Author: Gia

DNS Network

What is TTL and why is it important?

In our article today, we will take a look at the TTL. So, if you want to learn more about its purpose and why it is so important, you are in the right place. 

TTL – What is its main purpose? 

The value that specifies the time period or the number of hops that a data packet is put up to be alive is called time-to-live (TTL). Either across the network or in cache memory. It will be terminated when this timer runs out or the data packet hits its hop limit. Data packets are not all the same; they differ in size and shape, but they all have a unique TTL. The amount of time data packets should decide the time needed to live in a device to perform their missions.

How does it operate?

Massive volumes of packets will be routed around routers if they are not regulated. To get around this, each data packet must have an expiration date or a restriction. This makes it easier to track their progress and figure out how long they’ve been there. Packets also move through network points to get to their destination. As a result, a TTL value is included in each data packet. Only if time or hops are available, do routers receive the packet and forward it to the next network point. If the TTL indicates that no more hops/time is available, routers will stop transferring it.

On the other hand, routers send an ICMP (Internet Control Message Protocol) message. It reports IP errors and points to the packet’s source IP address.

Why is TTL important?

TTL is a critical method for controlling existing data packets and network traffic. Every day, networks get larger and larger. As a result, the volume of data packets passing through them is enormous. Without a means to govern them (expiration date), millions of old packets that served their purpose many years ago may still be floating around, causing confusion.

Time-to-live is an essential tool for determining if data is still valid in situations such as networking and device cache memory, as we previously discussed. Data that has been determined to be no longer useful can be discarded.

TTL also allows you to obtain information about packets, such as the amount of time they spent traveling and the whole route they took. This is critical information in terms of security!

TTL in DNS

TTL (time-to-live) in DNS (Domain Name System) indicates how long a DNS record, such as an A record or an ALIAS record, is valid (in seconds) and how long a nameserver (recursive or secondary DNS server) can store it in its cache memory. The DNS record will be removed when the TTL reaches 0.

The DNS client must ask the recursive DNS server again and wait for it to perform a fresh DNS query to obtain the record in the case of a recursive DNS server. Following that, it will be cached again based on the TTL.

To update its DNS records, a secondary DNS server must check with the primary DNS server again and complete a zone transfer. Otherwise, it will be unable to answer to domain-related questions.

Conclusion

To summarize, the TTL value is a critical component that determines how long data is valid. It will indicate whether the information is current or needs to be updated soon. It facilitates data updating.

DNS DNS records Network

PTR record: Why should you care about it?

PTR record is one of the critical DNS record types that you should know. It is one of the few that warrants special attention. Why, we will see in this article. 

DNS record – what does it mean?

To start, let’s see what precisely the DNS records are. They are nothing more than text instructions. Its primary function is to instruct domain name servers on managing traffic to your domains and subdomains. In addition, the network for websites is the entire Internet. So, a DNS record is a single mapping that connects an IP address to a resource in DNS. They are organized into DNS zones and kept on nameservers.

What is a PTR record?

PTR records, also known as Pointer records, are a DNS record that links an IP address to a domain name. It is proof that the IP address being checked is indeed tied to the domain name and that it is not a hoax. So, it allows you to check and verify that the IP address you’re using belongs to the domain name. Furthermore, it demonstrates that it is not a hoax. Thanks to the Pointer record, verifying distinct pieces or services, such as a mail server, is simple.

How to check your PTR record?

Structure

The structure of the PTR record is simple and easy to understand. Here is an example how what it could look like:

  • TYPE: PTR record – It denotes the DNS record type. 
  • Host: 78.159.213.32 – You must provide the host’s IP address in this field. An IPV4 or IPv6 address is possible.
  • POINTS TO: example.com – You can use this field to show the domain name.
  • TTL: 1h – You set the TTL or time-to-live value here.

How to create a PTR record?

It’s simple to set up a DNS Pointer record. So, let’s break it down into steps.

