What You Can Learn From Your DNS Records

Not many people usually understand what DNS records usually stand for whenever they’re configuring their servers. DNS records are quite important when it comes to DNS servers.

Understanding them can greatly reduce any errors or issues that you might encounter when it comes to DNS management.

Here are some of the most commonly used record types.

A Record

A records are the simplest records that you can understand. They usually point a subdomain or domain to a particular IP address. You simply assign a value to the A record, the IP address it should point to and the TTL. You can have both your primary domains and subdomains pointing to the same IP address. However, if you want them to point to multiple IP addresses you can add another a record with the same domain or subdomain but with a different IP address.

You can also make an A record if you want a particular subdomain or domain to be the entry point of your CNAME. This is explained in detail below.

CNAME

CNAME is another commonly used record. It is used to point a domain or subdomain to another host name. The working principle behind CNAME is that there is a host to points to an existing domain or subdomain which in turn points to a particular IP address. This means that any change in the IP address in the A record of the subdomain or domain will lead to a subsequent change to the CNAME record that points to it.

CNAME records are important for host machines. As the host you can be able to change the IP address of a single server or multiple servers seamlessly without there being any need for the client to change their own servers. These servers can be assigned to the subdomain or domain of choice.

MX Record

Mail Exchanger records are used for routing emails. They usually specify the servers that should be used when trying to send email from a particular domain. They are different from both A records and CNAME records in that they have a priority value that should be assigned to each record. This priority value is used to indicate the MX server that is to be used first when delivering mail. For example if you assign two subdomains as your email servers one with a priority level 0 and the next with a priority value of 10, then when delivering mail, the one with the lowest priority level (which is  0 in our case) will be the first to be tried.

If unable to handle the request the next lowest priority server will take up the request.

TXT Record

TXT records are used to store any information based in text. There are more commonly used for storing the SPF data for confirming domain ownership. Normally, SPF records are usually supplied by the mail provider that you are using for your domain.

Conclusion

It’s not easy to manage your own DNS server; if you decide to embark on this journey then you will need to learn more about each record and how it can help your environment.

The records are just a tip of the iceberg when it comes to DNS management, you’ll also have to be conversant with other aspects like name servers and registrars among others. Here is some interesting information about DNS servers.

Tips To Check If DNS Server Is Working Correctly

DNS is one of the most important aspects when it comes to internet connectivity be it in a home or business setting. It helps ensure fast internet connectivity, limit censorship, secure your home or business network and grant you access to content from different geographical locations. However, at times your internet connectivity might experience issues and you might not know whether the problem stems from your ISP provider or your custom DNS server. Here are some tips that can help you know whether your DNS is functioning properly.

Check Network Connectivity

Many people usually jump to blame their DNS servers whenever they encounter a connectivity issue. However, something simple as checking the network connectivity of the problem can save you tons of troubles.

In order for you to check whether the network connectivity of your DNS is working properly, you can log on to the DNS server and then ping a few machines. You can also look for random devices and try pinging your DNS server from them. If this works, then it means that your network connectivity is not to blame.

Note: Ensure that you allow ICMP packets through the firewall of the machine that you are pinging.

Find Out Whether All Users Are Affected

Another tip to check whether your DNS server is working correctly is to check whether the connectivity issues affect all users on the network. If it indeed affects all users in the network, then you will have to trouble shoot your DNS server in order to find out what the problem might be.

However, there are instances when the connectivity issue may only affect a subset of users on the network. This means that the problem is not DNS related and you should instead check your routers or find out if there is a DHCP configuration error.

Trying Alternate DNS Servers

Most DNS servers have two IP addresses that you can connect to. Therefore, if you need to know whether your DNS server is working well, then you’ll have to test the alternate IP address to check  if it’s functioning or not. If you find out that your connectivity issues stop when you change the DNS server then you have confirmed that the problem was indeed related to the DNS server.

Reboot DNS Server

This might seem as a simple step, but in many cases it does seem to work. If you are experiencing internet connection problems and you want to rule out the effect of your DNS server, then rebooting can be an amicable solution. Sometimes, DNS server name resolution stops for unknown reasons and rebooting becomes the best solution.

At times the problem might be as a result of your routers and simply resetting it may fix the solution.

