Domain Name Resolver
Domain Name
A domain name is an identification string that defines a realm of administrative autonomy, authority or control within the Internet. Domain names are used in various networking contexts and for application-specific naming and addressing purposes. In general, a domain name identifies a network domain, or it represents an Internet Protocol (IP) resource, such as a personal computer used to access the Internet, a server computer hosting a website, or the web site itself or any other service communicated via the Internet. In 2017, 330.6 million domain names had been registered.
Domain names are formed by the rules and procedures of the Domain Name System (DNS). Any name registered in the DNS is a domain name. Domain names are organized in subordinate levels (subdomains) of the DNS root domain, which is nameless. The first-level set of domain names are the top-level domains (TLDs), including the generic top-level domains (gTLDs), such as the prominent domains com
, info
, net
, edu
, and org
, and the country code top-level domains (ccTLDs). Below these top-level domains in the DNS hierarchy are the second-level and third-level domain names that are typically open for reservation by end-users who wish to connect local area networks to the Internet, create other publicly accessible Internet resources or run web sites.
The registration of these domain names is usually administered by domain name registrars who sell their services to the public.
A fully qualified domain name (FQDN) is a domain name that is completely specified with all labels in the hierarchy of the DNS, having no parts omitted. Traditionally a FQDN ends in a dot (.) to denote the top of the DNS tree. Labels in the Domain Name System are case-insensitive, and may therefore be written in any desired capitalization method, but most commonly domain names are written in lowercase in technical contexts.
Domain name syntax
A domain name consists of one or more parts, technically called labels, that are conventionally concatenated, and delimited by dots, such as example.com
.
-
The right-most label conveys the top-level domain; for example, the domain name
www.example.com
belongs to the top-level domaincom
. -
The hierarchy of domains descends from the right to the left label in the name; each label to the left specifies a subdivision, or subdomain of the domain to the right. For example: the label example specifies a node
example.com
as a subdomain of thecom
domain, andwww
is a label to createwww.example.com
, a subdomain ofexample.com
. Each label may contain from 1 to 63 octets. The empty label is reserved for the root node and when fully qualified is expressed as the empty label terminated by a dot. The full domain name may not exceed a total length of 253 ASCII characters in its textual representation. Thus, when using a single character per label, the limit is 127 levels: 127 characters plus 126 dots have a total length of 253. In practice, some domain registries may have shorter limits. -
A hostname is a domain name that has at least one associated IP address. For example, the domain names
www.example.com
andexample.com
are also hostnames, whereas thecom
domain is not. However, other top-level domains, particularly country code top-level domains, may indeed have an IP address, and if so, they are also hostnames. -
Hostnames impose restrictions on the characters allowed in the corresponding domain name. A valid hostname is also a valid domain name, but a valid domain name may not necessarily be valid as a hostname.
Top-level domains
When the Domain Name System was devised in the 1980s, the domain name space was divided into two main groups of domains. The country code top-level domains (ccTLD) were primarily based on the two-character territory codes of ISO-3166 country abbreviations. In addition, a group of seven generic top-level domains (gTLD) was implemented which represented a set of categories of names and multi-organizations. These were the domains gov
, edu
, com
, mil
, org
, net
, and int
. These two types of top-level domains (TLDs) are the highest level of domain names of the Internet. Top-level domains form the DNS root zone of the hierarchical Domain Name System. Every domain name ends with a top-level domain label.
The Internet Assigned Numbers Authority (IANA) maintains an annotated list of top-level domains in the DNS root zone database.
Second-level and lower level domains
Below the top-level domains in the domain name hierarchy are the second-level domain (SLD) names. These are the names directly to the left of .com
, .net
, and the other top-level domains. As an example, in the domain example.co.uk
, co
is the second-level domain.
Next are third-level domains, which are written immediately to the left of a second-level domain. There can be fourth- and fifth-level domains, and so on, with virtually no limitation. An example of an operational domain name with four levels of domain labels is sos.state.oh.us
. Each label is separated by a full stop (dot). sos
is said to be a sub-domain of state.oh.us
, and state
a sub-domain of oh.us
, etc. In general, subdomains are domains subordinate to their parent domain. An example of very deep levels of subdomain ordering are the IPv6 reverse resolution DNS zones, e.g., 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa, which is the reverse DNS resolution domain name for the IP address of a loopback interface, or the localhost name.