  1. It would be best if you first built a Master Reverse Zone.

In a Master Reverse Zone, the PTR record can exist. However, it’s important to note that it shouldn’t be used in a conventional Master zone. The IP address in the Master Reverse Zone should always be in reverse order. For example, if the IP address is 32.213.159.78., you should enter it as 78.159.213.32. Regardless of whether it’s an IPv4 or IPv6 address, the same rule applies.

  1. The next step is to generate the Pointer record.

When adding the PTR record, you’ll also have to input it backward. You should have a matching A or AAAA record for each Pointer record. As a result, make sure to double-check!

  1. Finally, add the NS records.

NS records pointing to your nameservers should be added to the IP provider. Your Reverse DNS zone is now complete!

Why is it important to use rDNS service?

PTR record vs. A record

When we compare the A and PTR records, we’ll see that they’re polar opposites. This is because the A record links a domain name to an IP address (IPv4). On the other hand, the PTR record is used to resolve an IP address (IPv4 or IPv6) to a domain name.

It’s also worth noting that the A and PTR records are located in separate DNS zones. The A record should be added to a Primary (Master) DNS zone, but the PTR record can only exist in a Master Reverse DNS zone and operate.

Conclusion

By and large, the PTR is a really fundamental DNS record that you have to know. Start using it for your domain to lessen the number of bounce emails. It is not difficult. You could just follow the steps above. Good luck!

DNS DNS records

DKIM record – definition

Once you get into the DNS game, you have to know the tools to play and face every challenge ahead. The DNS has its structure, but it can be adapted to your specific needs. The only way to enjoy the benefits of its flexibility is to play with its different “cards”. Let’s define the DKIM record to know what it has in store for you!

What is the DKIM record?

DKIM record or DomainKeys identified mail is defined as an e-mail security standard created for domains to prove the e-mails sent on their behalf are authentic. To enable it gives certainty about your messages’ trustability to recipient servers. This is not a minor contribution to security in the current times. DKIM also protects messages from being altered while traveling from the sender server to the recipient server. Basically, these important functions are achieved through cryptography.

How to create a DKIM record?

How does the DKIM record work?

The DKIM technology allows domains to sign outgoing messages using cryptographic authentication. When you enable DKIM, it will work through the use of two cryptographic keys, one private and one public. The private key will sign e-mails when they leave the sender server. The public key is published into the domain’s DNS record to be available for the recipient servers to authenticate the messages’ source and check the integrity of the messages’ body. If the signature gets verified by the recipient server (via the public key), the messages are considered authentic.

Let’s now be a bit more technical. As an administrator of a domain, you have to publish the cryptographic public key using TXT record format. This step is a must for recipients to verify the authenticity of the message’s sender. When the mail server sends an e-mail, DKIM will create a digital signature and attach it to the message’s header. 

At this point, for sure, you may wonder what exactly a digital signature is. Well, it’s a hash value, a unique line of text properly encrypted with the private key, that must remain exclusively in the administrator’s control. Otherwise, security can’t be guaranteed.

DKIM has, as a part of its functionality, multiple algorithms for generating this digital signature. Every detail linked to the signature’s production process is written in the message’s header. Additionally, two cryptographic hashes are included. One is connected to the defined headers and the other to the message’s body.

The sent e-mail travels and arrives at the recipient mail server. This triggers a DNS query to search the public key of the sender domain for verifying the message. The recipient mail server gets it and proceeds to decrypt the digital signature. The hash values can now be compared with the values within the message. A match of these values will define the authentication of the e-mail. Besides, the recipient mail server will confirm that the message was not altered in transit. Therefore, security for the recipient while accepting this e-mail is guaranteed.

Advantages of having a DKIM record

  • It’s easy to configure. An administrator can directly do it.
  • It’s an efficient shield against forged and dangerous e-mails. Through DKIM, you can secure the messages sent from your domain not to be altered and damage recipients and your reputation.
  • It helps to avoid phishing and spoofing.
  • It provides security to your domain’s mail server, and its possibilities can be expanded if you combine it with other DNS records like DMARC.

