DNS Flashcards
What is NetBios
A windows proprietary name resolving service for LANS.
How does NetBios work
NetBios has the computer broadcast its information onto the network upon booting. Other NetBios enabled PCs will hear and store this information.
What are two downsides to NetBios
- It doesn’t support IP
- It’s not suitable in large networks due to the broadcast spamming
What is NetBT
Netbios over TCPIP
How would NetBT handle LAN and WAN requests for name resolution?
NetBios for LAN, DNS for WAN
What are the ports for NetBios
137, 138, 139
What purpose did SMB serve in NetBT. What was its port number?
It was the protocol for file and print sharing on 445
True or false: NetBT, due to using NetBios for LAN and DNS for Wan, required you to have a local name for your LAN and a routable DNS for WAN
True
What is a DNS resolver
Something that’s main focus is resolving FQDNs to IPs.
What is a Name server
A server that holds the IP addressing for FQDNs
How should we visualise DNS Zones
As boxes with sticky notes inside for each of the unique A-records. It is a container for a domain’s records.
What is an A-record
A single, FQDN to IP resolution. These reside on authoratative servers.
What is an authoratative server
The server that physically and logically holds the FQDN for what you’re looking for.
What is the type of DNS server below the root on the DNS heirarchy?
Top level domain
What is a three step simplified DNS heirarchy?
Root > Top level domain > Authoritative servers
What is the naming convention for DNS servers?
The rightmost part being the root. For example
classroom.MartinHigh.Local
or
www.totalsem.com
What is a Zone transfer?
This explains how a primary DNS server shares its updated tables with secondary DNS servers that mirror its DNS Zones and records.
It does this by advancing a serial value. Secondary servers regularly look at this value and, if they see it’s different to their own, will request an update from the primary server.
What is forward lookup
FQDN > IP
What is reverse lookup
IP > FQDN
What is the DNS process. From CPU to IP delivery to the CPU.
CPU checks local resolver cacheand HOSTS file for FQDN’s IP. If it’s not there, move on to…
CPU requests IP from the client’s DNS server. If it’s not there, move on to…
Client DNS requesting the IP from a root server. If it’s not there, move on to…
Root gives client DNS an address to the TLD responsible for the address and asks there. If it’s not there, move on to…
TLD will know the authoratative server, and provides the IP of that server. The client DNS will go here, get the IP and send it back to the CPU.
What is a AAAA record
An IPv6 FQDN record
How do you display your dns information in windows cmd
ipconfig /displaydns
What is DNS caching
This is when a DNS server stores (or caches) the data it retrieves so it doesn’t need to go out on the internet to find commonly used DNS queries constantly.
What is TTL in relation to DNS caching?
How long something is stored in a cache.
Label all of these parts from a SRV record:
_sip._tcp.example.com. 86400 IN SRV 0 5 5060 sipserver.example.com.
service: the symbolic name of the desired service. (_sip.)
proto: the transport protocol of the desired service; this is usually either TCP or UDP. (_tcp.)
name of site: the domain name for which this record is valid, ending in a dot. This is the name of the domain you’re trying to reach? ( example.com.)
ttl: standard DNS time to live field. (86400)
IN: standard DNS class field (this is always IN).
SRV: Type of Record (this is always SRV).
priority: the priority of the target host, lower value means more preferred. This is used to decide which server has priority in answering the query. (0)
weight: A relative weight for records with the same priority, higher value means higher chance of getting picked. (5)
port: the TCP or UDP port on which the service is to be found. (5060)
server target: the canonical hostname of the machine providing the service, ending in a dot. (sipserver.example.com.)
What is the point of an SRV record
Whereas MX records only provide information for email services, SRV is a flexible record in that it can be used to resolve numerous kinds of services. For example, one SRV record could be for LDAP and the other could be for VoIP. In the end, it still resolves things. Usually host names to ports instead of IPs, but it’s slightly different.
what is an mx record
A record holding mail exchange information.
It will find an authoratative server like any other DNS query, but instead of requesting an A or AAAA record it will ask for an MX one for the specified domain.
What is a CNAME
Canonical name is simply an alias for a FQDN
What is a PTR record
One found only in reverse lookup zones. This is a pointer record. (FQDN > IP
You look at a DNS server and see one of the file type set to SOA. What is this?
State of authority
The primary name server in charge of a specific zone
You look at a DNS server and see one of the file type set to NS. What is this?
All of the name servers and their IPs within the domain.
For SRV records, what is the difference between priority and weight
Priority prioritizes specific servers over others. This means they will be the priority in answering incoming queries over others.
Weight prioritizes what types of data are answered to first. For example, voip may be a priority and is answered before kerberos queries.
What does ipconfig /registerdns do
updates your dns records from your active directory base.
What does netstat -s do
Shows TCP/IP information such as packets received and sent
How can nslookup -s be used to troubleshoot a network issue?
If you can see packets are sent but none received or vice versa it’s very likely that you have a break in the cable.
Other computers on a network resolve names just fine, but yours can never find the server unless you type in an IP address. What cmd could you try here?
ipconfig /flushdns
Using ping, how can you check if your DNS is borked?
If you can ping an address successfully but not a FQDN, something DNS related is deaded.
