admin:dns

Domain Name System (DNS)

IP Name
9.9.9.9 Quad9
1.1.1.1 Cloudflare
8.8.4.4 Google Public DNS-2
212.82.225.12 Clara-2 DE

Find out with namebench.

Format: <name> [<ttl>] [<class>] <type> <rdata>

https://de.wikipedia.org/wiki/SRV_Resource_Record

_service._proto.name. TTL class SRV priority weight port target.

Send mail from MX and A entries, prohibit all others:

example.com 28800 TXT 10 v=spf1 mx a -all

Check with spfquery.

https://tools.ietf.org/html/rfc6186

_submission._tcp     SRV 0 1 587 smtp.example.com.
_imap._tcp    SRV 0 1 143 imap.example.com.

RFC-2606 reserves 4 different TLDs for testing and documentation examples:

  • .example
  • .invalid
  • .localhost

DO NOT use .local for testing or local purposes! It's reserved for mDNS – if you hand out .local DNS entries, you'll interfere with Avahi/Zeroconf hostname resolution.

If you want to serve the same content both locally and from outside of your LAN, you can use Split DNS. A local DNS resolver responds to local clients with a LAN IP and the public DNS responds with a WAN IP. A similar thing can be done with hairpin NAT on the network layer, which routes traffic to the external IP back to the LAN.

A regular lookup ("forward DNS") tells you the IP address for a given hostname. A reverse DNS lookup tells you the canonical DNS address for a given IP. This doesn't have to be populated for every IP and not all forward DNS entries also have a reverse entry.

In most DNS servers this has to be set explicitly, to prevent leaking DNS names for IP addresses where this is not needed.

.mail servers use this to find out if the mail hostname a system authenticates with is also the hostname which actually belongs to the system. Many mail systems discard incoming mail as spam when the reverse DNS entry doesn't point to the hostname they got mail from.

rDNS entries have to be set by the provider of the IP, not the provider of the target domain. The reverse DNS database of the Internet is rooted in the .arpa top-level domain1.

On Linux systems, you can use dig -x $IP to look up rDNS entries.

try one of the following:

resolvectl flush-caches
nmcli general reload dns-full
systemd-resolve --flush-caches
systemctl restart nscd
systemctl restart dnsmasq
systemctl restart named
service networking restart
  • Last modified: 2024-07-05 14:31