Conclusion

Identifying whether your DNS server is working correctly is one step in solving your internet connection issues.

These 4 tips will help you know whether you need to change your DNS server or make adjustments to your router. However, you can make use of these tools to also identify the best DNS server for your network.

When It Is Better To Use A Custom DNS Server

The internet is increasingly becoming faster and many people are investing in solutions that can ensure that they take advantage of these speeds. However, many people still get fixated with the physical structures behind internet connections rather than the root cause of fast web browsing which are DNS servers.

DNS main service is to convert domain names to their relevant IP addresses which are machine readable.

Most of the times, the DNS server that you use are provided by your ISP, but there exists other free and paid DNS servers that you can make use of. Most of these custom servers come in handy for a variety of reasons.

Here are 5 reasons why it’s better to ditch your ISP provided DNS server and use a custom one instead.

Avoid Censorship

In some areas around the world, censorship is quite rife. Many governments resort to blocking access to certain sites on the internet. Generally, what these governments do is block access to these sites via the local ISPs in that particular country.

Custom DNS servers can enable you to bypass these restrictions even without the use of a VPN (some instances may require the use of one). Therefore, even before you think of getting a VPN, you can make use of some public DNS servers (check our list of public DNS servers). There is a high probability that they will enable you to access censored sites.

Faster Web Browsing

Everyone wants to experience fast internet speeds whenever they are browsing. However, many people usually experience intermittent speeds. Even before you think of changing your ISP (which can be expensive), you should first make use of a custom DNS solution.

Changing your DNS server can lead to fast load times. Furthermore, separate DNS servers are likely to have more sites cached than your local ISP which makes for fast web browsing.

Increase Internet Security

Over the past few years, there have been many cases of website hacks and data leaks. If you are a business that handles sensitive data on its servers, then you should definitely change to a secure custom DNS rather than the one provided by your ISP.

DNS servers provide an added layer of web security against any attacks to your IT environment. Hackers are more prone to attack companies whose DNS environment is least secure. Therefore, it’s important that you get a DNS solution that has added security features in order to protect your IT environment.

Note: You should also invest in other security measures that complement secure DNS servers because hackers can also make use of your IP address to bypass any DNS security checks.

Add Network Wide Parental Controls

If you want to block access to certain sites then you can make use of DNS servers as well. Certain DNS servers such as Open DNS allow you to blacklist sites that you don’t want your devices to access. They are great for securing your kids’ browsing habits and protecting them from unsuitable content.

By Pass Content Restrictions For Geographical Areas

If you want to access region restricted content like movies and music videos, then custom DNS servers can come in handy. Some DNS servers do this by replacing your IP address with one of their thereby tricking the website into thinking that you are in a region where access to that content is allowed.

 

5 Advantages And Disadvantages Of Using DNS In Networking

A DNS server usually refers to a computer server which contains all the database of public IP addresses and their associated host names (You can find more information about DNS servers here). This hierarchical naming system makes it easier for users to access other devices or computers on the same network or access sites on the internet.

Generally, DNS server management, hold the whole internet as it is and has been touted as one of the most significant discoveries that has driven the world wide web for over three decades.

DNS has a number of advantages and disadvantages. Here are some of them.

Advantages

  1. Generally DNS is the only system in the entire world that can help you browse the internet. With the internet becoming an integral part of the society, it has increasingly become important that DNS Servers remain maintained. Without them, then the internet would not exist.
  2. No need for memorizing IP addresses -DNS servers provide a nifty solution of converting domain or sub domain names to IP addresses. Imagine how it would feel having to memorize the IP addresses of twitter, Facebook, Google or any other site that you normally frequent on a daily basis. It would definitely be horrific. Its system also makes it easy for search engines to be able to categorize and archive information.
  3. Security enhancement -DNS servers are an important component for the security of your home or work connections. DNS servers that have been designed for security purposes usually ensure that attempts to hack your server environment are thwarted before entry into your machines. However, it’s important to note that the word used is enhanced. This means that you will need other security measures put in place to protect your data, especially if it’s a large organization with tons of sensitive data.
  4. DNS servers have fast internet connections -People and organizations that use DNS servers can be able to take advantage of high connection speeds that are a key feature in some of these servers.

