be updated from one or more external sources
41. What is a Glue record?
Glue records are the A records for a Nameserver of a domain that is statically added to the top-level domain. These records are added while creating delegation records.
42. What is the difference between WINS and DNS?
WINS stands for windows information naming service, this is used for resolving system NetBIOS name to IP. This can only work in Windows however DNS is used to resolve domain names and can be used on any platform
43. What is the SRV record?
SRV records are service records and are used for locating services in the network.
Post a Comment
Please do fair and genuine comment only