Second-level (or lower-level, depending on the established parent hierarchy) domain names are often created based on the name of a company (e.g., bbc.co.uk), product or service (e.g. hotmail.com). Below these levels, the next domain name component has been used to designate a particular host server. Therefore, ftp.example.com might be an FTP server, www.example.com would be a World Wide Web server, and mail.example.com could be an email server, each intended to perform only the implied function. Modern technology allows multiple physical servers with either different (cf. load balancing) or even identical addresses (cf. anycast) to serve a single hostname or domain name, or multiple domain names to be served by a single computer. The latter is very popular in Web hosting service centers, where service providers host the websites of many organizations on just a few servers.
The hierarchical DNS labels or components of domain names are separated in a fully qualified name by the full stop (dot, .).
Use in web site hosting
The domain name is a component of a uniform resource locator (URL) used to access web sites, for example:
-
Top-level domain: net
-
Second-level domain: example
-
Hostname: www
A domain name may point to multiple IP addresses to provide server redundancy for the services offered, a feature that is used to manage the traffic of large, popular web sites.
Web hosting services, on the other hand, run servers that are typically assigned only one or a few addresses while serving websites for many domains, a technique referred to as virtual web hosting. Such IP address overloading requires that each request identifies the domain name being referenced, for instance by using the HTTP request header field Host:, or Server Name Indication.
Hostname
In computer networking, a hostname (archaically nodename) is a label that is assigned to a device connected to a computer network and that is used to identify the device in various forms of electronic communication, such as the World Wide Web. Hostnames may be simple names consisting of a single word or phrase, or they may be structured. Each hostname usually has at least one numeric network address associated with it for routing packets for performance and other reasons.
Internet hostnames may have appended the name of a Domain Name System (DNS) domain, separated from the host-specific label by a period ("dot"). In the latter form, a hostname is also called a domain name. If the domain name is completely specified, including a top-level domain of the Internet, then the hostname is said to be a fully qualified domain name (FQDN). Hostnames that include DNS domains are often stored in the Domain Name System together with the IP addresses of the host they represent for the purpose of mapping the hostname to an address, or the reverse process.
Server Name Indication (SNI)
Server Name Indication (SNI) is an extension to the Transport Layer Security (TLS) computer networking protocol by which a client indicates which hostname it is attempting to connect to at the start of the handshaking process. This allows a server to present one of multiple possible certificates on the same IP address and TCP port number and hence allows multiple secure (HTTPS) websites (or any other service over TLS) to be served by the same IP address without requiring all those sites to use the same certificate. It is the conceptual equivalent to HTTP/1.1 name-based virtual hosting, but for HTTPS. This also allows a proxy to forward client traffic to the right server during TLS/SSL handshake. The desired hostname is not encrypted in the original SNI extension, so an eavesdropper can see which site is being requested.
Understanding DNS and name servers
DNS stands for "Domain Name System". The domain name system acts like a large telephone directory and in that it’s the master database, which associates a domain name such as www.wikipedia.org
with the appropriate IP number. Consider the IP number something similar to a phone number: When someone calls www.wikipedia.org
, the ISP looks at the DNS server, and asks "how do I contact www.wikipedia.org
?" The DNS server responds, for example, "it can be found at: 91.198.174.192
.". As the Internet understands it, this can be considered the phone number for the server that houses the website. When the domain name is registered/purchased on a particular registrar’s "name server", the DNS settings are kept on their server, and in most cases point the domain to the name server of the hosting provider. This name server is where the IP number (currently associated with the domain name) resides.
DNS Zone
A DNS zone is a specific portion of the DNS namespace in the Domain Name System (DNS), which is managed by a specific organization or administrator. A DNS zone is an administrative space that allows for more granular control of the DNS components, such as authoritative nameserver. The DNS is broken up into many different zones, which are distinctly managed areas in the DNS namespace. DNS zones are not necessarily physically separated from one another, however, a DNS zone can contain multiple subdomains and multiple zones can exist on the same server.
The domain namespace of the Internet is organized into a hierarchical layout of subdomains below the DNS root domain. The individual domains of this tree may serve as delegation points for administrative authority and management. However, usually, it is furthermore desirable to implement fine-grained boundaries of delegation, so that multiple sub-levels of a domain may be managed independently. Therefore, the domain name space is partitioned into areas (zones) for this purpose. A zone starts at a domain and extends downward in the tree to the leaf nodes or to the top-level of subdomains where other zones start.
