Blame
Date:
Sun Nov 27 05:00:19 2022
UTC
Message:
Daily backup
10
2021-12-17
targets=Openbsd.IPv4,Openbsd.Ipv6,CloudFlare.Cons,Dns.Domain,Dns.Zonefile,Dns.Providers,Dns.Records,Openbsd.Nsd,Openbsd.Vhost,Openbsd.Dig,Openbsd.Host,Openbsd.Unbound
11
2022-04-06
text=(:redirect dns/overview:)%0a(:title Domain Name System:)%0a%0a!! Too Many IPs%0a%0aThere are over 4 billion possible [[openbsd/IPv4|IP addresses]], and an astronomical number of [[openbsd/ipv6|IPv6 addresses]]. No human can memorize them all. So, instead of typing IPs like 192.168.0.1 into our web browser, we use hostnames like ircnow.org, which are far easier to remember. Our computers take these hostnames and tries to find their IP addresses; this process is called '''name resolution'''.%0a%0a!! How DNS works%0a%0aTo perform '''name resolution''', the client (such as a phone or a laptop) needs a '''name resolver'''. The name resolver then '''queries''' (requests information from) a '''name server'''. This name server could be run by your ISP or in a data center somewhere.%0a%0aDNS is '''distributed'''. This means that there is no single name server that knows about every single domain on the Internet. Instead, this information is spread out all across millions of servers all across the Internet.%0a%0aA distributed name system is more robust and more practical. Imagine if all the information were only put on a single name server: if that one name server went offline, the entire Internet would stop working.%0a%0aTo achieve this distributed system, name servers are '''delegated authority''' over their own '''zones'''. For example, you might be given authority over the zone username.ircnow.org. Your server can then provide data for that hostname and any other subdomains like mail.username.ircnow.org or www.username.ircnow.org. Your server would control all subdomains within that zone (anything that contains username.ircnow.org). However, you would not be in control of example.com. This zone is delegated to another name server elsewhere. You would not be able to set up subdomains like mail.example.com unless you were delegated authority by the owner of example.com.%0a%0aThis distributed design makes DNS more resilient and shares the workload and data storage across multiple servers. This makes it possible to scale up to the size of the global Internet.%0a%0aBecause DNS was designed to be distributed, we can and should run our own nameservers for our own zones. We don't want to depend upon [[CloudFlare/Cons|CloudFlare]] or other non-free networks for DNS services.%0a%0a!! Domains%0a%0aLet's take a look at a hostname like example.ircnow.org:%0a%0aAt the very top is the '''root domain''', which is represented by just a single period @@.@@ The root domain is the very top of the DNS system. Next, you have top-level domains ('''TLDs''') such as com, net, and org. After this come the second-level domains like ircnow.org.%0a%0aUsually, when you purchase a domain, you are purchasing a second-level domain. For example, you might purchase coolchatclub.com for your team for $20USD per year. [[dns/domain|To purchase the domain]], you would go to a name registrar and pay a registration fee.%0a%0aOnce you purchase a (second-level) domain, you can then create your own subdomains free of charge. For example, if you own ircnow.org, you can create example.ircnow.org free of charge by setting up your own name server and [[dns/zonefile|zone file]]. [[dns/providers|Some providers]] will offer subdomains free of charge.%0a%0a!! Setting up name server%0a%0aIf you register your own domain, the registrar will let you specify your own name servers. They will probably offer you a web panel to put in the IP addresses. By convention, these nameservers are usually referred to as ns1 and ns2, so the hostnames will be ns1.example.com, ns2.example.com, and so forth. You'll need to provide [[dns/records|glue records]]. When someone on the Internet queries your domain name, these glue records provide the IP addresses for your nameservers, which then contain the actual data for your servers.%0a%0aFor the nameserver, we recommend using [[openbsd/nsd|nsd]] because it comes as part of OpenBSD's base system.%0a%0aSee Also:%0a%0a|| [[dns/records|DNS Records]] || [[dns/zonefile|DNS Zone Files]] || [[openbsd/vhost|vhost]] || [[openbsd/dig]] || [[openbsd/host]] ||%0a|| [[openbsd/unbound]] || [[openbsd/nsd|NSD]] ||%0a
15
2022-04-06
diff:1649136288:1612413897:=1d0%0a%3c (:redirect dns/overview:)%0a41c40%0a%3c || [[openbsd/unbound]] || [[openbsd/nsd|NSD]] ||%0a---%0a> || [[openbsd/unbound]] || [[openbsd/nsd|NSD]] ||%0a\ No newline at end of file%0a
18
2021-12-17
