domain-name-system interview questions

Top domain-name-system frequently asked interview questions

How the heck is http://to./ a valid domain name?

Apparently it's a URL shortener. It resolves just fine in Chrome and Firefox. How is this a valid top-level domain?

Update: for the people saying it's browser shenanigans, why is it that: http://com./ does not take me to: http://www.com/?

And, do browsers ever send you a response from some place other than what's actually up in the address bar? Aside from framesets and things like that, I thought browsers tried really hard to send you content only from the site in the address bar, to help guard against phishing.

Source: (StackOverflow)

Linux command to inspect TXT records of a domain

Is there a linux shell command that I can use to inspect the TXT records of a domain?

Source: (StackOverflow)


DNS failing to propagate worldwide

I haven't changed anything related to the DNS entry for serverfault.com, but some users were reporting today that the serverfault.com DNS fails to resolve for them.

I ran a justping query and I can sort of confirm this -- serverfault.com dns appears to be failing to resolve in a handful of countries, for no particular reason that I can discern. (also confirmed via What's My DNS which does some worldwide pings in a similar fashion, so it's confirmed as an issue by two different sources.)

  • Why would this be happening, if I haven't touched the DNS for serverfault.com ?

  • our registrar is (gag) GoDaddy, and I use default DNS settings for the most part without incident. Am I doing something wrong? Have the gods of DNS forsaken me?

  • is there anything I can do to fix this? Any way to goose the DNS along, or force the DNS to propagate correctly worldwide?

Update: as of Monday at 3:30 am PST, everything looks correct.. JustPing reports site is reachable from all locations. Thank you for the many very informative responses, I learned a lot and will refer to this Q the next time this happens..

Source: (StackOverflow)

Should CNAME Be Used For Subdomains?

I manage multiple websites that currently have the following DNS configuration:

example.com      - A Record - Production Server IP
test.example.com - A Record - Test Server IP
www.example.com  - CNAME    - example.com
beta.example.com - CNAME    - test.example.com
dev.example.com  - CNAME    - test.example.com

Is this an appropriate use of CNAME records? I've looked online and have not found a clear answer. Some people claim that CNAME records are bad (they are not, however, clear on why this is) and propose the following setup:

example.com      - A Record - Production Server IP
test.example.com - A Record - Test Server IP
www.example.com  - A Record - Production Server IP
beta.example.com - A Record - Test Server IP
dev.example.com  - A Record - Test Server IP

Which one of these is the better approach (and why)?

Note: The subdomains do not require their own MX records, so that is not an issue here.

Source: (StackOverflow)

Is Round-Robin DNS "good enough" for load balancing static content?

We have a set of shared, static content that we serve up between our websites at http://sstatic.net. Unfortunately, this content is not currently load balanced at all -- it's served from a single server. If that server has problems, all the sites that rely on it are effectively down because the shared resources are essential shared javascript libraries and images.

We are looking at ways to load balance the static content on this server, to avoid the single server dependency.

I realize that round-robin DNS is, at best, a low end (some might even say ghetto) solution, but I can't help wondering -- is round robin DNS a "good enough" solution for basic load balancing of static content?

There is some discussion of this in the [dns] [load-balancing] tags, and I've read through some great posts on the topic.

I am aware of the common downsides of DNS load balancing through multiple round-robin A records:

  • there's typically no heartbeats or failure detection with DNS records, so if a given server in the rotation goes down, its A record must manually be removed from the DNS entries
  • the time to live (TTL) must necessarily be set quite low for this to work at all, since DNS entries are cached aggressively throughout the internet
  • the client computers are responsible for seeing that there are multiple A records and picking the correct one

But, is round robin DNS good enough as a starter, better than nothing, "while we research and implement better alternatives" form of load balancing for our static content? Or is DNS round robin pretty much worthless under any circumstances?

Source: (StackOverflow)

Force dig to resolve without using cache

I'm wondering if there is a way to query a DNS server and bypass caching (with dig). Often I change a zone on the DNS server and I want to check if it resolves correctly from my workstation. But since the server caches resolved requests, I often get the old ones. Restarting or -loading the server is not really something nice.

Source: (StackOverflow)

I changed my TTL from 24 hours to 5 minutes. Do I need to wait 24 hours before changing the records?

I am migrating our app from a cloud server at Rackspace t a dedicated server.

I want to bring the application down for ~5 minutes to copy the data from the cloud server to the dedicated server, so I don't want requests going to the old server after I have copied the data.

I want to point our DNS record at the new server, but the TTL was set to 24 hours. I have changed it to 300 seconds. Do I need to wait the 24 hours before updating the ip that domain points to / copying the data?

Source: (StackOverflow)

Windows 7: "localhost name resolution is handled within DNS itself". Why?

After 18 years of hosts files on Windows, I was surprised to see this in Windows 7 build 7100:

# localhost name resolution is handled within DNS itself.
# localhost
#   ::1 localhost

Does anyone know why this change was introduced? I'm sure there has to be some kind reasoning.

And, perhaps more relevantly, are there any other important DNS-related changes in Windows 7? It scares me a little bit to think that something as fundamental as localhost name resolution has changed... makes me think there are other subtle but important changes to the DNS stack in Win7.

Source: (StackOverflow)

is a CNAME to CNAME chain allowed

Is it allowed in DNS to have a CNAME record that points to another CNAME record?

The reason we need this is that we have a hostname that we want to be looked up to the IP address of our web server computer. We also have another web server computer stand by that could be activated in case the first one would die. In such a case we would quickly need to point the hostname to the IP address of the stand by web server computer.

Unfortunately the hostname resides in a DNS domain where any change would take long time due to manual operation dependent on other sysadmins. But we have another DNS domain where we can perform the changes ourselves quickly. Having CNAME to CNAME chain seems like a possible solution. But is it allowed? Will web browsers understand it?

Source: (StackOverflow)

What is a glue record?

This is a Canonical Question about DNS glue records.

What exactly (but briefly) is a DNS glue record? Why are they needed and how do they work?

Source: (StackOverflow)

How to include multiple domains in an spf TXT Record

I am looking to setup a TXT spf record that has 2 included domains... individually:

v=spf1 include:_spf.google.com ~all


v=spf1 include:otherdomain.com ~all

What is the proper way of combining them into a single item?

Source: (StackOverflow)

What's the meaning of '@' in a DNS zone file?

I have the following data in my dns file, for my domain...

$ORIGIN mydomain.com.
@       IN      A       208.X.Y.Z
mail    IN      A       208.X.Y.Z
... etc..

what is the @ line, mean? I know what an A record is.. but a host with an ampersand at sign?

Source: (StackOverflow)

How long does it take for DNS records to propagate?

This is a Canonical Question about DNS Propagation

How long does it take for an the various types of records to propagate?
Do some propagate faster than others?
Why does it take time for DNS records to propagate and how does it work?

Source: (StackOverflow)

List all DNS records in a domain using dig?

My company runs an internal DNS for mycompany.com

There is a machine on the network that I need to find, but I’ve forgotten its name. If I could see a list, it would probably jog my memory.

How can I list all of the domain records for mycompany.com?

Source: (StackOverflow)

Why is DNS failover not recommended?

From reading, it seems like DNS failover is not recommended just because DNS wasn't designed for it. But if you have two webservers on different subnets hosting redundant content, what other methods are there to ensure that all traffic gets routed to the live server if one server goes down?

To me it seems like DNS failover is the only failover option here, but the consensus is it's not a good option. Yet services like DNSmadeeasy.com provide it, so there must be merit to it. Any comments?

Source: (StackOverflow)