Conclusion

The DKIM record means security for your domain mail server and for your clients (recipients). It’s by definition a security ace you should have up your sleeve!

DNS DNS records

What is the purpose of the DMARC record?

If you don’t feel like reading the 70+ pages of RFC 7489, but still you want to know more about DMARC, you came to the right place! I will simplify it for you and explain to you DMARC and the DMARC record in less than a few minutes!

What is DMARC?

Domain-based Message Authentication, Reporting, and Conformance (DMARC) is a mechanism that an organization can use to define domain-level policies and preferences regarding email handling. For example, message validation, disposition, receiving, and reporting.

The companies require a method of authentication of the domain names of the messages (emails) that they are receiving. They need to have rules and procedures based on the values that the emails and domain names can provide. Thanks to that, the receivers can check the messages and provide valuable feedback to the domain’s owner about the way its domain is used. The owner can see if there was any abuse of its domain.

DMARC uses two factors to set policies:

SPF (Sender Policy Framework) record. It is another email validation mechanism that offers to report. Using it, you can define who can send emails on the domain name’s behalf.

DKIM (DomainKeys Identified Mail) record. DKIM is a method of email encryption and authentication of the sender of the email, using the domain name. The receiver could use it and validate that an email comes from the right domain name.

The purpose of DMARC is to reduce phishing attacks, reduce spoofing attacks, and provide better security for email communication. In general, having DMARC will ensure the delivery of your emails and stop other people from abusively use your domain name for attacks.

What is the DMARC record?

The DMARC record is a DNS TXT record that sets the policies about the domain name based on the SPF record, DKIM record, and other parameters. It sets behaviors that the receivers of the emails, sent by a particular domain, should have.

The purpose of the DMARC record is to allow you, as the domain administrator, to set up the policies regarding the handling of the emails coming from your domain name.

The tags that the DMARC record uses are:

Adkim – behavior based on the DKIM record.

Aspf – behavior based on the DKIM record.

Fo – Fail option. Defines what a server should do in case of failure.

P – Policy. Indicates the policies that the receiver should apply.

Pct – Percentage. To what amount of emails should the policy be applied.

Rf – Report format. Defines the type.

Ri – Report interval. Demands reports after the specified time.

Rua – Return feedback (aggregate). Indicates where the report should be sent.

Ruf – Return feedback (mail specific). Indicates where the report should be sent.

Sp – Subdomain policies. If you want to indicate different policies for the subdomains than those for the domain name, you need to use this one.

V – just a simple version indicator. Currently, it should be DMARC1 because there is still no DMARC2 or more.

Conclusion.

So, knowing what DMARC record is, it is now time to implement it. Each additional layer of security keeps you safer—fewer problems and easier to manage. Ensure a secure exchange of emails, outgoing and incoming, with the power of DMARC!

DNS DNS records

​TXT record – What is it and why do you need it?

If you are searching for the TXT record, you are probably interested in email security and all the methods of authentication and validation of a domain. So, Let’s not waste any more time and see what the TXT record type is all about!

​What is the TXT record?

The TXT record is a type of DNS resource record and serves to associate data with the domain. The data could be a human-readable text, or it could be different information about servers and networks that could be read by machines only.

Usually, DNS administrators create various TXT records to ensure the proper functionality of the email servers. That way, the emails that are sent could be verified, and their origin could be authenticated.

How does TXT record work?

(more…)

DDoS protection DNS

How can you reduce the risks with DDoS protected DNS?

DDoS protected DNS is an additional beneficial service. Let’s explain a little bit more about it.

DDoS attack – What is it?

The DDoS (Distributed Denial of Service) attack is a cyber-attack that aims to disable your service, network, website. That usually happens by sending a serious amount of traffic until your server goes down, or they exploit the DNS or protocol such as the UDP flaw and triple your website or application.

There are a lot of different DDoS attacks, and oftentimes they bring down even big companies, for instance, Amazon. Therefore, if you don’t have proper protection, you are risking a lot. In addition, in case you are utilizing shared hosting, such an attack on any of your “neighbors” is going to reflect on you too.

