**DNS – Summary**

* **Definition**
  The **Domain Name System (DNS)** allows communication on the Internet without needing to remember numeric IP addresses.
  Each device online has a unique **IP address** (e.g., `104.26.10.229`).
  DNS acts like a **phone book**, translating human-readable names (e.g., *tryhackme.com*) into IP addresses.

---

### **Domain Hierarchy**

1. **TLD (Top-Level Domain)**

   * The final part of a domain (e.g., `.com` in *tryhackme.com*).
   * **gTLD:** generic domains (.com, .org, .edu, .gov).
   * **ccTLD:** country-specific domains (.it, .uk, .ca).
   * Thousands of new gTLDs exist (.online, .club, .biz, etc.).

2. **Second-Level Domain**

   * The part just before the TLD (e.g., *tryhackme* in *tryhackme.com*).
   * Up to 63 characters; can use letters, numbers, and hyphens (but not at the start, end, or consecutively).

3. **Subdomain**

   * Comes before the main domain (e.g., *admin.tryhackme.com*).
   * Follows the same rules as second-level domains.
   * Multiple subdomains are allowed (e.g., *jupiter.servers.tryhackme.com*), but the total length must be under 253 characters.

---

### **DNS Record Types**

1. **A Record** – Maps a domain to an **IPv4 address**.
2. **AAAA Record** – Maps a domain to an **IPv6 address**.
3. **CNAME Record** – Points one domain to another (e.g., *store.tryhackme.com → shops.shopify.com*).
4. **MX Record** – Specifies **mail servers** for a domain, including a **priority value** for failover.
5. **TXT Record** – Stores free-form text data, used for:

   * Domain ownership verification.
   * Email authentication (SPF, DKIM, DMARC) to prevent spam/spoofing.

---

### **How a DNS Request Works**

1. **Local Cache Check**

   * Your computer checks its local DNS cache first.
   * If no match is found, it queries the **Recursive DNS Server** (usually your ISP).

2. **Recursive DNS Server**

   * Checks its own cache.
   * If no record is found, it contacts the **Root DNS Servers**.

3. **Root DNS Servers**

   * Direct the query to the correct **TLD Server** (e.g., for `.com`, `.org`, `.it`, etc.).

4. **TLD Server**

   * Provides the location of the **Authoritative DNS Server** for the requested domain.
   * Example: *kip.ns.cloudflare.com*, *uma.ns.cloudflare.com* for *tryhackme.com*.

5. **Authoritative DNS Server**

   * Stores the official DNS records (A, MX, TXT, etc.).
   * Sends the final answer back to the recursive server, which caches it (based on **TTL – Time To Live**) and returns it to the client.

6. **Caching and TTL**

   * **TTL** defines how long the record stays in cache (in seconds).
   * Caching improves speed and reduces repeated DNS lookups.


---

When you make a **DNS request**, your computer first looks for the address in its **local cache**.
If it's not found, the request is passed to the **recursive DNS resolver** (usually provided by your ISP or one you've chosen yourself).

1.  **Recursive Resolver**: Checks its own cache.

    *   If it finds the address → it returns it immediately.
    *   If it doesn't find it → it begins the search starting from the **root servers**.

2.  **Root Server**: Directs the request to the correct **TLD server** (e.g., for `.com`).

3.  **TLD Server**: Indicates which is the **authoritative nameserver** for the requested domain.

4.  **Authoritative Nameserver**: Contains the official **DNS records** (A, MX, CNAME, etc.) and sends them to the recursive resolver.

5.  **Caching**: The recursive resolver saves the response for a period defined by the **TTL (Time To Live)** value and then returns it to your computer.

In short:
**PC → Recursive Resolver → Root → TLD → Authoritative → Recursive Resolver → PC**, with the results temporarily stored to avoid new lookups.

---