A DNS zone is implemented in the configuration system of a domain name server. Historically, it is defined in the zone file, an operating system text file that starts with the special DNS record type Start of Authority (SOA) and contains all records for the resources described within the zone. This format was originally used by the Berkeley Internet Name Domain Server (BIND) software package and is defined in RFC 1034 and RFC 1035.
$ORIGIN example.com. ; designates the start of this zone file in the namespace
$TTL 3600 ; default expiration time (in seconds) of all RRs without their own TTL value
example.com. IN SOA ns.example.com. username.example.com. ( 2020091025 7200 3600 1209600 3600 )
example.com. IN NS ns ; ns.example.com is a nameserver for example.com
example.com. IN NS ns.somewhere.example. ; ns.somewhere.example is a backup nameserver for example.com
example.com. IN MX 10 mail.example.com. ; mail.example.com is the mailserver for example.com
@ IN MX 20 mail2.example.com. ; equivalent to above line, "@" represents zone origin
@ IN MX 50 mail3 ; equivalent to above line, but using a relative host name
example.com. IN A 192.0.2.1 ; IPv4 address for example.com
IN AAAA 2001:db8:10::1 ; IPv6 address for example.com
ns IN A 192.0.2.2 ; IPv4 address for ns.example.com
IN AAAA 2001:db8:10::2 ; IPv6 address for ns.example.com
www IN CNAME example.com. ; www.example.com is an alias for example.com
wwwtest IN CNAME www ; wwwtest.example.com is another alias for www.example.com
mail IN A 192.0.2.3 ; IPv4 address for mail.example.com
mail2 IN A 192.0.2.4 ; IPv4 address for mail2.example.com
mail3 IN A 192.0.2.5 ; IPv4 address for mail3.example.com
At minimum, the zone file must specify the Start of Authority (SOA) record with the name of the authoritative master name server for the zone and the email address of someone responsible for management of the name server (represented as a domain name, with a full stop character in place of the usual @ symbol). The parameters of the SOA record also specify a list of timing and expiration parameters (serial number, slave refresh period, slave retry time, slave expiration time, and the maximum time to cache the record). Some name servers, including BIND, also require at least one additional NS record.
In the zone file, domain names that end with a full stop character (such as "example.com." in the above example) are fully qualified while those that do not end with a full stop are relative to the current origin (which is why www in the above example refers to www.example.com).
List of DNS record types
Type |
Description |
Function |
A |
Address record |
Returns a 32-bit IPv4 address, most commonly used to map hostnames to an IP address of the host, but it is also used for DNSBLs, storing subnet masks in RFC 1101, etc. |
AAAA |
IPv6 address record |
Returns a 128-bit IPv6 address, most commonly used to map hostnames to an IP address of the host. |
CNAME |
Canonical name record |
Alias of one name to another: the DNS lookup will continue by retrying the lookup with the new name. |
MX |
Mail exchange record |
Maps a domain name to a list of message transfer agents for that domain |
NS |
Name server record |
Delegates a DNS zone to use the given authoritative name servers |
PTR |
PTR Resource Record |
Pointer to a canonical name. Unlike a CNAME, DNS processing stops and just the name is returned. The most common use is for implementing reverse DNS lookups, but other uses include such things as DNS-SD. |
TXT |
Text record |
Originally for arbitrary human-readable text in a DNS record. Since the early 1990s, however, this record more often carries machine-readable data, such as specified by RFC 1464, opportunistic encryption, Sender Policy Framework, DKIM, DMARC, DNS-SD, etc. |
SOA |
Start of [a zone of] authority record |
Specifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial number, and several timers relating to refreshing the zone. |
SRV |
Service locator |
Generalized service location record, used for newer protocols instead of creating protocol-specific records such as MX. |
Name Resolver
dig is a network administration command-line tool for querying the Domain Name System (DNS).
dig is useful for network troubleshooting and for educational purposes. It can operate based on command line option and flag arguments, or in batch mode by reading requests from an operating system file. When a specific name server is not specified in the command invocation, it uses the operating system’s default resolver, usually configured in the file resolv.conf. Without any arguments it queries the DNS root zone.
dig supports Internationalized domain name (IDN) queries.
dig is a component of the domain name server software suite BIND. dig supersedes in functionality older tools, such as nslookup and the program host; however, the older tools are still used in complementary fashion.
