What is the role of the Recursive DNS server?

We could talk a lot about DNS functionality, however, let’s concentrate at the moment on one major DNS component, the recursive DNS server. 

Recursive DNS server explained.

The Recursive DNS server is responsible for searching for data that is required for answering the queries of the users. Recursion in computing is associated with a method for solving a problem. That means a program or solution is going to repeat itself until it reaches the goal.

The recursive server operates between the authoritative DNS server and the end-users that make the requests.

Every time a user wants to visit a website, it requests its domain name, and the recursive DNS server is the one seeking its IP address (IPv4 or IPv6). Once the recursive server gets the required IP address, it goes back to the device (browser) of the user that initiated that request the first time. Then the laptop, smartphone, or whatever device is using the user receives the information, and it is able to connect to the IP address and load the website.

Types of lookup

The recursive DNS server could complete the lookup for the information in two different ways.

The first type of search needs a more extended period of time to be performed. This is because the recursive server has to go through a long path to get the wanted data. First, it reaches the root server, next to the TLD (Top-Level-Domain) server, and lastly to the authoritative DNS server, which provides the answer to the query. 

For that reason, the recursive server has only one goal – to search for information.

The second type is the easier and quicker path. The recursive server is able to get the IP address from its cache memory. For a certain amount of time, this server can store the data in its cache. The administrators can set for how long by the TTL (time-to-live) value. 

When the user makes a query, the recursive server will first check for the IP address in its cache memory. The query finds its answer if the data is still available there and the TTL has not expired yet. That is a great advantage because the response is quick, and the recursive server doesn’t have to look further in other servers.

DNS cache poisoning attacks and Recursive DNS server

It occurs when the recursive DNS server seeks an IP address from a different DNS server. The cybercriminal stops the request, and instead of the accurate data, the attacker gives a fake answer. Usually, it is an IP address pointing to a malicious website. That is how the DNS cache poisoning attack is completed.

The issue is not just that the recursive server provided the user with a fraudulent IP address. Further, the server will save the answer on its cache, leading to a significant problem. Each user who wants to visit that website is going to receive the fraudulent IP address and enter the malicious website. Such an attack could affect a lot of users. 

3 common usages of FQDN

What is FQDN?

Fully Qualified Domain Name, or for short FQDN, presents exactly the complete name of a specific domain name. Moreover, that applies to servers too and not only to websites. The Domain Name System (DNS) is built and organized hierarchy. It begins from the top level that is the root, followed by the TLD, a level below is the domain, and finally, the last level is the particular hostname.

To make things simple, let’s see the complete syntax of a fully qualified domain name (FQDN):

hostname. domain name. TLD 

([hostname].[domain].[tld].)

Here are some examples of a fully qualified domain name that you probably have seen:

mail.google.com. 

ftp.microsoft.com. 

movies.disney.com.

Keep in mind that the dot “.” that is last in the syntax is commonly neglected. It simply represents the root level. Typically the FQDN ends with the TLD. Yet, there are some cases where that dot is required, and you are going to need to add it. Also, it depends on the software you are currently applying.

With a Fully Qualified Domain Name, you are able to see where exactly an object exists in the hierarchy of the Domain Name System.

Components 

The Fully Qualified Domain Name has 3 main components. They are the following: 

  • The first component is the TLD (Top Level Domain) – It is described with the extension in the end that you can view in an FQDN. Usually it includes 2 or 3 letters, for instance .com, .eu, .net etc.
  • The second component is the subdomain – You can see it as the domain one level below the Top Level Domain (TLD). For illustration, domain.com.
  • The third component is the hostname – It is described with the signs located at the start of the Fully Qualified Domain Name. A simple and very familiar example is www in www.domain.com. The domain owner could create various hostnames as they are connected with a subdomain. For illustration:
    • mail.domain.com
    • www.domain.com
    • ftp.domain.com

Use cases of FQDN

  1. If you want to get an SSL Certificate – Almost every site has one, and you need to provide the FQDN to receive it.
  2. If you want to connect to a host remotely – The Fully Qualified Domain Name is a requirement when you want to connect to a remote host. That means that it isn’t local to your ISP.
  3. If you want to access a specific Domain Service or Protocol – The FQDN is required, for instance, when you want to establish email for particular applications.

What is PQDN (Partially Qualified Domain Name)?

The Partially Qualified Domain Name, or for short PQDN, is a Fully Qualified Domain Name, simply with an absent part. It does not contain all of the components, which give the exact position on the DNS hierarchy. To make things more simple, for instance, a PQDN is google.com. The reason for that is there is an absent web host (www.) before the domain name. 

Everyday users usually apply PQDN because it is more accessible and easy. Besides, it is shorter, which makes PQDN more simple to use.

DNS cache: Why should you care about it?

What is DNS cache?

The DNS cache is a mechanism for storing the DNS data of previously queried domain names. Different devices, such as DNS recursive servers, mobiles, computers, and tablets, have such cache memory. It has a specific purpose: to reduce the time for resolving a domain name. Thanks to it, the DNS recursive server is not necessary to perform a complete DNS lookup every time a particular domain name is requested.

