Made on IRCNow

Commit Diff

Commit:: 11c9729e37282a212cecda86a2ff5862103c73b9
From:: jrmu <jrmu@ircnow.org>
Date:: Thu Dec 5 08:00:35 2024 UTC
Message:: Daily backup
Actions:: Patch | Tree
commit - cc659718a2a9a270049ef23c5969b9ffaf3cbd68
commit + 11c9729e37282a212cecda86a2ff5862103c73b9
blob - /dev/null
blob + 7f7c5bc646f3befd40518b6e090f6ded0eb8f68c (mode 644)
--- /dev/null
+++ wiki.d/Dns.Overview-Draft,del-1733360023
@@ -0,0 +1,45 @@
+version=pmwiki-2.3.20 ordered=1 urlencoded=1
+agent=w3m/0.5.3+git20230718
+author=jrmu
+charset=UTF-8
+csum=
+ctime=1614237183
+host=104.167.242.140
+name=Dns.Overview-Draft
+rev=10
+targets=IPv4.Overview,IPv6.Overview,Host.Usage,Dig.Usage,CloudFlare.Cons,Dns.Domain,Dns.Zonefile,Dns.Providers,Dns.Records,Openbsd.Nsd,Unbound.Configure,Openbsd.Vhost
+text=(:title Introduction to the Domain Name System:)%0a%0a!! Why use names?%0a%0aThere are over 4 billion possible [[IPv4/Overview|IP addresses]] and an%0aastronomical number of [[IPv6/Overview|IPv6 addresses]]. Since humans%0ahave a difficult time remembering numbers, the Internet uses names like%0aexample.com. Instead of typing IP addresses like 192.168.0.1 into our%0aweb browser, we type names like example.com. Computers take these%0ahostnames and find their associated IP addresses, a process called%0a'''name resolution'''.%0a%0a[[host/usage|host]], [[dig/usage]], and%0a[[https://man.openbsd.org/nslookup.1|nslookup(1)]] are three utilities that can%0aperform name resolution.%0a%0a!! How DNS works%0a%0aTo perform '''name resolution''', the client (such as a web browser)%0aneeds a '''name resolver'''. The name resolver then '''queries'''%0a(requests information from) a '''name server'''. This name server could%0abe run by your ISP, your router, or a server in a data center.%0a%0aFor example, if you visit the webpage @@https://example.com@@, your web%0abrowser will resolve the name @@example.com@@ into the IP address%0a@@93.184.215.14@@.%0a%0a[@%0a$ host example.com%0aexample.com has address 93.184.215.14%0aexample.com has IPv6 address 2606:2800:21f:cb07:6820:80da:af6b:8b2c%0aexample.com mail is handled by 0 .%0a@]%0a%0aDNS is '''distributed'''. This means that there is no single name%0aserver that knows about every single domain on the Internet. Instead,%0athis information is spread out across millions of servers all across%0athe Internet.%0a%0a[@%0a$ host -t ns example.com%0aexample.com name server a.iana-servers.net.%0aexample.com name server b.iana-servers.net.%0a@]%0a%0aA distributed name system is more robust and more practical. Imagine if%0aall the information were only put on a single name server: if that one%0aname server went offline, name resolution for the entire Internet would%0afail.%0a%0aTo achieve this distributed system, name servers are '''delegated authority''' over their own '''zones'''. For example, you might be given authority over the zone username.ircnow.org. Your server can then provide data for that hostname and any other subdomains like mail.username.ircnow.org or www.username.ircnow.org. Your server would control all subdomains within that zone (anything that contains username.ircnow.org). However, you would not be in control of example.com. This zone is delegated to another name server elsewhere. You would not be able to set up subdomains like mail.example.com unless you were delegated authority by the owner of example.com.%0a%0aThis distributed design makes DNS more resilient and shares the workload and data storage across multiple servers. This makes it possible to scale up to the size of the global Internet.%0aBecause DNS was designed to be distributed, we can and should run our own nameservers for our own zones. We don't want to depend upon [[CloudFlare/Cons|CloudFlare]] or other non-free networks for DNS services.%0a!! Domains%0aLet's take a look at a hostname like example.ircnow.org:%0aAt the very top is the '''root domain''', which is represented by just a single period @@.