DNS servers also have primary and secondary connections. This allows you to have internet uptime even when one of the servers is down for maintenance.

Disadvantages

  1. One of the main disadvantages of the DNS is the fact that its registry can only be controlled ICANN, a non-profit organisation with roots tied in one country. This challenges the concept of net neutrality and has been a widely propagated argument over the last three decades.
  2. DNS queries usually don’t carry any information about the clients who initiated it. This is one of the reasons why DNS has been popular among hackers. This is because the server side will only see the IP address from where the query came from and which can at times be manipulated by hackers.
  3. DNS servers are based on the principle of a slave-master relationship. This means that if the master server is broken or manipulated in any way, then it will be hard to access the web page or database that was hosted on the server. Hackers have also used this to their advantage. By targeting the server machine and making redirects to other pages, they have been able to find ways of phishing information.

Popular Misconceptions About DNS

Many people and businesses are increasingly becoming aware of the huge role that DNS plays when it comes to web security. However, the main problem with DNS servers is the lack of proper information about it. Many people get information about DNS security from vendors who are trying to sell them their services.

As a result, this has led to a number of misconceptions which are still regarded as truths by some people.

Here are 3 popular misconceptions about DNS that you should shun from.

DNS Proactively Protects My Entire IT Environment And Detects Incoming Threats

We list this as a misconception because DNS servers can only protect your IT environment from external attacks that are being propagated via your DNS server. Whenever hackers realise that are facing a challenge while trying to access your environment via DNS, they usually resort to the use of IP addresses. DNS can’t be able to detect this. This means that they can use malicious code directly through your IP address without being bogged down by your DNS’s security.

However, this doesn’t mean that you should not trust DNS servers for your work environment. Most hacking attempts occur via DNS servers. This means that securing your DNS server should still remain as a priority (especially for businesses). You should also make use of other alternate technologies like Unified Threat Management (UTM) as well as proxy level filtering to secure your entire IT environment.

Higher Number Of Queries Served Out Equals To A High Performing DNS Server

Many people also assume that the number of queries that a DNS server can serve out is an indication of how safe and secure it is and that it will virtually protect you from having any down times on your server. The reality is that, any malicious person who wants to bog down your DNS server can do so by serving out millions of queries to your DNS which will saturate your bitpipe (regardless of the number of queries that your DNS server can serve out).

Note: Realistically, it’s hard to get such high numbers of queries remotely.

This means that you don’t need to look for DNS servers that perform a high number of queries per second. Even large service providers don’t get as much as 50,000 queries on the servers (on a per second analysis).

Service Quality Is Determined By A High Performing Server

Many people also assume that high performing servers lead to a higher quality of service. There are very many instances where this does not apply. For example, if your servers are located far from the location where your clients are, then they will still experience slow internet problems. A better solution to this is by investing in a large number virtual DNS servers scattered around.

By doing so, you will be able to bring your server closer to your customers and in the process reduce latency which is an important factor as far as your DNS quality is concerned.

Check out the role of DNS in your business.

The Role Of Reliable DNS To Your Business

Small and large businesses alike are becoming susceptible to malware attacks. Some of the high profile attacks of this decade include those on JP Morgan and Community Health. Hackers are increasingly taking advantage of the lax security measures that most businesses and organizations have when it comes to internet security.

While most of these attacks are performed by the use of a DNS, most companies are still oblivious of the measures that they can take to prevent such attacks.

Most of which can be countered by instigating measures on the same DNS servers.

Use Of DNS In Your Business

For the past 30 years, DNS has evolved to become one of the most important components of the internet. In order for your business to function you’ll have to make use of DNS in one way or the other. Services such as email and VOIP which are integral for enterprise communications are some common examples of business DNS usage.

This means that if your DNS server was to be compromised, then it would greatly affect your business’ capability of handling its communication channels. Furthermore, a DNS breach might also lead to some of your clients’ sensitive data being compromised. The effects of such a breach can be tremendous. It might negatively affect your reputation and bottom line.

It’s therefore critical for any business or organization to ensure that they’ve secured their DNS in order to maintain the overall security of their network.

