DNS

• DNS Server
• dig - DNS Lookup Utility
• What's DNS
• DNS Online Tools

DNS Server

Tutorials

DNS over HTTPS (DoH)

• How to install dnscrypt proxy with adblocker on Linux

Secure DNS

• DNS settings to avoid email spoofing and phishing for unused domain - nixCraft (cyberciti.biz)
• How to test and validate DNSSEC using dig command line - nixCraft (cyberciti.biz)

Adguard Home

• GitHub - AdguardTeam/AdGuardHome: Network-wide ads & trackers blocking DNS server

NSD

An authoritative-only DNS server

• NSD Tutorial Updated for 2024: Now With Zone Transfers! - LowEndBox
• How To Use NSD, an Authoritative-Only DNS Server, on Ubuntu 14.04 | DigitalOcean

Pi-hole

Pi-hole - A DNS-based advertisement blocker

• How to Set Up Pi-hole to Get an Ad-free Life

docker-compose.yaml :

pihole:
    image: pihole/pihole:latest
    container_name: pihole
    restart: always
    ports:
      - "53:53/tcp"
      - "53:53/udp"
    dns:
      - 127.0.0.1
      - 1.1.1.1
    environment:
      TZ: 'America/Chicago'
      WEBPASSWORD: 'password'
      PIHOLE_DNS_: 1.1.1.1;9.9.9.9
      DNSSEC: 'false'
      WEBTHEME: default-dark
    volumes:
      - '~/homelabservices/pihole/pihole:/etc/pihole/'
      - '~/homelabservices/pihole/dnsmasq.d:/etc/dnsmasq.d/'
    networks:
      - pihole

networks:
  pihole:
    driver: bridge
    name: pihole

dig - DNS Lookup Utility

The dig is a powerful CLI to find out information about domains and IP addresses without using any 3rd party tools or websites. 

01. What is the website’s IP address?

dig apple.com

 02. How do you identify the name servers(NS) associated with a domain? 

dig NS apple.com +short 
dig NS com. +short

03. Which eMail Servers(MX) are responsible for a domain? 

dig MX apple.com +short

04. Finding out the domain name associated with the IP address (reverse IP lookup) 

dig -x 1.1.1.1 +short 
dig -x 8.8.4.4 +short

05. Finding out the delegation path for any DNS zone (learn how DNS works) 

dig apple.com +trace

06. Finding out DNS answers from specific cache resolver (e.g. Cloudflare [1.1.1.1], Google DNS [8.8.8.8], IBM and so on for cyberciti.biz domain) 

dig A cyberciti.biz @1.1.1.1 +short 
dig A cyberciti.biz @8.8.8.8 +short

07. Finding out the cache expire time (TTL) for DNS 

# AAAA is for IPv6
dig A www.cyberciti.biz +nocmd +noall +answer +ttlid 
dig AAAA www.cyberciti.biz +nocmd +noall +answer +ttlid

08. Finding if a zone is synchronized with all authoritative name servers (look for serial number) 

dig nixcraft.com +nssearch

09. What is my public IPv4 or IPv6 address? 

dig TXT o-o.myaddr.l.google.com @ns1.google.com +short 
dig TXT ch whoami.cloudflare @1.0.0.1 +short

10. Getting help about the dig command 

man dig

11. Finding out the IP address associated the domain name.

dig yahoo.com +short | sort -V

 

 

What's DNS

Tutorials

• What is Round-Robin DNS? - GreenCloud
• What is a DNS Amplification Attack? - GreenCloud
• DNS Failover: How does it work? - GreenCloud

How DNS Works

DNS Record Type

DNS Online Tools

DNS Check

• DNS Check
• DNSChecker
• Google Admin Toolbox Dig
• Google Admin Toolbox Check MX
• Nslookup.io

SPF/DKIM/DMARC Check

• Postmaster Tools (google.com)