Resolves hostnames and fully qualified domain names (FQDNs) to IP addresses.
- Ports
- DNS Server Software
- Public DNS Servers for Clients
- Misc
- Linux Packages for DNS Clients
- DNSmasq on macOS
- DNSMasq on RHEL7
- DDNS - Dynamic DNS
| TCP / UDP | Port | Description |
|---|---|---|
| UDP | 53 | - DNS client requests - DNS server replies |
| TCP | 53 | - Dynamic DNS - Zone transfers between DNS servers for replication |
- ISC Bind - the classic unix DNS - still runs most of the internet
- DjbDNS / TinyDNS - smaller faster DNS server
- DNSmasq - simple, serves
/etc/hostsas DNS records- good for local labs or small local networks
- InfoBlox - enterprise DDI (DNS, DHCP, IPAM - IP Address Management) and threat protection - see infoblox.md TODO
https://sslip.io/ - maps anything <anything>[.-]<IP Address>.sslip.io in either 'dot' or 'dash' notation to the embedded IP address.
https://nip.io - maps <anything>[.-]<IP Address>.nip.io in either 'dot' or 'dash' notation to the embedded IP address.
Commonly used for labs and demos where you need to put hostnames / FQDNs in software configuration instead of IP addresses.
Public DNS servers available for clients to use:
1.1.1.1- Cloudflare - privacy first DNS8.8.8.8- Google DNS servers (as if they don't track you enough)8.8.4.4- Google DNS servers208.67.222.222- OpenDNS208.67.220.220- OpenDNS
TSIG key - shared key for one-way hash auth for DDNS and zone transfers
DNS Security - see security.md
Contains the host and dig commands:
sudo yum install -y bind-utilsbrew install dnsmasqTo configure dnsmasq, copy the example configuration to /usr/local/etc/dnsmasq.conf
and edit.
cp /usr/local/opt/dnsmasq/dnsmasq.conf.example /usr/local/etc/dnsmasq.confvim /usr/local/etc/dnsmasq.confSample config I used to use in labs to only serve local VirtualBox VMs -
only listens on vboxnet0 interface and contains *.local lookups:
local=/dev/
local=/local/
local=/localdomain/
local=//
interface=vboxnet0
bind-interfaces
To have launchd start dnsmasq at startup:
sudo cp -fv /usr/local/opt/dnsmasq/*.plist /Library/LaunchDaemonsThen to load dnsmasq now:
sudo launchctl load /Library/LaunchDaemons/homebrew.mxcl.dnsmasq.plistsudo yum install -y dnsmasqdnsmasq --testsudo systemctl enable dnsmasqsudo systemctl start dnsmasqTest DHCP response:
sudo yum install -y dhcpingsudo dhcping -s localhostRequires TCP port 53
http://www.semicomplete.com/articles/dynamic-dns-with-dhcp/
http://www.debian-administration.org/articles/591
nsupdate -v -k /etc/bind/admin-updater.key> update delete www.example.com cname
> send
> update add www1.example.com 86400 a 172.16.1.1
> update add www.example.com 600 cname www1.example.com.
> sendPorted from private Knowledge Base page 2010+ - should have had notes going back to 2003 but young guys don't document enough