1. What is DNS?
A) DNS (Domain Name System) is a distributed naming system that translates human-readable domain names (e.g., example.com) into IP addresses (e.g., 93.184.216.34).
2. What are the main types of DNS records?
A)
- A → Maps domain to IPv4 address
- AAAA → Maps domain to IPv6 address
- CNAME → Canonical name (alias to another domain)
- MX → Mail Exchange server
- NS → Nameserver record
- PTR → Reverse lookup (IP to domain)
- TXT → Stores text (SPF, DKIM, verification)
3. What is the difference between A and CNAME records?
A)
- A record → Points domain to an IP address.
- CNAME record → Points domain to another domain name.
4. What is an MX record in DNS?
A) MX (Mail Exchange) record specifies the mail server responsible for receiving email for a domain.
5. What is a PTR record?
A) PTR (Pointer) record maps an IP address back to a domain name (reverse DNS lookup).
6. What is TTL in DNS?
A) TTL (Time To Live) defines how long DNS records are cached by resolvers before refreshing.
7. How do you check DNS records from Linux?
A)
dig example.com
nslookup example.com
host example.com
8. What is the difference between dig and nslookup?
A)
- dig → More modern, detailed output, preferred for troubleshooting.
- nslookup → Older tool, still widely used but less flexible.
9. What is DNS load balancing?
A) DNS can return multiple IPs for the same domain, distributing traffic among servers (basic load balancing).
10. What are common DNS troubleshooting steps?
A)
- Check /etc/resolv.conf for correct DNS servers.
- Use ping, dig, or nslookup to verify resolution.
- Check firewall/port 53 (UDP/TCP) access.
- Flush DNS cache (systemd-resolve –flush-caches or ipconfig /flushdns).
DNS Real-Time Troubleshooting Scenarios
11. DNS Resolution is Slow
Problem: Users complain websites load slowly.
Troubleshooting Steps:
Check /etc/resolv.conf to verify DNS server.
Test with dig @8.8.8.8 example.com (Google DNS).
If faster with public DNS, internal DNS server may be overloaded.
Solution: Optimize/correct local DNS or use caching resolver.
12. Domain Not Resolving
Problem: ping example.com fails.
Troubleshooting Steps:
Run dig example.com or nslookup example.com.
Check firewall blocking UDP/TCP port 53.
Verify A/AAAA records exist in DNS zone.
Solution: Add missing records or fix firewall issues.
13. Wrong IP Address Returned
Problem: DNS returns old/wrong IP after migration.
Troubleshooting Steps:
Run dig example.com with +trace to verify authoritative servers.
Flush local DNS cache (systemd-resolve –flush-caches or ipconfig /flushdns).
Check TTL in zone file.
Solution: Update zone records and wait for TTL expiry.
14. Reverse Lookup (PTR) Fails
Problem: Services like mail servers fail due to missing reverse DNS.
Troubleshooting Steps:
Run dig -x <IP> to check PTR record.
Verify ISP or DNS provider manages reverse zone.
Solution: Add/update PTR record for IP.
15. DNS Propagation Delay
Problem: Website works in some regions, fails in others.
Troubleshooting Steps:
Check record with global tools (dig @1.1.1.1 example.com).
Compare multiple public resolvers (Google, Cloudflare, OpenDNS).
Solution: Lower TTL before changes to speed up propagation.
16. DNS Caching Issue
Problem: Users see outdated site even after DNS change.
Troubleshooting Steps:
Clear local cache:
Linux → systemd-resolve –flush-caches
Windows → ipconfig /flushdns
Browser → clear DNS cache.
Solution: Wait for TTL or force cache refresh.
17. DNS Server Not Responding
Problem: Resolver unreachable.
Troubleshooting Steps:
Check with dig @dns_server example.com.
Verify DNS service running (systemctl status named or systemd-resolved).
Check firewall for port 53.
Solution: Restart DNS service or fix firewall/network.