What is DDoS protected DNS?

DDoS protected DNS is an additional service that includes several different tools and mechanisms to inspect traffic and prevent DDoS attacks. Cybercriminals organize and initiate DDoS attacks with large amounts of traffic. Their main goal is to make your servers incapable of responding to the queries of your regular users.

What does DDoS protected DNS include?

  • Monitor. Monitor the entire incoming DNS traffic. In case it detects an abnormal pattern, it could take different actions to prevent a potential DDoS attack towards your website. For that reason, acknowledging the traffic is crucial. 
  • Deep analysis of the traffic. The best understanding of the standard patterns of the traffic and use them for comparison. 
  • Filter. Implementing a filter of the incoming traffic depending on whitelisting or blacklisting and different criteria. The prevention can determine and eliminate malicious traffic. 
  • Traffic separation. Comprehend what regular user traffic is and what fake traffic is. 
  • Spread the traffic. In some situations, only a load balancing technique could be enough to distribute the fake traffic. That way, the DNS servers are going to share the load and withstand the attack. 
  • Activate Failovers. If one of your servers goes down, it is going to inform you about the event. In addition, it is going to redirect the traffic to the remaining DNS servers. You won’t need a human operator to accomplish that, and it is going to be performed automatically. 

​Why should you get DDoS protected DNS?

  • Downtime. If you decide to implement DDoS protection, your servers are going to handle a lot more traffic even under a DDoS attack. So, as a result, the downtime is going to be significantly less. Your customers won’t be bothered to reach your application or website. 
  • Easy to manage. Basic DNS knowledge is all you need, and it will be very simple. You just have to set it up, and from there, the monitors and failover tool are able to operate by themselves. Just in cases when the attack is very strong, your IT team and the customer service of the DNS provider together are going to have to fight the DDoS attack. 
  • Great performance. The DNS service provider could give you a better distribution of traffic. Your website or application is going to remain available for your visitors even under attack. That way, the productivity, and performance are excellent.
  • It is more profitable. Downtime could cost a lot. Imagine your services or a website not being available for your customers. You are going to lose a lot of potential purchases and earnings. So, you see that DDoS-protected DNS service is really worth it. 
DNS

Benefits of using a Secondary DNS zone

What is a Secondary DNS zone?

The Secondary DNS zone represents a read-only copy of the DNS data (DNS records)of the Primary (Master) DNS zone. You could find it also called Backup or Slave DNS zone. It is very important to note that for the various DNS records, for instance, A, AAAA, MX, TXT records, and many more, it is not possible to add them directly into the Secondary DNS zone. 

Why is a Secondary DNS server important?

The only method for the Secondary DNS zone to obtain the DNS data is by getting them from the Primary (Master) DNS zone of the DNS server. For that purpose, it is necessary a process called DNS zone transfer to be completed. 

The Backup DNS zone can serve in several ways, yet one of the main ideas for creating it is for backup. That way, if, for some reason, your Primary DNS zone is not operating, that won’t bother you. Your Backup DNS zone is going to assist in such situations and answer the requests thanks to its copy.

Benefits

Redundancy: In case your Primary DNS zone is incapable of answering, the Slave DNS zone will provide redundancy. If there is no Secondary DNS zone, if the primary DNS zone fails, your website is going to become unavailable, and users won’t be able to access your content.

Build a reliable DNS management: DNS servers that store the DNS zones could become victims of security threats. The one that is most commonly used is Distributed Denial of Service attack (DDoS attack). By setting up a DNS provider with DDoS protection and placing your Slave DNS zone there, you could protect yourself from malicious DDoS attacks.

Distributing the load: When you add a Slave DNS zone, you could provide a faster response to DNS queries. 

DNS zone transfer – Types

The process called DNS zone transfer is an easy and simple task to complete. It makes a duplicate of the DNS data (DNS records) created in the Primary DNS zone to the Secondary DNS zone.

