Question

Knowledge Adaptation

Troubleshooting DNS . The lecture and reading lists multiple tools that can be used to help resolve DNS issues. Select two tools, provide a brief description of the tool and how that tool is utilized in troubleshooting. Provide at least a paragraph per tool.

Answer 1

Domain Name System(DNS)

DNS is like Internets phonebook. When you click a human readable web link, your web browser calls on domain name system(DNS) resolver to resolve its corresponding IP address

DNS is much essential, Without DNS there is no internet, it is not just a browser. If it runs on the Internet—Slack, email, DNS works behind the scenes to make sure all the to make sure the application request hook up with appropriate Internet resource. It may be website, email link or FTP site, it has IPv4 address or IPv6 address equivalent and 13 DNS master root servers track them all. These legitimate DNS servers hold the addresses for each Internet-associated device in the world.

DNS Problems

The Internet is filled with garbage sites and the DNS too. DNS can spread malware, in most common way in the form of DNS cache poisoning. In this kind of attack, server falls into an attackers control. Thus the attacker inserts bad information in the DNS data cache. Then after when you try to visit the site, the DNS resoponse send you to a bogus version of the site. which infects the system with malware. That's the reason we use DNS trouble shouting.

Types of tools to resolve DNS issues

• Nslookup

• Dig

• mxtoolbox.com

• host

• Ping

• Tracert/traceroute

• Ipconfig/ifconfig

• Netstat

• PuTTY/Tera Term

• Subnet and IP Calculator

• Speedtest.net/pingtest.net

• Pathping/mtr

• Route

Nslookup

The undertaking of DNS troubleshooting is primarily one of information gathering. Troubleshooting instruments like nslookup fill in as checks against the configuration of DNS servers. The word nslookup is another way to say "name server lookup". Nslookup tool works on both Windows and Linux enviornments.

The easiest way to use nslookup tool is to type the command followed by a domain name. Let’s take facebook, for example. The command line entry and the results will look something like this:

C:\>nslookup www.facebook.com

Server: my.local.dns.server
Address: 10.10.10.10

Non-authoritative answer:
Name: www.facebook.com
Addresses: 2607:f8b0:4002:80f::2004
172.217.4.4

From the above response, we can see the first section what server it is using to obtain the information. In the above case, it is using the local DNS server on my network. For you it can be your router or ISP or an internal corporate DNS server depending on where you are. In the second step it has recieved a non-authoritative answer. This is not something to be concerned about,it means that server giving the answer in a recursive DNS resolver, which is very common. It is unusal to hit the primary/authorative DNS server from your local machine.And of course, you see the addresses given out for www.facebook.com. Both an IPv6 address (first) and an IPv4 address after that. Then machine will decide which IP to use based on your connectivity, so no need to worry if you're not enabled IPv6 yet,the IPv4 can be used.

We can go to interactive mode by typing nslookup at the command prompt. We will notice that propmpt changes to ">". Here we can type the domain name directly.

There are different ways that we can query DNS databases with nslookup. We can query only information about mail server settings by typing [set type=mx] in interactive mode.You can also connect to a different DNS. For instance, to connect to Facebook’s DNS, you would type [server 8.8.8.8].

Dig

Command-line tool for DNS troubleshooting is called dig. The name stands for domain internet groper(DIG). This tool is used on Linux, and can help you dig into DNS issues. An example for dig:

$ dig -t mx www.facebook.com

; <<>> DiG 9.10.3-P4-Ubuntu <<>> -t mx www.facebook.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40683
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.facebook.com.            IN    MX

;; AUTHORITY SECTION:
facebook.com.        60    IN    SOA    ns1.facebook.com. dns-admin.facebook.com. 164707171 900 900 1800 60

;; Query time: 61 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: Wed Aug 09 14:34:03 EDT 2017
;; MSG SIZE rcvd: 113

The example here queries the mail servers of Facebook. There are none listed here for Facebook, but if you put yours in you should see a section that lists your mail servers. For getting more information about the dig,type[man dig] in the Linux aommand line. In the above example "-t" you see is to specify the type of query, in this case MX records. It is not often required any more. So if you leave that out, it works same as the moders versions of dig. If yo don't specify the query type, such as MX, then it will default to listing 'A' records. If you want query a specific server use @ symbol[ig @a1.uberns.com www.Facebook.com] will query our servers.