Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
tech_notes:dns [2024-05-18 Sat wk20 15:38] baumkptech_notes:dns [2024-06-16 Sun wk24 10:20] (current) – [DNS Performance Checker] baumkp
Line 1: Line 1:
 ======Domain names, domain nameservers, DNS and DHCP====== ======Domain names, domain nameservers, DNS and DHCP======
 Domain names, Domain nameservers, DNS and DHCP are a key part of the internet back bone.   Domain names, Domain nameservers, DNS and DHCP are a key part of the internet back bone.  
-  *DNS resolves the text domain names to the relevant ip addresses.   +  *DNS (Domain Name System) resolves the text domain names to the relevant IP (Internet Protocol) addresses.   
-  *DHCP allows the automatic assignment of ip addresses to hardware (MAC with addressesfor addressing purposes, sometime also with domain names are also assigned.+  *DHCP (Dynamic Host Configuration Protocol) allows the automatic assignment of IP addresses to hardware via a MAC (Medium Access Controladdress, sometime domain names are also assigned
 +    *IPv4 used a broadcast system for ARP (Address Resolution Protocol) 
 +    *IPv6 assigns a link-local address to every network interface. It then uses the link local addresses with neighbor discovery for global IP addressing, with a DHCP or Router Advertisements
     *Each hardware connection point has an associated MAC number to which one or more IP addresses can be assigned     *Each hardware connection point has an associated MAC number to which one or more IP addresses can be assigned
       *Unmanaged switches only use tables of the source attached MAC number of the related connected ports for communication.         *Unmanaged switches only use tables of the source attached MAC number of the related connected ports for communication.  
Line 8: Line 10:
         *It builds a table of source MAC numbers for each port, which it change then use for addressing purposes.           *It builds a table of source MAC numbers for each port, which it change then use for addressing purposes.  
         *A port can have multiple source MAC numbers, such when it is attached to another unmanaged switch.         *A port can have multiple source MAC numbers, such when it is attached to another unmanaged switch.
-        *An unmanaged switch can not transfer data between VLANs. It can transfer data on the same VLAN domain.+        *An unmanaged switch can not transfer data between VLANs (Virtual Local Area Network). It can transfer data on the same VLAN domain.
       *Managed switches have a MAC number       *Managed switches have a MAC number
         *Managed switches usually have an assigned IP address for management access associated with the switch MAC number. (It may be possible that is a separate out of band management port, usually Ethernet, but can be serial port type)         *Managed switches usually have an assigned IP address for management access associated with the switch MAC number. (It may be possible that is a separate out of band management port, usually Ethernet, but can be serial port type)
Line 14: Line 16:
         *Managed switches can be Level 3, which allows IP routing as well as VLANs to function.  The IP routing functions are often limited, that is not all IP router functions are available on Level 3 switches.         *Managed switches can be Level 3, which allows IP routing as well as VLANs to function.  The IP routing functions are often limited, that is not all IP router functions are available on Level 3 switches.
         *The exact management functionality of managed switches varies and not all features maybe available on every model of switch.  In fact functionality of managed switches can be expected to vary considerably between models.         *The exact management functionality of managed switches varies and not all features maybe available on every model of switch.  In fact functionality of managed switches can be expected to vary considerably between models.
-  *domain names are the text used to identify internet resources.  The are registered with a domain name registrar. +  *domain names are the text used to identify internet resources.  The are registered with a domain name registrar. 
-  *domain nameservers are used to assign domain names to IP addresses as well as assign other information to a domain name.+  *domain nameservers are used to assign IP addresses as well as other information to a domain name.
  
  
  
-There are a number of levels of DNS. +There are a number of levels of DNS, the system interrogates in the following order: 
-  - host file,  this is a basic file on each computer where +  - host file,  this is a basic file on each computer operating system 
 +    -The usual automatic entries are: 
 +      -The local machine host name and ip address 
 +      -The loop back address 
 +  - Additional manual entries can be added for any host name and IP address.  (This can be hand on occassions, such as setting up VPNs where the setup process changes internet access for DNS stop working.  The host file manual can still allow address resolution.
   - local dns resolver   - local dns resolver
     - machine based     - machine based
 +      - many operating systems have a local caching DNS server installed to improve DNS performance.
     - LAN based     - LAN based
-  ISP resolver+      This can act as a local caching DNS server and also be used for LAN  
 +  - public resolver
   - authoritative domain resolver   - authoritative domain resolver
  
 +=====Public DNS providers=====
 +  - [[https://www.quad9.net/|Quad9]], free no commercial foundation
 +    - IPv4 (filtered)
 +      -  9.9.9.9
 +      - 149.112.112.112
 +    - IPv6 (filtered)
 +      - 2620:fe::fe
 +      - 2620:fe::9
 +    - [[https://www.quad9.net/service/service-addresses-and-features|Quad9 Service Addresses & Features]] some other options
 +  -  [[https://www.opendns.com/|OpenDNS]], belongs to Cisco
 +    - IPv4
 +      - 208.67.222.222
 +      - 208.67.220.220
 +    - IPv4 (filtered family shield, not-configurable)
 +      - 208.67.222.123
 +      - 208.67.220.123
 +    - IPv6 (filtered) 
 +      - 2620:119:35::35
 +      - 2620:119:53::53
 +    - IPv6 (unfiltered)
 +      - 2620:0:ccc::2
 +      - 2620:0:ccd::2
 +  - [[https://one.one.one.one/dns/|one.one.one.one]] (Cloudflare)
 +    - IPv4 (unfiltered)
 +      - 1.1.1.1
 +      - 1.0.0.1
 +    - IPv6 (unfiltered) 
 +      - 2620:4700:4700::1111
 +      - 2620:4700:4700::1001
 +    -  See [[https://one.one.one.one/family/|one.one.one.one/family]] for filtered options
 +
 +=====Linux DNS Setup=====
 +The local OS DNS servers are specified in ''/etc/resolv.conf''
 +
 +The bind9 file that configs the DNS forwarders is ''/etc/bind/name.conf.options'', the DNS ''forwarders'' are configured.
 +
 +The kea dhcp configuration has the following related to DNS and gateway setup.
 +++++dhcpv4.conf|
 +<code yaml>  "subnet4": [
 +    {
 +      "subnet": "192.168.1.0/24",
 +
 +      // There are no relays in this network, so we need to tell Kea that this subnet
 +      // is reachable directly via the specified interface.
 +      "interface": "enp1s0",
 + 
 +     "pools": [
 +        {
 +          "pool": "192.168.1.100 - 192.168.1.200"
 +        }
 +      ],
 +    "option-data": [
 +      {
 +        "name": "routers",
 +        "data": "192.168.1.1"
 +      },
 +      {
 +        "name": "domain-name-servers",
 +        "data": "192.168.1.14,192.168.1.2,9.9.9.9"
 +      }
 +    ],</code>
 +++++
 +
 +=====DNS Performance Checker=====
 +A good resource for checking DNS performance is from [[https://www.grc.com|GRC Gibson reserch Corporation (Steve Gibson)]].  The speed checker bench marking program [[https://www.grc.com/dns/benchmark.htm|GRC DNS Bench marker]] is only Windows based.  It reportedly runs in Linux/WINE.
  
  
 <- tech_notes:ascii|Back ^ tech_notes:index|Start page ^ tech_notes:markdown| Next-> <- tech_notes:ascii|Back ^ tech_notes:index|Start page ^ tech_notes:markdown| Next->