October 27, 2011

DNS

Domain Name System (DNS) is an Internet Engineering Task Force (IETF) standard name service that allows a computer to register and resolve domain names. The DNS makes it possible to assign domain names to organizations independent of the routing of the numerical IP address. In other words, DNS is a system that translates domain names into IP addresses. This is necessary because computers only use IP addresses, yet only human readable names are used since the names are easier to remember than IP addresses. Without this DNS resolution, the Internet would be a very inconvenient place. DNS resolution is therefore a very important task. However, users may sometimes try to connect to a system by name and get a DNS error because the name did not resolve to the proper IP address. There are several causes for this:
  • The DNS server is down
  • IP connectivity gets lost and thus the DNS cannot resolve it
  • DNS cache poisoning
  • Update and zone issues
  • The DNS server does not have network connectivity to the root servers

There are a number of ways to find out whether a system is resolving properly, nslookup can be used to verify name resolution. The nslookup command can be used to find various details relating to a particular DNS (Domain Name System) such as IP address, MX records, etc.

dns list DNS

Go to the command prompt and type in nslookup host_name server_IP_address. Replace the actual host name to be resolved for host_name and the IP address of the DNS server for server_IP_address then press enter.

This allows the user to verify if an error is on the server, if there is a widespread resolution error, or if the server is possibly down. Nslookup will also display the various types of DNS records, not just primary (A) records, or all records for a domain. Users can then ping with the switch to also verify if DNS resolution is working fine.

Troubleshoot the dns client since most problems start with failed queries at the client. If a dns server provides incorrect data to queries that it successfully answers, then the most likely causes are:

  • Resource records (RRs) were not dynamically updated in a zone.
  • An error was made when manually adding or modifying static resource records in the zone.
  • Stale resource records in the DNS server database left from cached lookups or zone records not updated with current information or removed when they were no longer needed.

If the DNS server does not resolve names for external networks, then the possible causes could be:

  • The recursive query times out before it can be completed.
  • A remote DNS server fails to respond.
  • A remote DNS server provides incorrect data.
  • DNS server recursion has been disabled.

Also troubleshoot the connectivity to the root servers. Verify that the DNS server used in a failed query can ping its root servers by IP address. If a ping attempt to one root server fails, it might indicate that an IP address for that root server has changed.

No comments:

Post a Comment