@@  The root domain is the very top of the DNS system. Next, you have top-level domains ('''TLDs''') such as com, net, and org. After this come the second-level domains like ircnow.org.%0aUsually, when you purchase a domain, you are purchasing a second-level domain. For example, you might purchase coolchatclub.com for your team for $20USD per year. [[dns/domain|To purchase the domain]], you would go to a name registrar and pay a registration fee.%0aOnce you purchase a (second-level) domain, you can then create your own subdomains free of charge. For example, if you own ircnow.org, you can create example.ircnow.org free of charge by setting up your own name server and [[dns/zonefile|zone file]]. [[dns/providers|Some providers]] will offer subdomains free of charge.%0a!! Setting up name server%0aIf you register your own domain, the registrar will let you specify your own name servers. They will probably offer you a web panel to put in the IP addresses. By convention, these nameservers are usually referred to as ns1 and ns2, so the hostnames will be ns1.example.com, ns2.example.com, and so forth. You'll need to provide [[dns/records|glue records]]. When someone on the Internet queries your domain name, these glue records provide the IP addresses for your nameservers, which then contain the actual data for your servers.%0aFor authoritative nameserver, we recommend using [[openbsd/nsd|nsd]] because it comes as part of OpenBSD's base system. An authoritative server provides answers for your zone.%0a%0aFor caching name server, we recommend using [[unbound/configure|Unbound]]. Caching name servers request DNS records from other name servers.%0a%0aSee Also:%0a|| [[dns/records|DNS Records]] || [[dns/zonefile|DNS Zone Files]] || [[openbsd/vhost|vhost]] ||%0a
+time=1732330305
+title=Introduction to the Domain Name System
+author:1732330305=jrmu
+diff:1732330305:1732329960:=24,34d23%0a%3c For example, if you visit the webpage @@https://example.com@@, your web%0a%3c browser will resolve the name @@example.com@@ into the IP address%0a%3c @@93.184.215.14@@.%0a%3c %0a%3c [@%0a%3c $ host example.com%0a%3c example.com has address 93.184.215.14%0a%3c example.com has IPv6 address 2606:2800:21f:cb07:6820:80da:af6b:8b2c%0a%3c example.com mail is handled by 0 .%0a%3c @]%0a%3c %0a39,44d27%0a%3c %0a%3c [@%0a%3c $ host -t ns example.com%0a%3c example.com name server a.iana-servers.net.%0a%3c example.com name server b.iana-servers.net.%0a%3c @]%0a
+host:1732330305=104.167.242.140
+author:1732329960=jrmu
+diff:1732329960:1732329465:=31,33c31,32%0a%3c name server went offline, name resolution for the entire Internet would%0a%3c fail.%0a%3c %0a---%0a> name server went offline, the entire Internet would appear to stop working, since '''name resolution''' would fail.%0a> %0a35d33%0a%3c %0a
+host:1732329960=104.167.242.140
+author:1732329465=jrmu
+csum:1732329465=style fixes
+diff:1732329465:1732322297:minor=19,32c19,25%0a%3c To perform '''name resolution''', the client (such as a web browser)%0a%3c needs a '''name resolver'''. The name resolver then '''queries'''%0a%3c (requests information from) a '''name server'''. This name server could%0a%3c be run by your ISP, your router, or a server in a data center.%0a%3c %0a%3c DNS is '''distributed'''. This means that there is no single name%0a%3c server that knows about every single domain on the Internet. Instead,%0a%3c this information is spread out across millions of servers all across%0a%3c the Internet.%0a%3c %0a%3c A distributed name system is more robust and more practical. Imagine if%0a%3c all the information were only put on a single name server: if that one%0a%3c name server went offline, the entire Internet would appear to stop working, since '''name resolution''' would fail.%0a%3c %0a---%0a> To perform '''name resolution''', the client (such as a phone or a laptop)%0a> needs a '''name resolver'''. The name resolver then '''queries''' (requests%0a> information from) a '''name server'''. This name server could be run by your%0a> ISP or in a data center somewhere.%0a> %0a> DNS is '''distributed'''. This means that there is no single name server that knows about every single domain on the Internet. Instead, this information is spread out all across millions of servers all across the Internet.%0a> A distributed name system is more robust and more practical. Imagine if all the information were only put on a single name server: if that one name server went offline, the entire Internet would stop working.%0a
