DNS IN DEPTH

It has been a while since I have posted on here. It has been a crazy busy week and a half, and I have two big exams coming up on Friday. I am taking CCNP ENSLD for my third CCNP and the Palo Alto NGFW engineer exam. I am confident in the first one, not as much the second one, but we will see. Luckily for me, I missed out on the Pearson deal where I do not get a free retake voucher because I bought both of these in April (my luck).

I realized recently that I do not know as much about DNS as I thought I did. Sure, it resolves a domain name to an IP so you can access websites online, but there is a lot more to it than just that. I like to think of it as the phone book of the internet.

When you send a DNS request, this request will first be sent to a DNS server. This is known as a recursive request. It is handing off the DNS request to a server to resolve this domain for me, no matter what it takes. A non-recursive DNS request means that our DNS server is not putting the authoritative .com server to go out and do all the DNS lookups. If the DNS server has an answer, what will it do? The DNS server will pass the request further upstream by analyzing different DNS zones like .com, .net and referencing different DNS servers depending on the zone. A DNS zone splits up authority over different segments in the DNS namespace, like .com, .net, etc. Hopefully, after we have to go this far with our DNS request, we will get a response back.

In DNS, there are also things called records. Think of a DNS record like instructions that live in authoritative DNS servers and provide information about a domain. All DNS records have a TTL tied to them. If you have studied networking, I am sure you have heard of this. A TTL in the case of a DNS record will indicate how long it is until the DNS record will refresh that record or until it’s gone. Some common types of DNS records are the following:

A = IPv4 Records
AAAA = IPv6 Records
CNAME = This stands for canonical name, used for an alias like if I buy a URL and redirect it to my website (I actually used this for this website).
MX = Mail exchange, used to get IPs for our emails.

If you are looking to get more in-depth and see this in action, I would suggest setting up a Linux server and installing dnsutils on it. With this, you can use the dig command to perform DNS lookups. It is a pretty neat tool.

Certificate Authorities

A certificate authority is a trusted organization that issues digital certificates to websites, businesses, and also individuals. When a CA issues an SSL certificate, it verifies the website domain and the organization behind it. This helps validate the trust between users and the website, ensuring that sensitive data is able

CRC

Over the weekend I ended up taking both ENSLD and my Palo Alto NGFW engineer exam. I originally thought I would pass ENSLD and fail my Palo Alto certification, but it was the other way around. I realized during my testing for ENSLD there was some stuff I forgot because

SSL

SSL, also known as Secure Sockets Layer, is an encryption-based internet security protocol. The purpose of it is to ensure privacy, authentication, and data integrity in internet communication. This is the predecessor to TLS encryption, which is used today. So how does it work? SSL encrypts data that is transmitted

TCP VS UDP!

Back to the basics with this one. These are two core protocols in networking, they are used for sending data over the internet and other networks. TCP stands for Transmission Control Protocol and is used for reliable connections. UDP stands for User Datagram Protocol and it is used for fast

Read more

Certificate Authorities

CRC

SSL

TCP VS UDP!