DNS – How Exactly Does It Work?

dnsopendns

I'm learning pentesting from books. So far I thought I know about DNS but now I'm completely lost and confused.

well, I know what happens when you enter domain name in your browser:

enter image description here

Say, I've bought a domain on name.com. So, all my DNS information will be stored with name.com right? Because I can manage my domain information by logging into name.com.

Now say, I'm hosting my website on hostmonster.

Me: Hey, I want to buy some space on your server.Here is the payment
for it

Hostmonster: Thanks, We are providing you space on server with
IP 12.34.56.78. Now go and update it for your domain name with your
registrar.

This is what I expect to happen. But no it doesn't happen.Instead, Hostmonster gives me two nameservers NS1.HOSTMONSTER.COM or NS2.HOSTMONSTER.COM. WHY?? I thought name.com was having the nameservers and it was containing my information. Now where did this hostmonster nameservers come into picture. its confusing. please clarify what exactly is happening?.

Best Answer

Hostmonster wants to be come the new authority for your DNS zone.

You DNS zone is equivalent to your domain name example.com. In that zone file is defined what IP address example.com points to (as well as all sub-domains, like www.example.com).

For every DNS zone, you must define a name server that handles that zone. So far, that name server was provided by name.com. Hostmonster has now provided you with 2 new name servers for your domain.

To illustrate this, let's request the whois for superuser.com:

$ whois superuser.com

Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

   Domain Name: SUPERUSER.COM
   Registrar: NAME.COM LLC
   Whois Server: whois.name.com
   Referral URL: http://www.name.com
   Name Server: NS1.SERVERFAULT.COM
   Name Server: NS2.SERVERFAULT.COM
   Name Server: NS3.SERVERFAULT.COM
   Status: clientTransferProhibited
   Updated Date: 03-feb-2012
   Creation Date: 01-nov-1995
   Expiration Date: 31-oct-2016

As you can see, it lists 3 name servers which are responsible for that domain. These are the name servers responsible for all names in that zone. They are the name server entries that are supposed to be replaced in the process you mention.

Related Solutions

Dns – Domain name is not resolving (Can’t find: No answer)

When I query the NS records for the domain I get:

mtak@frisbee:~$ dig -t ns yantdom.com +short
ns2.verification-hold.suspended-domain.com.
ns1.verification-hold.suspended-domain.com.

It seems you have not completed the contact verification process (additional information here). I haven't seen this before, but I suggest you contact your registrar.

How domain provider’s DNS name server entries work

What you are after are called "glue records".

A glue record is the IP address of a name server held at the Domain Name registry.

Glue records are required when you wish to set the name servers of a domain name to a hostname under the domain name itself.

For example if you wished to set the name servers of example.com to ns1.example.com and ns2.example.com you would need to also provide the glue records (i.e. the IP addresses) for ns1.example.com and ns2.example.com.

If you did not provide the glue records for these name servers then your domain name would not work as anyone requiring DNS information for it would get stuck in a loop:

What is the name server for example.com? -> ns1.example.com What is the IP address of ns1.example.com? -> don't know, try looking at name server for example.com What is the name server for example.com? -> ns1.example.com

...and so on.

With the glue record in place the registry will hold the IP address and the loop will not occur:

What is the name server for example.com? -> ns1.example.com What is the IP address of ns1.example.com? -> [IP Address]

http://faq.domainmonster.com/dns/glue_record/

Best Answer

Related Solutions

Dns – Domain name is not resolving (Can’t find: No answer)

How domain provider’s DNS name server entries work

Related Question