There are two types of DNS zone transfer that you could make:

  • Full zone transfer (AXFR zone transfer). With this type, you could make a copy of all the DNS records from the Primary DNS zone to the Secondary DNS zone. It is great to use it when you haven’t updated the Secondary for a long period of time, and you want to be sure that everything is up to date. Another case when it is commonly used is for a new Backup DNS zone, and you have to import the entire information.
  • Incremental zone transfer (IXFR zone transfer). This type is very useful when you want to update only the latest changes in your DNS information from your Primary DNS zone to the Slave DNS zone. That way, only the modifications will update, and it is going to use fewer network resources. It is easy and practical!
DNS Network

The Ultimate Guide to DNS Propagation

What does DNS propagation mean?

DNS propagation is a process that includes updating and spreading the new changes and adjustments you create in your Domain Name System (DNS). They have to be distributed across the entire network. 

Why the DNS propagation takes so long?

Managing your online business or administrating a network involves constant changes on the DNS. Some of the possible scenarios are when you have to add a new DNS record, delete or change some other DNS records, also replace IP addresses. Maybe you desire to make some adjustments on the TTL (time-to-live) values, redirect your visitors to a specific subdomain, or add an SSL certificate. These are only for illustration of how many different modifications of your DNS could appear. 

Actually, no matter what changes you desire to make, all of them are going to be stored on your authoritative DNS server. However, the network has many more DNS servers, like recursive DNS servers, positioned in different locations globally. Each one of these servers has to receive the updated data because if that doesn’t happen, they are going to have some difficulties operating properly. All of those DNS servers have a fundamental part of the DNS resolution process.

How does the DNS propagation work?

For several situations, DNS changes are required. Typical cases are when you desire to make some renovation to your website or when you migrate to a new DNS hosting provider. Different circumstances that can need it are redirecting from the primary domain to subdomains or implementing services, such as FTP and email. All of these circumstances incorporate activities, such as creating, editing, or removing DNS records

The administrator is going to make these corrections directly on the authoritative DNS server. Once the modifications are ready and saved inside it, it is time for the DNS propagation process to happen. That requires every DNS server on the network to obtain a copy with the latest DNS records. 

The DNS propagation process is rolling, although that doesn’t mean that it occurs simultaneously for all servers. 

How to check it?

Here you have three options to make a check on the DNS propagation. Decide depending on your operating system (OS).

For Linux and macOS users, here you have the Dig command.

First, open your Terminal, and next write: 

dig domainname.com 

It will trigger a lookup for an A or AAAA record. As a result, you are going to view the IP addresses of your website. If they have changed, DNS propagation is completed. If they haven’t, it will require a little more time.

*Replace with your domain name and TLD instead of the ones in the example.

For Windows 10 users, here you have the Nslookup command.

Open the Command Prompt, and then type: 

nslookup domainname.com

Once again, the lookup result is going to show out if your website’s IP addresses have changed or not.

*Replace with your domain name and TLD instead of the ones in the example.

Online checkers of DNS propagation.

You could use online tools for making DNS lookups to review data associated with your domain name. In addition, you can examine if the DNS modifications you created have been updated. 

DNS DNS records

Top 5 DNS record types for starters

In case you are just starting to manage your DNS, these top 5 DNS record types are fundamental to know. So, let’s explain a little bit more about them.

A record

The A record is also commonly called address record, and it is perhaps the most popular of all DNS record types. Its purpose is to link a domain name to its corresponding IP address (IPV4 address). When a user makes a request for a particular domain name, exactly the A record is needed to show the accurate IP address.

Although it is a very simple DNS record, it is a crucial part of the DNS configuration. Your domain name could not be resolved without this type of DNS record (or AAAA record). Moreover, your users are not going to be directed to the correct location.

SOA record

SOA record is another critical DNS record that symbolizes the start of authority. It holds administrative information about the zone. It is the first DNS record that a DNS zone file includes, plus it establishes the general properties of that zone. It also holds data concerning the DNS zone transfers, such as the refresh rate, the retry rate, and the administrator’s email.