diff:1612413897:1612413216:=33,35c33,35%0a%3c If you register your own domain, the registrar will let you specify your own name servers. They will probably offer you a web panel to put in the IP addresses. By convention, these nameservers are usually referred to as ns1 and ns2, so the hostnames will be ns1.example.com, ns2.example.com, and so forth. You'll need to provide [[dns/records|glue records]]. When someone on the Internet queries your domain name, these glue records provide the IP addresses for your nameservers, which then contain the actual data for your servers.%0a%3c %0a%3c For the nameserver, we recommend using [[openbsd/nsd|nsd]] because it comes as part of OpenBSD's base system.%0a---%0a> Once you register a domain, the registrar will give you the ability to specify your nameservers. You should use their web panel to put in the IP addresses for each of the name servers you want to set up. By convention, these nameservers are usually referred to as ns1 and ns2, so that they their hostnames will be ns1.example.com, ns2.example.com, and so forth. These '''glue records''' are needed so that when someone on the Internet queries your domain name, the name servers for the top-level domains will know which nameservers to query to find the DNS records for your second-level domain.%0a> %0a> For the nameserver, we recommend using [[openbsd/nsd|nsd]] because that comes as part of OpenBSD's base system.%0a
21
2021-12-17
diff:1612413216:1612413011:=31,32c31,32%0a%3c !! Setting up name server%0a%3c %0a---%0a> !! Setting up your own name server%0a> %0a37,40c37,47%0a%3c See Also:%0a%3c %0a%3c || [[dns/records|DNS Records]] || [[dns/zonefile|DNS Zone Files]] || [[openbsd/vhost|vhost]] || [[openbsd/dig]] || [[openbsd/host]] ||%0a%3c || [[openbsd/unbound]] || [[openbsd/nsd|NSD]] ||%0a\ No newline at end of file%0a---%0a> !! Creating DNS records%0a> %0a> For your nameserver, you will need to create a zone file which will manage all of your DNS records. Here are some common types:%0a> %0a> || border=1 width=100%25%0a> ||! Record Type ||! Provides || Example ||%0a> || A || IPv4 address || 192.168.0.1 ||%0a> || AAAA || IPv6 address || 2001:0db8:: ||%0a> || NS || Nameserver Hostname || ns1.example.com. ||%0a> || MX || Mailserver Hostname || mail.example.com. ||%0a> || TXT || Extra Information || ||%0a\ No newline at end of file%0a
27
2021-12-17
diff:1612412856:1612412409:=23,29c23,29%0a%3c Let's take a look at a hostname like example.ircnow.org:%0a%3c %0a%3c At the very top is the '''root domain''', which is represented by just a single period @@.@@ The root domain is the very top of the DNS system. Next, you have top-level domains ('''TLDs''') such as com, net, and org. After this come the second-level domains like ircnow.org.%0a%3c %0a%3c Usually, when you purchase a domain, you are purchasing a second-level domain. For example, you might purchase coolchatclub.com for your team for $20USD per year. [[dns/domain|To purchase the domain]], you would go to a name registrar and pay a registration fee.%0a%3c %0a%3c Once you purchase a (second-level) domain, you can then create your own subdomains free of charge. For example, if you own ircnow.org, you can create example.ircnow.org free of charge by setting up your own name server and [[dns/zonefile|zone file]]. [[dns/providers|Some providers]] will offer subdomains free of charge.%0a---%0a> You've seen domains before like example.ircnow.org. Let's break them down.%0a> %0a> At the very top, you have the '''root domain''', which is represented by just a period @@.@@ -- this is the very top of the DNS system. Then you have top-level domains ('''TLDs''') such as com, net, org. After this come the second-level domains like ircnow.org. Usually, when you purchase a domain, you are purchasing a second-level domain. Finally, there are '''subdomains''', like example.ircnow.org. Once you purchase a '''parent''' domain like ircnow.org, you can usually create '''child''' subdomains free of charge.%0a> %0a> !! Registering a domain%0a> %0a> To register your own domain, you need to pay an annual fee from a name registrar. There are also free services that offer free subdomains like [[https://freedns.afraid.org|freedns.afraid.org]].%0a
30
2021-12-17
diff:1612412409:1612411726:=5,19c5,14%0a%3c There are over 4 billion possible [[openbsd/IPv4|IP addresses]], and an astronomical number of [[openbsd/ipv6|IPv6 addresses]]. No human can memorize them all. So, instead of typing IPs like 192.168.0.1 into our web browser, we use hostnames like ircnow.org, which are far easier to remember. Our computers take these hostnames and tries to find their IP addresses; this process is called '''name resolution'''.%0a%3c %0a%3c !! How DNS works%0a%3c %0a%3c To perform '''name resolution''', the client (such as a phone or a laptop) needs a '''name resolver'''. The name resolver then '''queries''' (requests information from) a '''name server'''. This name server could be run by your ISP or in a data center somewhere.