+host:1732329465=104.167.242.140
+author:1732322297=jrmu
+diff:1732322297:1731997495:=6,11c6,10%0a%3c astronomical number of [[IPv6/Overview|IPv6 addresses]]. Since humans%0a%3c have a difficult time remembering numbers, the Internet uses names like%0a%3c example.com. Instead of typing IP addresses like 192.168.0.1 into our%0a%3c web browser, we type names like example.com. Computers take these%0a%3c hostnames and find their associated IP addresses, a process called%0a%3c '''name resolution'''.%0a---%0a> astronomical number of [[IPv6/Overview|IPv6 addresses]]. Since humans have a%0a> difficult time remembering numbers, the Internet uses names. Instead of typing%0a> IP addresses like 192.168.0.1 into our web browser, we can use hostnames like%0a> example.com. Computers will take these hostnames and find their associated IP%0a> addresses, a process called '''name resolution'''.%0a
+host:1732322297=104.167.242.140
+author:1731997495=jrmu
+diff:1731997495:1731996116:=1,15c1,5%0a%3c (:title Introduction to the Domain Name System:)%0a%3c %0a%3c !! Why use names?%0a%3c %0a%3c There are over 4 billion possible [[IPv4/Overview|IP addresses]] and an%0a%3c astronomical number of [[IPv6/Overview|IPv6 addresses]]. Since humans have a%0a%3c difficult time remembering numbers, the Internet uses names. Instead of typing%0a%3c IP addresses like 192.168.0.1 into our web browser, we can use hostnames like%0a%3c example.com. Computers will take these hostnames and find their associated IP%0a%3c addresses, a process called '''name resolution'''.%0a%3c %0a%3c [[host/usage|host]], [[dig/usage]], and%0a%3c [[https://man.openbsd.org/nslookup.1|nslookup(1)]] are three utilities that can%0a%3c perform name resolution.%0a%3c %0a---%0a> (:title Domain Name System:)%0a> %0a> !! Too Many IPs%0a> %0a> There are over 4 billion possible [[IPv4/Overview|IP addresses]], and an astronomical number of [[openbsd/ipv6|IPv6 addresses]]. No human can memorize them all. So, instead of typing IP addresses like 192.168.0.1 into our web browser, we use hostnames like example.com, which are far easier to remember. Our computers take these hostnames and tries to find their IP addresses; this process is called [[host/usage|name resolution]].%0a17,22c7%0a%3c %0a%3c To perform '''name resolution''', the client (such as a phone or a laptop)%0a%3c needs a '''name resolver'''. The name resolver then '''queries''' (requests%0a%3c information from) a '''name server'''. This name server could be run by your%0a%3c ISP or in a data center somewhere.%0a%3c %0a---%0a> To perform [[host/usage|name resolution]], the client (such as a phone or a laptop) needs a '''name resolver'''. The name resolver then '''queries''' (requests information from) a '''name server'''. This name server could be run by your ISP or in a data center somewhere.%0a
+host:1731997495=198.251.82.194
+author:1731996116=jrmu
+csum:1731996116=fix hyperlink
+diff:1731996116:1708389480:minor=2d1%0a%3c %0a4,5c3%0a%3c %0a%3c There are over 4 billion possible [[IPv4/Overview|IP addresses]], and an astronomical number of [[openbsd/ipv6|IPv6 addresses]]. No human can memorize them all. So, instead of typing IP addresses like 192.168.0.1 into our web browser, we use hostnames like example.com, which are far easier to remember. Our computers take these hostnames and tries to find their IP addresses; this process is called [[host/usage|name resolution]].%0a---%0a> There are over 4 billion possible [[openbsd/IPv4|IP addresses]], and an astronomical number of [[openbsd/ipv6|IPv6 addresses]]. No human can memorize them all. So, instead of typing IP addresses like 192.168.0.1 into our web browser, we use hostnames like example.com, which are far easier to remember. Our computers take these hostnames and tries to find their IP addresses; this process is called [[host/usage|name resolution]].%0a
