What's in a Name: Understanding the Domain Name System
Learn how computers translate names (like
google.com) to IP addresses using the global Domain Name System or DNS. In this workshop, you’ll see exactly what DNS queries and responses look like, and you’ll learn valuable tips that can help you troubleshoot network problems, avoid DNS-based censorship, and increase the security and privacy of your day-to-day Web browsing. You’ll also get a peek at what’s involved in setting up your own DNS server, useful for learning how popular services like Web hosting providers, domain registrations, and DNS-based reverse proxies like Cloudflare actually work.
In the digital world of cyperspace networks, such as the Internet, places don’t have names. They have numbers. Called Internet Protocol (IP) addresses, these numbers are used to identify the sources and destinations where network traffic, such as Web browsing, email, and video conferencing messages should go. But if computers use numbers and not names to route traffic, how do they know where to go when we type in addresses such as
google.com in our Web browser?
The answer lies in DNS, the Domain Name System. Often described as “the Internet’s phone book,” DNS is actually a far more capable and integral component of networked systems than it’s given credit for. Ever since its inception in 1983, the DNS was a key enabler of the growth of the Internet and has been vital to its continued operation to this day. Beyond the popular understanding as a name-to-address lookup system, the DNS is actually a massive, distributed, delegated database that allows organizations to publish all kinds of useful information in the form of resource records (RRs). For instance, today DNS is also used to fight email spam and phishing attacks (using DNS-backed protocols like SPF, DKIM, DMARC, and DANE, and CAA resource records), perform service discovery (with SRV records), and more.
Understanding what DNS really is and how it actually works is a crucial, early step administrators must take to ensure applications and services are healthy. In this deep-dive workshop, we’ll dissect the DNS protocol itself, watching queries and replies, and we’ll trace DNS messages across recursive DNS servers, called resolvers, as they get bounced from the root DNS resolvers to the ultimate authority responsible for managing the zone in which our answer is to be found. We’ll also discuss the inherent insecurities of the original UDP-based DNS traffic, as well as how to secure DNS transmissions using state-of-the-art technology such as DNSCrypt v2, DNS-over-TLS (DoT), and DNS-over-HTTPS (DoH), which is increasingly finding its way into familiar apps like Web browsers and even the Windows 10 Operating System itself.
Upcoming “What's in a Name: Understanding the Domain Name System” Events
Subscribe to our calendar.
- November 15, 2020 at 4:00 pm (-0500)