DNS Client Server Relationships

DNS servers are becoming increasingly necessary for businesses, especially when your business happens to handle databases that are necessary for use by each workstation. It is easier for everyone on the network to be able to access the same network at fast speeds. By doing so, your business will be able to function seamlessly across all points.

DNS servers can also be secured to prevent any external access to the main server. This is by the use of firewall rules. You can also prevent users from being able to access certain parts of the internet by ensuring that all IP related queries are passed through the main server in your organization. This will prevent your employees from accessing non-work related sites, some of which can be harmful to your organization’s IT security. Large organizations also limit sites deemed illegal like torrenting ones. This is because the user who accesses the site via the company’s internet connection may make illegal downloads that will lead to unnecessary suits that the company will have to settle.

Faster Internet Connections

DNS servers are crucial when it comes to internet speeds for your company. Many businesses nowadays rely on the internet in order for them to make business and your internet speeds can make the difference between you and your competitors. If you feel that your ISP’s internet connection is slow, then before you even think of changing ISPs, you should first consider making configurations to your DNS server. These configurations are much easier and in many cases result to faster speeds. You can even make use of public DNS servers without incurring any cost.

Conclusion

Given that the internet has become a necessary social need in the 21st century, it’s important for businesses to be able to leverage on the power of the internet to increase their bottom line. DNS servers can also be managed within your business or organization to the custom requirements.

It might be hard to configure DNS servers, hence the need for experts, but it will be worth the investment at the end.

Interesting Information About DNS Servers

Before DNS servers came into existence, a website could only be identified by machines through its host name. All of these host names were saved in one large file known as the hosts.txt. However, this method of managing host names became hard to maintain given the tremendous growth in computer networks during the period between 1970 and 1980.

DNS servers were the solution that everyone was waiting for thanks to the work done by Paul Mockapetris’ which cast light towards this direction.

Over the years the architecture and use of DNS servers has been extensively researched on and applied in order to enhance web security and fast web browsing. (Find out more about DNS here)

Here are some of the most interesting facts about DNS servers that you probably never knew about.

100 Million Registered Domain Names

According to Domain Tools Statistics, there are over 100 million domains registered in the whole world (and most of us probably visit 10 domains on a daily basis). Most of these domains are associated with businesses, small organizations and individuals. This pretty much shows how effective the use of DNS has been to the currently technological landscape.

30 Years Old

Many people usually think that DNS servers are a new invention that was created in the 21st century. However, DNS servers trace their roots back to November 1983 from two papers that were published by Paul Mockapetris. These papers were named RFC 882 and RFC 883. Since then, more work has been done in order to make DNS servers as effective and secure as they are today.

Started Off With 6 Original Top Level Domains

Top level domains refer to the .org or .com prefix of websites. Currently there are over 700 top level domains (with some having queer prefixes such as .soy). It’s even more interesting to note that the first top level domains to be implemented in the 80s were only 6. This six top level domains included; .com, .org, .biz, .mil, .net and .edu.

The influx in top level domains can be attributed to an ambitious goal set out by ICANN (Internet Corporation for Assigned Names and Numbers) in 2011. They embarked on a campaign of better mapping out domains according to their uses by releasing new top level domains.

Forward And Reverse DNS Lookups

Did you know that DNS not only convert host names to IP addresses, but can also convert IP addresses to domain names as well? The former is known as a forward DNS lookup whereas the latter is referred to as a reverse DNS lookup. While reverse DNS lookups are rarely used (who’s going to remember an IP address instead of a host name?), they usually help network administrators whenever they want to troubleshoot certain domain aspects by using utilities like ping.

Highly Targeted For Hacking Purposes

One major disadvantage of DNS is that it is highly targeted for hacking purposes. Many hackers usually try to gain access to the DNS server records of particular websites. If successful, they can be able to redirect users to their own sites where they can carry out phishing of user information or carry out other malware attacks.

By being able to understand how DNS servers work, you can be able to know how best to protect your devices and sites. Apart from it being highly targeted by hackers, DNS servers certainly have great advantages that can be leveraged for both personal and business usage.

Furthermore, with proper security channels properly configured, you will never have to worry about the security of your information being compromised.