%0a%3c %0a%3c DNS is '''distributed'''. This means that there is no single name server that knows about every single domain on the Internet. Instead, this information is spread out all across millions of servers all across the Internet.%0a%3c %0a%3c A distributed name system is more robust and more practical. Imagine if all the information were only put on a single name server: if that one name server went offline, the entire Internet would stop working.%0a%3c %0a%3c To achieve this distributed system, name servers are '''delegated authority''' over their own '''zones'''. For example, you might be given authority over the zone username.ircnow.org. Your server can then provide data for that hostname and any other subdomains like mail.username.ircnow.org or www.username.ircnow.org. Your server would control all subdomains within that zone (anything that contains username.ircnow.org). However, you would not be in control of example.com. This zone is delegated to another name server elsewhere. You would not be able to set up subdomains like mail.example.com unless you were delegated authority by the owner of example.com.%0a%3c %0a%3c This distributed design makes DNS more resilient and shares the workload and data storage across multiple servers. This makes it possible to scale up to the size of the global Internet.%0a%3c %0a%3c Because DNS was designed to be distributed, we can and should run our own nameservers for our own zones. We don't want to depend upon [[CloudFlare/Cons|CloudFlare]] or other non-free networks for DNS services.%0a---%0a> There are over 4 billion possible [[openbsd/IPv4|IP addresses]], and an astronomical number of [[openbsd/ipv6|IPv6 addresses]]. No human can memorize them all. Instead of typing 192.168.0.1 into our web browser, we use hostnames like ircnow.org which are easier to remember. The computer then takes this hostname and tries to find the IP address; this process is called '''name resolution'''.%0a> %0a> !! How the domain name system works%0a> %0a> %0a> To perform name resolution, the client (such as a phone or a laptop) needs a '''name resolver'''. The name resolver then queries (requests information) from a '''name server''', which is usually in a data center.%0a> %0a> DNS is distributed; there is no single name server that knows every single domain on the Internet. This would be impractical as well as slow and dangerous. If that one name server went offline, the entire Internet would stop working. So instead, there are countless name servers that are '''delegated authority''' over their own '''zones'''. The zones contain the domains and subdomains that an organization controls. This makes DNS more resilient and better distributes the workload.%0a> %0a> DNS is distributed, so we can and should run our own nameservers for our own zones.%0a
33
2021-12-17
diff:1612411726:1597244883:=1,6d0%0a%3c (:title Domain Name System:)%0a%3c %0a%3c !! Too Many IPs%0a%3c %0a%3c There are over 4 billion possible [[openbsd/IPv4|IP addresses]], and an astronomical number of [[openbsd/ipv6|IPv6 addresses]]. No human can memorize them all. Instead of typing 192.168.0.1 into our web browser, we use hostnames like ircnow.org which are easier to remember. The computer then takes this hostname and tries to find the IP address; this process is called '''name resolution'''.%0a%3c %0a8a3%0a> There are over 4 billion possible IP addresses, and no human can memorize them all. Instead of typing 192.168.0.1 into our web browser, we use hostnames like ircnow.org which are easier to remember. The computer then takes this hostname and tries to find the IP address; this process is called '''name resolution'''.%0a
36
2021-12-17
diff:1597244883:1597244838:=31d30%0a%3c || border=1 width=100%25%0a37c36,41%0a%3c || TXT || Extra Information || ||%0a\ No newline at end of file%0a---%0a> || TXT || Extra Information || ||%0a> %0a> !! Other DNS records%0a> %0a> %0a> https://www.denic.de/en/service/tools/nast/%0a\ No newline at end of file%0a
39
2021-12-17
diff:1597244838:1597243048:=5,20c5,22%0a%3c To perform name resolution, the client (such as a phone or a laptop) needs a '''name resolver'''. The name resolver then queries (requests information) from a '''name server''', which is usually in a data center.%0a%3c %0a%3c DNS is distributed; there is no single name server that knows every single domain on the Internet. This would be impractical as well as slow and dangerous. If that one name server went offline, the entire Internet would stop working. So instead, there are countless name servers that are '''delegated authority''' over their own '''zones'''. The zones contain the domains and subdomains that an organization controls. This makes DNS more resilient and better distributes the workload.%0a%3c %0a%3c DNS is distributed, so we can and should run our own nameservers for our own zones.