DNS Glossary

DNS Terminology used in the E-Learning modules.
Show or Hide answer New Root Server

A DNS root server is a known location where the Recursive Resolver can start looking for the answer to its query.
It is known because its address is in the Recursive Resolver's memory, so the Recursive Resolver always knows how to find it. There are currently 13 root servers in the global DNS. The RIPE NCC maintains the K-root server.

Show or Hide answer New TLD (Top-Level Domain) Server

A Top-Level Domain (TLD) Server is known to the root servers. It is authoritative for TLDs (for example .com, .org, .net)

Show or Hide answer New SLD (Second-Level Domain) Server

A Second-Level Domain Server has information about specific domains which are not top level. The information about the IP address of a website resides in a Second Level Domain Server, for example ns.example.net.

Show or Hide answer New Stub Resolver

The Stub Resolver cannot query anything else other than the Recursive Resolver. The application will ask its query to the Stub Resolver and this one will forward it to the Recursive Resolver, which will get the answer from the global DNS.

Show or Hide answer New Recursive Resolver

The Recursive Resolver is the one that will get queries from a group of clients and ask around the Internet in search of the answers. It is usually a service provided by ISPs and it serves several clients. It can store answers in its memory (known as cache) for a period of time. If it receives a query whose answer is already stored in the cache, the Recursive Resolver will answer from the cache.

Show or Hide answer New Attacker

The purpose of an attack on the DNS is usually to poison the Recursive Resolver's cache. That is, to make the Recursive Resolver think that an IP address of a server belonging to the Attacker is the IP address of another website (a bank, for example). If an attack is successful it may misdirect a user to the Attacker's website, causing it to give away confidential information.

Show or Hide answer New Address (A) Record

An A record is the most common type of DNS record; it matches a domain name to an IPv4 address. There are many other types of DNS records, such as AAAA for an IPv6 address, or MX for mail servers.

Show or Hide answer New DNS

The Domain Name System (DNS) is a hierarchical distributed naming system for Internet resources. Its main purpose is to translate domain names to IP addresses.

Show or Hide answer New Authoritative Server

A DNS server is said to be authoritative when it is the one that knows the right answer to a specific query.

Show or Hide answer New Cache

The Recursive Resolver's cache is its memory where the answers for recent queries are stored. If the answer to a query is on the Recursive Resolver's cache, the Recursive Resolver will not query any other server, but will give out the stored answer.

Show or Hide answer New IP Address Matching

When the Recursive Resolver receives an answer packet it will check if it matches the IP address to whom the query was sent. The idea is to ensure that the answer came from the expected source address. However, this IP address can be faked.

Show or Hide answer New UDP Port

The Recursive Resolver is expecting the answer packet on the same UDP port from where the query was sent.

Show or Hide answer New Query ID

A Recursive Resolver generates a unique identifier (ID) for every packet that it sends. The identifier on the response packet needs to match the identifier that the Resolver generated for the query.

Show or Hide answer New TTL (Time to Live)

One of the fields in the DNS records is the TTL (Time-To-Live) field. This is the number of milliseconds corresponding to the amount of time that the Recursive Resolver should keep the answer in its memory.