domain-name-system interview questions

Top domain-name-system frequently asked interview questions

Windows 7: "localhost name resolution is handled within DNS itself". Why?

After 18 years of hosts files on Windows, I was surprised to see this in Windows 7 build 7100:

# localhost name resolution is handled within DNS itself.
# localhost
#   ::1 localhost

Does anyone know why this change was introduced? I'm sure there has to be some kind reasoning.

And, perhaps more relevantly, are there any other important DNS-related changes in Windows 7? It scares me a little bit to think that something as fundamental as localhost name resolution has changed... makes me think there are other subtle but important changes to the DNS stack in Win7.

Source: (StackOverflow)

is a CNAME to CNAME chain allowed

Is it allowed in DNS to have a CNAME record that points to another CNAME record?

The reason we need this is that we have a hostname that we want to be looked up to the IP address of our web server computer. We also have another web server computer stand by that could be activated in case the first one would die. In such a case we would quickly need to point the hostname to the IP address of the stand by web server computer.

Unfortunately the hostname resides in a DNS domain where any change would take long time due to manual operation dependent on other sysadmins. But we have another DNS domain where we can perform the changes ourselves quickly. Having CNAME to CNAME chain seems like a possible solution. But is it allowed? Will web browsers understand it?

Source: (StackOverflow)

What is a glue record?

This is a Canonical Question about DNS glue records.

What exactly (but briefly) is a DNS glue record? Why are they needed and how do they work?

Source: (StackOverflow)

List all DNS records in a domain using dig?

My company runs an internal DNS for mycompany.com

There is a machine on the network that I need to find, but I’ve forgotten its name. If I could see a list, it would probably jog my memory.

How can I list all of the domain records for mycompany.com?

Source: (StackOverflow)

Why is DNS failover not recommended?

From reading, it seems like DNS failover is not recommended just because DNS wasn't designed for it. But if you have two webservers on different subnets hosting redundant content, what other methods are there to ensure that all traffic gets routed to the live server if one server goes down?

To me it seems like DNS failover is the only failover option here, but the consensus is it's not a good option. Yet services like DNSmadeeasy.com provide it, so there must be merit to it. Any comments?

Source: (StackOverflow)

Why can't MX records point to an IP address?

I understand you should not point a MX record at an IP address directly, but should instead point it to an A record, which, in turns, points to the IP address of your mail server.

But, in principle, why is this required?

Source: (StackOverflow)

How can I see Time-To-Live (TTL) for a DNS record?

I would like to see the Time-To-Live (TTL) value for a CNAME record.

I have access to dig (on Apple Mac OS X), which gives me an answer like this:

% dig host.example.gov
host.example.gov.       43200   IN  CNAME   host1.example.gov.
host1.example.gov.      43200   IN  A

Is the value '43200' the TTL for this DNS record?

Source: (StackOverflow)

Should we host our own nameservers?

This is a Canonical Question about whether to outsource DNS resolution for ones own domains

I currently have my ISP providing DNS for my domain, but they impose limitations on adding records. Therefore, I am thinking about running my own DNS.

Do you prefer to host your own DNS, or is it better to have your ISP do this?

Are there alternatives which I can look into?

Source: (StackOverflow)

How to Configure Windows Machine to Allow File Sharing with DNS Alias

What process is necessary to configure a Windows environement to allow me to use DNS CNAME to reference servers?

I want to do this so that I can name my servers something like SRV001, but still have \\file point to that server, so when SRV002 replaces it I don't have to update any of the links people have, just update the DNS CNAME and everyone will get pointed to the new server.

Source: (StackOverflow)

Top level domain/domain suffix for private network?

At our office, we have a local area network with a purely internal DNS setup, on which clients all named as whatever.lan. I also have a VMware environment, and on the virtual-machine-only network, I name the virtual machines whatever.vm.

Currently, this network for the virtual machines isn't reachable from our local area network, but we're setting up a production network to migrate these virtual machines to, which will be reachable from the LAN. As a result, we're trying to settle on a convention for the domain suffix/TLD we apply to the guests on this new network we're setting up, but we can't come up with a good one, given that .vm, .local and .lan all have existing connotations in our environment.

So, what's the best practice in this situation? Is there a list of TLDs or domain names somewhere that's safe to use for a purely internal network?

Source: (StackOverflow)

Setting the hostname: FQDN or short name?

I've noticed that the "preferred" method of setting the system hostname is fundamentally different between Red Hat/CentOS and Debian/Ubuntu systems.

CentOS documentation and the RHEL deployment guide say the hostname should be the FQDN:

HOSTNAME=<value>, where <value> should be the Fully Qualified Domain Name (FQDN), such as hostname.example.com, but can be whatever hostname is necessary.

The RHEL install guide is slightly more ambiguous:

Setup prompts you to supply a host name for this computer, either as a fully-qualified domain name (FQDN) in the format hostname.domainname or as a short host name in the format hostname.

The Debian reference says the hostname should not use the FQDN:

3.5.5. The hostname

The kernel maintains the system hostname. The init script in runlevel S which is symlinked to "/etc/init.d/hostname.sh" sets the system hostname at boot time (using the hostname command) to the name stored in "/etc/hostname". This file should contain only the system hostname, not a fully qualified domain name.

I haven't seen any specific recommendations from IBM about which to use, but some software seems to have a preference.

My questions:

  • In a heterogeneous environment, is it better to use the vendor recommendation, or choose one and be consistent across all hosts?
  • What software have you encountered which is sensitive to whether the hostname is set to the FQDN or short name?

Source: (StackOverflow)

Linux command to inspect TXT records of a domain

Is there a linux shell command that I can use to inspect the TXT records of a domain?

Source: (StackOverflow)

What's the command-line utility in Windows to do a reverse DNS look-up?

Is there a built-in command line tool that will do reverse DNS look-ups in Windows? I.e., something like <toolname> w.x.y.z => mycomputername

I've tried:

  • nslookup: seems to be forward look-up only.
  • host: doesn't exist
  • dig: also doesn't exist.

I found "What's the reverse DNS command line utility?" via a search, but this is specifically looking for a *nix utility, not a Windows one.

Source: (StackOverflow)

Is a wildcard CNAME DNS record valid?

I know it's valid to have a DNS A record that's a wildcard (e.g. *.mysite.com). Is it possible/valid/advised to have a wildcard CNAME record?

Source: (StackOverflow)

How the heck is http://to./ a valid domain name?

Apparently it's a URL shortener. It resolves just fine in Chrome and Firefox. How is this a valid top-level domain?

Update: for the people saying it's browser shenanigans, why is it that: http://com./ does not take me to: http://www.com/?

And, do browsers ever send you a response from some place other than what's actually up in the address bar? Aside from framesets and things like that, I thought browsers tried really hard to send you content only from the site in the address bar, to help guard against phishing.

Source: (StackOverflow)