%0a%3c %0a%3c !! Domains%0a%3c %0a%3c You've seen domains before like example.ircnow.org. Let's break them down.%0a%3c %0a%3c At the very top, you have the '''root domain''', which is represented by just a period @@.@@ -- this is the very top of the DNS system. Then you have top-level domains ('''TLDs''') such as com, net, org. After this come the second-level domains like ircnow.org. Usually, when you purchase a domain, you are purchasing a second-level domain. Finally, there are '''subdomains''', like example.ircnow.org. Once you purchase a '''parent''' domain like ircnow.org, you can usually create '''child''' subdomains free of charge.%0a%3c %0a%3c !! Registering a domain%0a%3c %0a%3c To register your own domain, you need to pay an annual fee from a name registrar. There are also free services that offer free subdomains like [[https://freedns.afraid.org|freedns.afraid.org]].%0a%3c %0a---%0a> To perform name resolution, the client (such as a phone or a laptop) needs a '''name resolver'''. It then queries (requests information) from a '''name server''', which is usually in a data center.%0a> %0a> DNS is distributed; there is no one name server that knows every single domain on the Internet. Instead, each name server queries another. This makes DNS more resilient and better distributes the workload.%0a> %0a> For this very reason, we can and should run our own nameservers.%0a> %0a> Root Domain: .%0a> %0a> Top-Level Domains (TLDs): such as com, net, org%0a> %0a> Second-Level Domains: ircnow.org%0a> %0a> Subdomains: example.ircnow.org%0a> %0a> We can also say that ircnow.org is the parent domain of example.ircnow.org.%0a> %0a> !! Registering a top-level domain%0a> %0a23,36c25,30%0a%3c Once you register a domain, the registrar will give you the ability to specify your nameservers. You should use their web panel to put in the IP addresses for each of the name servers you want to set up. By convention, these nameservers are usually referred to as ns1 and ns2, so that they their hostnames will be ns1.example.com, ns2.example.com, and so forth. These '''glue records''' are needed so that when someone on the Internet queries your domain name, the name servers for the top-level domains will know which nameservers to query to find the DNS records for your second-level domain.%0a%3c %0a%3c For the nameserver, we recommend using [[openbsd/nsd|nsd]] because that comes as part of OpenBSD's base system.%0a%3c %0a%3c !! Creating DNS records%0a%3c %0a%3c For your nameserver, you will need to create a zone file which will manage all of your DNS records. Here are some common types:%0a%3c %0a%3c ||! Record Type ||! Provides || Example ||%0a%3c || A || IPv4 address || 192.168.0.1 ||%0a%3c || AAAA || IPv6 address || 2001:0db8:: ||%0a%3c || NS || Nameserver Hostname || ns1.example.com. ||%0a%3c || MX || Mailserver Hostname || mail.example.com. ||%0a%3c || TXT || Extra Information || ||%0a---%0a> !! Creating subdomains%0a> %0a> A/AAAA records%0a> TXT records%0a> NS records%0a> MX records%0a
42
2021-12-17
diff:1597243048:1597226859:=3,20d2%0a%3c There are over 4 billion possible IP addresses, and no human can memorize them all. Instead of typing 192.168.0.1 into our web browser, we use hostnames like ircnow.org which are easier to remember. The computer then takes this hostname and tries to find the IP address; this process is called '''name resolution'''.%0a%3c %0a%3c To perform name resolution, the client (such as a phone or a laptop) needs a '''name resolver'''. It then queries (requests information) from a '''name server''', which is usually in a data center.%0a%3c %0a%3c DNS is distributed; there is no one name server that knows every single domain on the Internet. Instead, each name server queries another. This makes DNS more resilient and better distributes the workload.%0a%3c %0a%3c For this very reason, we can and should run our own nameservers.%0a%3c %0a%3c Root Domain: .%0a%3c %0a%3c Top-Level Domains (TLDs): such as com, net, org%0a%3c %0a%3c Second-Level Domains: ircnow.org%0a%3c %0a%3c Subdomains: example.ircnow.org%0a%3c %0a%3c We can also say that ircnow.org is the parent domain of example.ircnow.org.%0a%3c %0a27,31d8%0a%3c A/AAAA records%0a%3c TXT records%0a%3c NS records%0a%3c MX records%0a%3c %0a33d9%0a%3c %0a
45
2021-12-17
diff:1597226859:1597204424:=9,11c9%0a%3c !! Other DNS records%0a%3c %0a%3c https://www.denic.de/en/service/tools/nast/%0a\ No newline at end of file%0a---%0a> !! Other DNS records%0a\ No newline at end of file%0a
48
2021-12-17
diff:1597204424:1597204424:=1,9d0%0a%3c !! How the domain name system works%0a%3c %0a%3c !! Registering a top-level domain%0a%3c %0a%3c !! Setting up your own name server%0a%3c %0a%3c !! Creating subdomains%0a%3c %0a%3c !! Other DNS records%0a\ No newline at end of file%0a