Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Managing Mission - Critical Domains and DNS

You're reading from   Managing Mission - Critical Domains and DNS Demystifying nameservers, DNS, and domain names

Arrow left icon
Product type Paperback
Published in Jun 2018
Publisher Packt
ISBN-13 9781789135077
Length 368 pages
Edition 1st Edition
Concepts
Arrow right icon
Author (1):
Arrow left icon
Mark E.Jeftovic Mark E.Jeftovic
Author Profile Icon Mark E.Jeftovic
Mark E.Jeftovic
Arrow right icon
View More author details
Toc

Table of Contents (17) Chapters Close

Preface 1. The Domain Name Ecosystem FREE CHAPTER 2. Registries, Registrars, and Whois 3. Intellectual Property Issues 4. Communication Breakdowns 5. A Tale of Two Nameservers 6. DNS Queries in Action 7. Types and Uses of Common Resource Records 8. Quasi-Record Types 9. Common Nameserver Software 10. Debugging Without Tears – DNS Diagnostic Tools 11. DNS Operations and Use Cases 12. Nameserver Considerations 13. Securing Your Domains and DNS 14. DNS and DDoS Attacks 15. IPv6 Considerations 16. Other Books You May Enjoy

Preface

Domain names and DNS can be thought of as the basic foundation of the internet. If you want to explain how important DNS is to somebody, you might find the following useful; this has been my "30-second elevator pitch" about DNS for close to 20 years now:

"Everytime you send an email; visit a web page; type or receive an instant message, text or SMS; place a VoIP call (or a Skype call), or do anything else involving the internet, it cannot happen until a bunch of computers around the internet have a conversation about it:
  • Where does this email need to be delivered?
  • What server is holding the file that this web browser is asking for?
  • Where is the VoIP gateway that needs to route this call?
These conversations happen very quickly, typically in under 100 milliseconds (less than a quarter of the time it takes you to blink), and typically involve, at a minimum, 3 or 4 disparate servers around the globe. None of those servers have anything to do with the actual email, web page, or application being routed.

These special computers are called nameservers, and without them, absolutely nothing would happen on the internet.

What is interesting about DNS, given its importance, is how overlooked it is in the overall scheme of IT. Similarly, domain names (the logical naming entities that anchor DNS lookups) are often the most profoundly misunderstood facets of IT as well, even by otherwise advanced technical personnel.

For some reason, DNS and domain names seem to be a blind spot in many organizations' infrastructure. As we have fondly quipped since our early days as a managed DNS provider, "DNS is something nobody cares about …until it stops working".

It never fails to amaze me that a company can spend thousands, hundreds of thousands, even millions of dollars on redundancy, high availability, firewalls, disaster recovery plans, and even cyberthreat insurance, and yet the entire technical infrastructure of the organization is held up by a couple of unpatched, forgotten nameservers gathering mold in a closet somewhere. Often, this can be the case without a given company being aware of it, because they simply allow their (pick one) web host, registrar, ISP, data center, or some other vendor to handle the DNS for them, perhaps as part of a bundled offering, and they have absolutely no knowledge of the state of the DNS infrastructure deployed by that vendor.

Following on from that theme, perhaps the DNS infrastructure may be beyond solid: anycast deployments, DDoS mitigation, hot spares, uptime monitoring, and 24x7 NOC support; but the portfolio of domain registrations are managed haphazardly or on an ad hoc basis. The smooth running underpinning of the organization is ripe for disruption by an unintentional domain expiry or a domain registration getting "slammed".

Truth be told, I am not a DNS expert per se, unless you use Neils Bohr's definition of an expert as "somebody who has made all possible mistakes within a very narrow field".

What I am is somebody who came up the DevOps side and then wound up running a business in the DNS and domain space for nearly 20 years. In that time, I've been dealing with all manner of use cases and customer profiles, and I've seen almost every DNS and domain-related failure condition imaginable.

lock icon The rest of the chapter is locked
Next Section arrow right
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image