The DNS information that is kept in the cache memory includes the various different DNS records, such as A record of a specific domain name and the corresponding IP address. However, the data is stored temporarily only for a specific amount of time. Therefore, it is estimated through the TTL (Time-To-Live) value of the DNS records. Once the TTL expires, the DNS resolver will have to perform a new DNS lookup.

Let’s take, for instance, a news website that you visit every morning. The first time you want to visit that specific website, a DNS lookup is completed for the needed IP address. The DNS recursive server receives the IP address and saves it in its cache. The next day, when you type the domain name of your news website, it is going to be a lot faster and easier to load. The reason is the DNS cache that keeps the IP address. Also, a new DNS lookup is not required. 

It provides responses to DNS queries of the users faster and optimizes the resources efficiently. DNS recursive only makes the absolutely necessary lookups. 

You should you care?

DNS cache is very useful, and unfortunately, cybercriminals are well aware of that. They have found and established a way to take profit from its functionality.

The attackers manage to perform DNS poisoning by inserting fraudulent IP addresses or domain names. That way, they direct the user to a malicious website that is very similar to the original one.

Technical issues or administrative errors could corrupt the DNS cache. Yet, often if something like that appears, it is a sure sign for criminal activity in motion. So, to prevent this risk, it is a good idea to flush the DNS cache regularly. 

How to delete the DNS cache?

The process of deleting the cache depends on your OS and your browser that could have different separate DNS cache. 

macOS

  1. Open the Terminal. Then type the following command – sudo killall -HUP mDNSResponder
  2. Next, write your password and press Enter. Ready!

Linux (Ubuntu 20.04 LTS)

  1. Open the Terminal. Then type the following command – sudo systemd-resolve –flush-caches. 
  2. Next, write your sudo password and press Enter. Ready!

Windows

  1. Start the Command Prompt or Windows PowerShell. Then type the following command – ipconfig /flushdns.
  2. You have to receive a confirmation message. The DNS is now clear.

Safari 

  1. Go to “Preferences” and next “Advanced.” There, in the menu bar, search for “Show develop menu.” 
  2. Next, find “Develop” and then “Empty Caches.”
  3. Now, just restart your browser. You are ready! 

Google Chrome/Edge/Opera

  1. Copy this text – chrome://net-internals/#dns. 
  2. Paste the text inside your address bar. Then press Enter.
  3. On the page you see, search for “Host resolver cache” and click on “Clear host cache.”
  4. Ready!

Managed DNS: Take your performance to the next level

Let me tell you a real story. I had a blog, which had no additional DNS service and was using just the name servers of the domain registrar, and I was using a regular shared hosting. You can imagine that neither the domain resolution speed nor the web hosting was great. I am experiencing the bad consequences of people clicking and not waiting for my site to load, leaving it faster than expected and not satisfying positioning on the search engines’ rankings.

The blog was loading in 20-30 milliseconds from the continent (Europe), where the servers were, but around 200-300 milliseconds on all of the rest (North America, South America, Australia, Asia, etc.).

I was losing many visitors until I started to use a Managed DNS!

The Managed DNS first brought speed, but many more features too, that improved the visitors’ experience greatly. Here you can have my observations:

Boosted speed.

Yes, you can imagine that a paid Managed DNS service will bring significant improvement when it comes to domain resolution. First, get a plan with name servers located as close as possible to your biggest audiences. Like that, you will shorter the route of the DNS queries and speed the process up. With a good provider, your domain could be resolved in less than 10 milliseconds! 

Load balancing for better performance.

Not only that the speed will be better, but also you can enjoy the advantages of the load balancing that many Managed DNS services offer. The queries can be managed between the name servers and provide better performance and, most importantly, redundancy. Even if some of the servers are down, the visitors’ queries can still be answered from another of the working DNS servers. So, thanks to the load balancing, you won’t miss visits, leads, and conversions, just because your domain was offline.

No overspending.

Yes, you can rent several dedicated servers or virtual private servers and use software like Bind 9, to manage your domain on your own. But this could be hundreds of times more expensive than what a Managed DNS plan can offer. And you don’t need to think about software support because it is a SaaS (software-as-a-service). All the support, hardware and software, are the responsibility of the DNS provider.

Scalability.

Related to the previous point, you can also benefit from cloud DNS providers’ scalability. You want more resources, then you just pay and start using them in a matter of minutes. No need to set up whole OSes and software. Click a few times, perform a zone transfer, and you have another Secondary server up and running.

Top-notch security.

If you haven’t managed a server on your own, you might not know how much pain in your rear end is to secure a server if you use a DNS provider, all that responsibility and weight fall on it. You will get all the benefits of a good firewall, smart monitor of traffic, DDoS protection, and automatic triggers. I can’t really express myself how much time and effort not having to worry about security helps your business.

Conclusion

Having a Managed DNS took that blog to the next level. It was a significant and visible improvement. Sure it costs, and maybe it is an expense that you don’t want to add in the beginning. But when your site starts growing, it is a must-have DNS that will boost your overall performance.