+host:1731996116=198.251.82.194
+author:1708389480=jrmu
+diff:1708389480:1708389193:=18,21c18,20%0a%3c For authoritative nameserver, we recommend using [[openbsd/nsd|nsd]] because it comes as part of OpenBSD's base system. An authoritative server provides answers for your zone.%0a%3c %0a%3c For caching name server, we recommend using [[unbound/configure|Unbound]]. Caching name servers request DNS records from other name servers.%0a%3c %0a---%0a> For the nameserver, we recommend using [[openbsd/nsd|nsd]] because it comes as part of OpenBSD's base system.%0a> %0a> nsd/authoritative servers provide answers for your domain/zone. unbound/caching name server asks other servers for those answers.%0a23c22%0a%3c || [[dns/records|DNS Records]] || [[dns/zonefile|DNS Zone Files]] || [[openbsd/vhost|vhost]] ||%0a---%0a> || [[dns/records|DNS Records]] || [[dns/zonefile|DNS Zone Files]] || [[openbsd/vhost|vhost]] ||%0a\ No newline at end of file%0a
+host:1708389480=104.167.242.140
+author:1708389193=kiliro
+diff:1708389193:1655617545:=1a2%0a> %0a2a4%0a> %0a3a6%0a> %0a4a8%0a> %0a5a10%0a> %0a6a12%0a> %0a7a14%0a> %0a8a16%0a> %0a9a18%0a> %0a10a20%0a> %0a11a22%0a> %0a12a24%0a> %0a13a26%0a> %0a14a28%0a> %0a15a30%0a> %0a16a32%0a> %0a17a34%0a> %0a20d36%0a%3c nsd/authoritative servers provide answers for your domain/zone. unbound/caching name server asks other servers for those answers.%0a22c38,40%0a%3c || [[dns/records|DNS Records]] || [[dns/zonefile|DNS Zone Files]] || [[openbsd/vhost|vhost]] ||%0a\ No newline at end of file%0a---%0a> %0a> || [[dns/records|DNS Records]] || [[dns/zonefile|DNS Zone Files]] || [[openbsd/vhost|vhost]] || [[openbsd/dig]] || [[openbsd/host]] ||%0a> || [[openbsd/unbound]] || [[openbsd/nsd|NSD]] ||%0a
+host:1708389193=181.39.107.68
+author:1655617545=jrmu
+diff:1655617545:1614237183:=5,6c5,6%0a%3c There are over 4 billion possible [[openbsd/IPv4|IP addresses]], and an astronomical number of [[openbsd/ipv6|IPv6 addresses]]. No human can memorize them all. So, instead of typing IP addresses like 192.168.0.1 into our web browser, we use hostnames like example.com, which are far easier to remember. Our computers take these hostnames and tries to find their IP addresses; this process is called [[host/usage|name resolution]].%0a%3c %0a---%0a> There are over 4 billion possible [[openbsd/IPv4|IP addresses]], and an astronomical number of [[openbsd/ipv6|IPv6 addresses]]. No human can memorize them all. So, instead of typing IPs like 192.168.0.1 into our web browser, we use hostnames like ircnow.org, which are far easier to remember. Our computers take these hostnames and tries to find their IP addresses; this process is called '''name resolution'''.%0a> %0a9,10c9,10%0a%3c To perform [[host/usage|name resolution]], the client (such as a phone or a laptop) needs a '''name resolver'''. The name resolver then '''queries''' (requests information from) a '''name server'''. This name server could be run by your ISP or in a data center somewhere.%0a%3c %0a---%0a> To perform '''name resolution''', the client (such as a phone or a laptop) needs a '''name resolver'''. The name resolver then '''queries''' (requests information from) a '''name server'''. This name server could be run by your ISP or in a data center somewhere.%0a> %0a40c40%0a%3c || [[openbsd/unbound]] || [[openbsd/nsd|NSD]] ||%0a---%0a> || [[openbsd/unbound]] || [[openbsd/nsd|NSD]] ||%0a\ No newline at end of file%0a
+host:1655617545=38.87.162.154
+author:1614237183=jrmu