The SOA record serves as a control record with a serial number and shows if there is a new update. Once the Secondary DNS servers detect a change in the number, they are going to update and receive the latest data.

NS record

The NS record is another very basic DNS record. NS stands for the nameserver, and it is similar to an ID card for the nameserver. The NS record describes which name server is accountable for the particular DNS zone. If such a record is not available, the zone won’t be able to work.

MX record

Another piece of the essential DNS record types, the MX record, which comes from Mail Exchanger record. Its purpose is to point the email server accountable for receiving emails for a specific domain name. It contains the domain name pointing to the hostname of the incoming mail server. Note that it has to point to a hostname and not to an IP address.

By establishing multiple MX records with different priorities, you could set a backup in case some failures occur. It is vital for you in order to receive emails properly.

CNAME record

The CNAME record shows an actual, canonical domain name for the domain or subdomain. It is commonly used when we are talking about subdomains. By implementing this DNS record type, you are going to be able to manage and administrate your Domain Name System as easily as possible.

The way to achieve that is by simply adding a CNAME record for each of your subdomains and pointing it to the domain name. As a result, each time you complete any changes or adjustments to your domain, they will occur to your subdomains too. That is going to save you a lot of time!

Related article: PTR record: Why should you care about it?

DNS

Getting started with Dynamic DNS

The administration of a domain or a network is a tough and full-time job. We frequently talk about IP addresses, and they are a good example. Just to administrate them and execute all the tasks related to them can take a lot of time. Therefore, technology has been developed, helpful tools to be in charge of such tasks and to give administrators a breathe.

What’s Dynamic DNS? 

Dynamic DNS (DDNS) is a method that allows you to update a name server automatically and frequently. DDNS can update almost in real-time, IP addresses whenever they change, and their associated A or AAAA records. So your administrator doesn’t have to do it manually!

Yes, IP addresses change constantly. As a common user, for sure, you don’t realize it, but businesses do. Think, for instance, a business that supplies one or more services via the Internet. All those changes represent the risk for its clients not getting access to the service and suffering downtime because they try with an IP address that’s not valid anymore.

If a business uses a consumer Internet provider and what’s to offer a service, it will have a lot of work to do. Work like having a person in charge of monitoring and changing the IP address manually when the Internet service provider (ISP) changes it. 

If you wonder why ISPs make such changes, there’s an explanation. They have a pool of IP addresses, meaning a limited number of them for working. Consider the number of clients they have and that a unique IP address is required for a single device connected to the network. They have to administrate this resource really smartly not to fail while supplying the service to their clients. 

Another choice is to pay for a static IP address, but this is high-cost. Not all businesses can afford it. 

And of course, they can use DDNS that is a more affordable, even free with some providers, and comfortable alternative. Whenever the IP addresses change, their corresponding domains will be fast remapped (DNS) to keep them available for clients.

Dynamic DNS providers. 

If you already feel Dynamic DNS is the solution you were looking for, here you have some quality providers.

ClouDNS

ClouDNS has 34 DNS locations in the world, and easy to install for different OSes and network devices.

It offers a free Dynamic DNS plan that can be a solid starting point for many. But of course, there’s a Premium DNS more robust, and it starts at $2.95 monthly if your needs are bigger. 

Dynu

Dynu provides a free service! 12 nameservers worldwide, intuitive web-based control panel, easy to install, and convenient features. Most DNS records (A, AAAA, MX, CNAME, SRV, SPF, KEY, etc.), locations, wildcard alias, web redirect, offline settings, etc. 

No-IP 

No-IP has a free plan and paid ones. The free plan can feel tight, supporting only some DNS records and allowing only 3 hostnames that you must confirm every 30 days. The paid plans are a different story, with much more features by paying $24.95 or $29.95 yearly.

Top Affordable Premium DNS Hosting providers

Conclusion.

Getting Dynamic DNS can solve you a lot of IP addresses issues. It reduces human errors related to the manual management of this resource. And it’s a much more affordable service than having static IP addresses. Keep your business running by hiring a quality provider and without compromising your budget!