Tools For Testing DNS Server Speed

A lot of the DNS services normally advertise on their fast speed capabilities and how they’ll be able to deliver a seamless web browsing experience. However, it’s important to note that your web browsing speed is not directly affected by the speed of your DNS servers; it’s also affected by how far the DNS server is located from you. Therefore, if you want to know how fast a specific DNS will be from your location, it’s important that you carry out a speed test. (Check out our comprehensive list of public DNS servers).

Here are some tools that you can use to check the performance of your server;

Namebench

Namebench was created by the tech wizards at Google. It’s designed to find the best name server for your computer by taking factors like web browsing history, tcpdump output and standardized datasets into consideration. This means that two computers sitting side by side can have different results.

So how does it work?

When you activate Namebench, a test setup window will appear on your computer. The first section will prompt you to put in the name servers which you want to include in your test. Generally there are three sections;

  • Name servers: This refers to all the name servers that are of interest to you.
  • Include Global DNS providers: If you also want to do a test with other public DNS providers like Open DNS, then you should definitely tick this check box.
  • Include best available regional DNS services: This option will allow Namebench to automatically include the best performing DNS servers that are located in your area.

The next section will prompt you to select which tests you want to run on the DNS servers in question. Namebench will cumulatively take all of these tests into consideration and identify the fastest DNS server for your usage. You should therefore choose the tests that are more likely to benefit your web browsing. The tests include;

  • Include censorship checks: This option is for those people who are interested in getting a DNS server that limits censorship in their geographical location and at the fastest speeds.
  • Query data source: You have to specify where the test will obtain its test data sources from. By default it’s usually set to your browser history; however, you can change it to the top 2000 websites.
  • Health check performance: This option allows you to test a multitude of DNS servers (10-40). However, this test will depend on your bandwidth as well.
  • Number of queries: This option allows you to select the number of queries sent to each DNS name server.

The results will tell which name server is fastest for your web browsing and you can easily change this in your network adapter’s configuration settings.

GRC’s DNS Benchmark

GRC’s DNS benchmark is another great tool for checking on the speed of DNS servers. It’s lightweight when compared to Namebench as it is only 164KB whereas Namebench is 5MB. DNS benchmark will help you test up to 200 publicly available DNS server as well as those servers that are currently in use by your machine. It also allows you to shorten the list of servers or add your own DNS servers that you want to test.

Just like Namebench, it also gives you a number of tests that you can run which include; caches lookups, un-cached lookups, dotcom lookups, reliability and rebinding protection.

Furthermore, it has a great way of presenting its results. It gives you the best DNS server for use by your computer and even suggests the sequence of setting up your IP addresses.

If you would like to check other DNS speed test tools you can also check this list by Senki.

A List Of Software Suggested By Google

There are a number of DNS server software that you can use; however, not so many people are conversant with the features that each of them offers. Furthermore, many people are nowadays becoming more interested with open source software which are almost similar to their commercial counterparts or even better.

Here’s our list of open source DNS server software and their differentiating features.

BIND

If there is a DNS server that can do anything, it’s definitely BIND. It also has an easy to manage web interface though you can also manage it from the command line. We would suggest that you use BIND if you have considerable experience in configuring DNS servers. This is because BIND can at times be difficult to configure.

It supports DNSSEC and can work as either an authoritative server or a recursive one.

NSD And Unbound

These two servers usually work together and have been developed by the same company. The main functionality of NSD is to allow you to set up a web page online whereas Unbound is used for searching pages on the internet.

Knot DNS

It’s usually accompanied by Knot Resolver in the same suite. These two servers were developed in 2010. One of them is an authoritative component whereas the other is a recursive name resolver. The main functionality of Knot DNS is to allow you to set up a web page online whereas Knot Resolver is used for searching pages on the internet.

They also support DNSSEC.

PowerDNS

This is another powerful DNS server. It has a lot of features including CVE and DNSSEC support. It is also quite flexible when it comes to connecting to databases.

DjbDNS

It’s similar to NSD and Unbound when it comes to functionality. The only problem (which is quite fatal sadly to say) is that it hasn’t been updated since 2001. There are already reported security issues with the system.

However, there is a more recent version of DJbDNS known as the N-DjbDNS. This version has more updates than its predecessor and has patched up the security loop holes that are known in DJbDNS. These patches have been instrumental in giving the authoritative server DNSSEC support.