$ uname -a
Linux far-seer-01 4.19.0-17-amd64 #1 SMP Debian 4.19.194-3 (2021-07-18) x86_64 GNU/Linux
$ which dig
/usr/bin/dig
$ dpkg -S /usr/bin/dig
dnsutils: /usr/bin/dig
$ dpkg -s dnsutils
Package: dnsutils
Status: install ok installed
Priority: standard
Section: net
Installed-Size: 724
Maintainer: Debian DNS Team <team+dns@tracker.debian.org>
Architecture: amd64
Source: bind9
Version: 1:9.11.5.P4+dfsg-5.1+deb10u5
Replaces: bind9 (<< 1:9.11.2+dfsg-6)
Depends: bind9-host | host, libbind9-161 (= 1:9.11.5.P4+dfsg-5.1+deb10u5), libdns1104 (= 1:9.11.5.P4+dfsg-5.1+deb10u5), libisc1100 (= 1:9.11.5.P4+dfsg-5.1+deb10u5), libisccfg163 (= 1:9.11.5.P4+dfsg-5.1+deb10u5), liblwres161 (= 1:9.11.5.P4+dfsg-5.1+deb10u5), libc6 (>= 2.14), libcap2 (>= 1:2.10), libcom-err2 (>= 1.43.9), libfstrm0 (>= 0.2.0), libgeoip1, libgssapi-krb5-2 (>= 1.6.dfsg.2), libidn2-0 (>= 2.0.0), libirs161 (>= 1:9.10.6+dfsg), libjson-c3 (>= 0.10), libk5crypto3 (>= 1.6.dfsg.2), libkrb5-3 (>= 1.6.dfsg.2), liblmdb0 (>= 0.9.6), libprotobuf-c1 (>= 1.0.0), libssl1.1 (>= 1.1.0), libxml2 (>= 2.6.27)
Suggests: rblcheck
Breaks: bind9 (<< 1:9.11.2+dfsg-6~)
Description: Clients provided with BIND
The Berkeley Internet Name Domain (BIND) implements an Internet domain
name server. BIND is the most widely-used name server software on the
Internet, and is supported by the Internet Software Consortium, www.isc.org.
.
This package delivers various client programs related to DNS that are
derived from the BIND source tree.
.
- dig - query the DNS in various ways
- nslookup - the older way to do it
- nsupdate - perform dynamic updates (See RFC2136)
Homepage: https://www.isc.org/downloads/bind/
$ dig example.com any
; <<>> DiG 9.11.5-P4-5.1+deb10u5-Debian <<>> example.com any
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63227
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4000
;; QUESTION SECTION:
;example.com. IN ANY
;; ANSWER SECTION:
example.com. 86392 IN NS a.iana-servers.net.
example.com. 86392 IN NS b.iana-servers.net.
;; ADDITIONAL SECTION:
a.iana-servers.net. 1110 IN A 199.43.135.53
;; Query time: 8036 msec
;; SERVER: 192.168.91.2#53(192.168.91.2)
;; WHEN: Thu Sep 16 17:42:54 CST 2021
;; MSG SIZE rcvd: 104
$ dig wikimedia.org MX @ns0.wikimedia.org
; <<>> DiG 9.11.5-P4-5.1+deb10u5-Debian <<>> wikimedia.org MX @ns0.wikimedia.org
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38154
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1024
; COOKIE: dbf83c6650877fa79e7847ead3b3945a (good)
;; QUESTION SECTION:
;wikimedia.org. IN MX
;; ANSWER SECTION:
wikimedia.org. 3600 IN MX 10 mx1001.wikimedia.org.
wikimedia.org. 3600 IN MX 50 mx2001.wikimedia.org.
;; Query time: 252 msec
;; SERVER: 208.80.154.238#53(208.80.154.238)
;; WHEN: Thu Sep 16 17:46:57 CST 2021
;; MSG SIZE rcvd: 108
$ dig +trace www.github.com
; <<>> DiG 9.11.5-P4-5.1+deb10u5-Debian <<>> +trace www.github.com
;; global options: +cmd
. 5 IN NS k.root-servers.net.
. 5 IN NS l.root-servers.net.
. 5 IN NS m.root-servers.net.
. 5 IN NS a.root-servers.net.
. 5 IN NS b.root-servers.net.
. 5 IN NS c.root-servers.net.
. 5 IN NS d.root-servers.net.
. 5 IN NS e.root-servers.net.
. 5 IN NS f.root-servers.net.
. 5 IN NS g.root-servers.net.
. 5 IN NS h.root-servers.net.
. 5 IN NS i.root-servers.net.
. 5 IN NS j.root-servers.net.