+diff:1614237183:1614237183:=1,40d0%0a%3c (:title Domain Name System:)%0a%3c %0a%3c !! Too Many IPs%0a%3c %0a%3c There are over 4 billion possible [[openbsd/IPv4|IP addresses]], and an astronomical number of [[openbsd/ipv6|IPv6 addresses]]. No human can memorize them all. So, instead of typing IPs like 192.168.0.1 into our web browser, we use hostnames like ircnow.org, which are far easier to remember. Our computers take these hostnames and tries to find their IP addresses; this process is called '''name resolution'''.%0a%3c %0a%3c !! How DNS works%0a%3c %0a%3c To perform '''name resolution''', the client (such as a phone or a laptop) needs a '''name resolver'''. The name resolver then '''queries''' (requests information from) a '''name server'''. This name server could be run by your ISP or in a data center somewhere.%0a%3c %0a%3c DNS is '''distributed'''. This means that there is no single name server that knows about every single domain on the Internet. Instead, this information is spread out all across millions of servers all across the Internet.%0a%3c %0a%3c A distributed name system is more robust and more practical. Imagine if all the information were only put on a single name server: if that one name server went offline, the entire Internet would stop working.%0a%3c %0a%3c To achieve this distributed system, name servers are '''delegated authority''' over their own '''zones'''. For example, you might be given authority over the zone username.ircnow.org. Your server can then provide data for that hostname and any other subdomains like mail.username.ircnow.org or www.username.ircnow.org. Your server would control all subdomains within that zone (anything that contains username.ircnow.org). However, you would not be in control of example.com. This zone is delegated to another name server elsewhere. You would not be able to set up subdomains like mail.example.com unless you were delegated authority by the owner of example.com.%0a%3c %0a%3c This distributed design makes DNS more resilient and shares the workload and data storage across multiple servers. This makes it possible to scale up to the size of the global Internet.%0a%3c %0a%3c Because DNS was designed to be distributed, we can and should run our own nameservers for our own zones. We don't want to depend upon [[CloudFlare/Cons|CloudFlare]] or other non-free networks for DNS services.%0a%3c %0a%3c !! Domains%0a%3c %0a%3c Let's take a look at a hostname like example.ircnow.org:%0a%3c %0a%3c At the very top is the '''root domain''', which is represented by just a single period @@.@@  The root domain is the very top of the DNS system. Next, you have top-level domains ('''TLDs''') such as com, net, and org. After this come the second-level domains like ircnow.org.%0a%3c %0a%3c Usually, when you purchase a domain, you are purchasing a second-level domain. For example, you might purchase coolchatclub.com for your team for $20USD per year. [[dns/domain|To purchase the domain]], you would go to a name registrar and pay a registration fee.%0a%3c %0a%3c Once you purchase a (second-level) domain, you can then create your own subdomains free of charge. For example, if you own ircnow.org, you can create example.ircnow.org free of charge by setting up your own name server and [[dns/zonefile|zone file]]. [[dns/providers|Some providers]] will offer subdomains free of charge.%0a%3c %0a%3c !! Setting up name server%0a%3c %0a%3c If you register your own domain, the registrar will let you specify your own name servers. They will probably offer you a web panel to put in the IP addresses. By convention, these nameservers are usually referred to as ns1 and ns2, so the hostnames will be ns1.example.com, ns2.example.com, and so forth. You'll need to provide [[dns/records|glue records]]. When someone on the Internet queries your domain name, these glue records provide the IP addresses for your nameservers, which then contain the actual data for your servers.%0a%3c %0a%3c For the nameserver, we recommend using [[openbsd/nsd|nsd]] because it comes as part of OpenBSD's base system.%0a%3c %0a%3c See Also:%0a%3c %0a%3c || [[dns/records|DNS Records]] || [[dns/zonefile|DNS Zone Files]] || [[openbsd/vhost|vhost]] || [[openbsd/dig]] || [[openbsd/host]] ||%0a%3c || [[openbsd/unbound]] || [[openbsd/nsd|NSD]] ||%0a\ No newline at end of file%0a
+host:1614237183=198.251.81.119