MaraDNS

It’s a tiny DNS project suitable for use in embedded systems. It was developed as a single system at first but later on evolved to a two program server (similar NSD and Unbound). The best thing about MaraDNS is that it is quite easy to configure. However, it does not support DNSSEC.

Conclusion

There are several other DNS servers that have not been covered in the list but which you can also decide to use. We generally recommend that you look for server software that can be able to scale with your requirements. One other important feature for a DNS server software is that it should have an active community around it. Whichever server you choose, you will definitely run into problems with it. An active community will ensure that you can resolve any issues as quickly as possible.

Check out our walkthrough on configuring your Window’s and Mac’s DNS.

Walkthrough On Changing DNS Settings In Windows And Mac

Making use of DNS servers is a great way of boosting your browsing speeds, security and gaining access to restricted content in your geographical location. Generally, most operating systems usually have DNS set as automatic. This means that your ISP is the one that will suggest the DNS server to use. However, there’s a simple way of changing this in order for you to utilize a DNS server of your preferred choice.

We’ve compiled a simple step by step guide that will help both Windows and Mac users whenever they want to change their DNS settings.

Changing DNS Settings In Windows

Changing your DNS settings in Windows is an easy five step process. However, the steps might vary depending on the type of windows that you are using. We’ve outlined these below.

Tip: Ensure that you’ve logged into your system using valid administrator rights.

Windows 10 Users

  1. From the main screen, right click on start menu and select network connections. This will take you to the Network Connections Window.
  2. Right click on the network connection that you are currently using then click on properties.
  3.  Depending on the DNS server that you are using, you can either choose ‘Internet Protocol Version 6’ or ‘Internet Protocol Version 4’ (generally, TCP/IPV4 is more preferred for all DNS servers) then click properties.
  4. Select ‘Use the following DNS server addresses’ and then type in the IP addresses of your preferred DNS server in the Preferred DNS server and Alternate DNS server fields.
  5. Now click Ok, and then close the tabs in order of how they appear before finally closing the Network Connections Window.
  6. For your new settings to take effect immediately, ensure that you flush your web browser’s cache and the DNS resolver cache as well.

Windows 8 Users

  1. For windows 8 users, move your cursor to either the bottom right or top right corner of the screen and select settings then control panel.
  2. In the control panel window, select category and then change it to either large or small icons.
  3. From the resultant change in icons, you can then select Network and Sharing Center.
  4. Select ‘Change adapter settings’ in the new window. This will open up the Network Connections window.
  5. Right click on the network connection that you are currently using then click on properties.
  6. Depending on the DNS server that you are using, you can either choose ‘Internet Protocol Version 6’ or ‘Internet Protocol Version 4’ (generally, TCP/IPV4 is more preferred for all DNS servers) then click properties.
  7. Select ‘Use the following DNS server addresses’ and then type in the IP addresses of your preferred DNS server in the Preferred DNS server and Alternate DNS server fields.
  8. Now click Ok, and then close the tabs in order of how they appear before finally closing the Network Connections Window.
  9. For your new settings to take effect immediately, ensure that you flush your web browser’s cache and the DNS resolver cache as well.

Windows 7 Users

  1. Click on the start menu and then click on control panel.
  2. Once you are in the Control Panel Window, click on ‘View Network Status and Tasks’.
  3. Then click on ‘Change Adapter Settings’.
  4.  A new window with all your network lists will appear on the screen. Right click on the network connection that you are currently using then click on properties.
  5. You can then follow step 6-9 of setting up the DNS settings as outlined for Windows 8 users.

Changing DNS Settings In Mac OS X

In order for you to successfully change your DNS settings you’ll have to login into your system with valid administrator rights.

  1. Click on the Mac Apple sign then select system preferences.
  2. Choose network from the resultant screen.
  3. A Network center window will open; select Ethernet located on the left side of the screen.
  4. In the Network screen, click on the DNS tab then add your preferred DNS servers by clicking on the + located at the bottom left of the screen.
  5. Then click OK at the bottom right of the screen.
  6. In the Network center you will now be able to see the newly added DNS server. Click on Apply to save your settings.

You can also check out our guide for configuring a windows server on your machine.

Page 1 of 212