;; Received 505 bytes from 192.168.91.2#53(192.168.91.2) in 2 ms
com. 172800 IN NS e.gtld-servers.net.
com. 172800 IN NS a.gtld-servers.net.
com. 172800 IN NS m.gtld-servers.net.
com. 172800 IN NS b.gtld-servers.net.
com. 172800 IN NS k.gtld-servers.net.
com. 172800 IN NS c.gtld-servers.net.
com. 172800 IN NS h.gtld-servers.net.
com. 172800 IN NS d.gtld-servers.net.
com. 172800 IN NS j.gtld-servers.net.
com. 172800 IN NS f.gtld-servers.net.
com. 172800 IN NS g.gtld-servers.net.
com. 172800 IN NS i.gtld-servers.net.
com. 172800 IN NS l.gtld-servers.net.
com. 86400 IN DS 30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
com. 86400 IN RRSIG DS 8 1 86400 20210929050000 20210916040000 26838 . fx8n4M8A6NzjYulKZv+HZDDn284asQmylJdODy41qHHu2POMIKg/P2uI 1JiRxVMZgKXovQX/6reVjQ1y39ExQ/Kv7blrVjNlsakl1GnIaWc1zvtx D1eV7md/yjCWt3Tqzs9COkGfJ1/nOo3lFZBx3rjkX+/pLkxdjq+hYIXR D8+ImvX75xiOEWE5mfMu/3eOmc6Gy3RaxdRJgtPzFEfih5+xSwbD5G4Q Oyw2OKJzRFOsSgXh7MNDe/eCskmTg1Fir9FoLOVe7MOKat6OVsgSNaaS PcarpJ7WPdOTw1SMFPEswF4Od3IvLSmrEeNyvT2V/AhMyO4qd2GWCP4d OujB/Q==
;; Received 1177 bytes from 193.0.14.129#53(k.root-servers.net) in 55 ms
github.com. 172800 IN NS ns-520.awsdns-01.net.
github.com. 172800 IN NS ns-421.awsdns-52.com.
github.com. 172800 IN NS ns-1707.awsdns-21.co.uk.
github.com. 172800 IN NS ns-1283.awsdns-32.org.
github.com. 172800 IN NS dns1.p08.nsone.net.
github.com. 172800 IN NS dns2.p08.nsone.net.
github.com. 172800 IN NS dns3.p08.nsone.net.
github.com. 172800 IN NS dns4.p08.nsone.net.
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN NSEC3 1 1 0 - CK0Q1GIN43N1ARRC9OSM6QPQR81H5M9A NS SOA RRSIG DNSKEY NSEC3PARAM
CK0POJMG874LJREF7EFN8430QVIT8BSM.com. 86400 IN RRSIG NSEC3 8 2 86400 20210921042409 20210914031409 39343 com. c9SclprREuH1LAATdWAEe+V6DGPSZpF97QyaVR8ZQv9ag1xw8xi3wexj Y8CcqQvHNuuDRepvCQOU0mdeLdHgzsXtcOra2TfKbMVPGki6a+btSYXc UjYM1y1sM6tqZ9kaIlMKD3lvqM2AnV39TtqV0zyKW/GnJLnLkki/6HXA VMsxhETwCh4dWuDrObBNmBD/Y5pJYsauuXHcAeEpNfXmVQ==
4KB4DFS71LEP8G8P8VT4CCUSQNL4CNCS.com. 86400 IN NSEC3 1 1 0 - 4KB4PTQQ5CTA7POCTGM7RUFC8B1RKTEU NS DS RRSIG
4KB4DFS71LEP8G8P8VT4CCUSQNL4CNCS.com. 86400 IN RRSIG NSEC3 8 2 86400 20210922052650 20210915041650 39343 com. G5mbrU7hPTiPi9/5TFPgsq8kWcUVgvIcGcIJiMRI6gAtd45Hlli12Kl6 hKwkhJm80ZEgP+PwpwHccnoOy8OCmPLySzAIOtaO7m3Xeojk/ooCF3et MG2K2Ih6kNH03kfwa/kAf6sg9K3/4ScG6ee7KakfykcXXsU/S2kw9Uix MSyINg3nEivyik6RXK6IoeWDE2Do2l/JORRjzgWE5biSVA==
;; Received 831 bytes from 192.52.178.30#53(k.gtld-servers.net) in 216 ms
www.github.com. 3600 IN CNAME github.com.
github.com. 60 IN A 13.229.188.59
;; Received 73 bytes from 198.51.44.8#53(dns1.p08.nsone.net) in 89 ms