Amazon AWS Certified Advanced Networking Specialty – Advanced Route53 Configurations

  • By
  • January 16, 2023
0 Comment

1. Introduction to DNS

Hey everyone and welcome back. So today we’ll be speaking about a very important topic called as Domain Name Systems. Now, domain name system is considered as one of the backbones of the internet. And I am pretty sure that many of you might have heard about DNS as a term in lot of instances. So the reason, reason why it is considered as one of the backbone of the internet is the same reason why there are a lot of major attacks that happens on the DNS in order to slow down the overall internet speed. So if you’ll see in the first article, you see biggest DDoS attack in history slows Internet breaks record of 300 Gbps. That’s quite huge. And on the other aspect as well.

So a lot of hackers or lot of attackers tries to attack the DNS server so that the things go a bit slow and we’ll understand why and what is the importance of DNS and how attack on DNS can slow down the entire process. So let’s understand with a simple example. So in a phone, specifically when you store a number, there are two important aspects that happen. First you have to store a name, that is the first aspect. And second is you have to store an associated number. So you have Mr. A and there is an associated number with the Mr A. Second you have Mr. B, you have associated number, you have Mr. C and you have his associated number. So whenever you want to call someone, what you do is you go to a contact list and you click on a specific contact and it will automatically start calling. So you don’t really have to remember every person’s number.

So generally whenever you get a SIM card you get an associated number. But it is not really as far as humans are concerned, remembering numbers is not a very idle way. We remember names much more faster. And this is the reason why what happens in a phone book application is that there is a mapping between name and a number. So humans, we remember the name and computers as they’re good with numbers, they store the numbers and the phone book application does a mapping between a name and a number. I hope you understood the basic concept on how the phone book application really works. So in a similar way, DNS also works.

So if you talk about internet or servers, everything is based upon numeric system. So every server has a specific IP addresses. So you have an IP address for Google. com server, a different IP address for@yahoo. com server. Similar to how a phone number works, every person has a different phone number. You cannot have the same number for two different people. Similarly, every website or every networking device in the internet has a unique IP addresses. So Google. com might have this IP address, facebook might have this IP address@yahoo. com, might have this specific IP address. And since humans are not good at remembering these IP addresses. What happened was there came a need for having a mapping between a name and the IP addresses. And the software which does this specific mapping between name to IP address is called as the DNS. So what really happens is DNS servers are responsible for translating or converting a domain name to IP address.

So you supply the domain name to the DNS server and DNS server will respond you with the corresponding IP address associated with the domain name. So let’s do one thing. Let’s go ahead and try this out and look into how this would really work. So let me just show you. I’ll be promoting my website. By the way, this would be blog. So I have a blog called a Zelbura. com. Now, again, since we are not putting an IP address, I don’t really remember the IP addresses, right? That’s why DNS is introduced. So I’ll press Enter and now what you will see is that you will see the entire website is getting loaded. Or I would say the entire blog got loaded. Now, in the back end there are a lot of things which had happened and everything began with a DNS. Because unless and until you do not get the IP address associated with Zeelbora. com, you cannot really do anything. So let’s do one thing. Let’s run a Nslookup on Zealbora. com and I’ll press Enter. And what exactly is happening over here is that it gave us a corresponding IP address associated with a domain Zealboura. com. And this is exactly the first process that happens. Now, this entire process is based on request and response where my client, which is Nslookup, sent a request to the DNS server asking for the IP address associated with Zilbora. com.

And the DNS server gave the response of the IP address which is associated with the domain name very similar to a phone book application, right? You click on the contact list and it will give you a phone number very similar to that. So this is the basic about how it really works or how DNS really is. In the next lecture, we’ll actually look into what happened behind the scenes as far as the packet capture is concerned when we ran an Nslookup command.

So this is it. Most of the applications which deals with domain name has the capability to resolve the corresponding IP address. So if you even do a ping on Zillbora. com, ping will actually resolve the IP address associated with Zealbora. com and it will do a ping on the IP address. So if you see over here, if I do a ping on Zillowbora. com, what really happened was it resolved the IP address associated with the domain name and then once it resolved the IP address, it is actually sending the request on a specific IP address itself. So this is it. About this lecture, I hope you understood the basic on what a DNS is all about. We’ll be studying in depth about how DNS really works behind the scenes. So this is it, about this lecture. I hope this has been informative for you, and I look forward to see you in the next lecture.

2. Traffic packet capture of DNS packets

Hey everyone and welcome back to the Knowledge Pool video series. Now in the earlier lecture we discussed the basic about what DNS is all about. Now in today’s lecture what we will do is we will study about the internal workings on how the query is being made and how the response has been received in terms of packet analysis. So let’s just revise. Now in the earlier lecture we had run a command called Nslookup on our domain name which is Zelvora. com. Now in the answer you have, you got the answer associated with Zeelvora. com which is 139 dot 162, dot 21 dot 95 so this is the IP address associated with Zilbora. com. Now what is the DNS server which gave us this specific answer and the DNS server is this specific IP address. So if we want what we can actually do is we can do a query on the specific DNS server itself. So there are various DNS servers which are available. So this is one DNS server, this belongs to Linode. I can also query to another DNS server.

So this is the Google DNS server and in both the case if you see the answer that you will get will be the similar ones. Now we’ll discuss more into detail related to all these things in the upcoming lecture. But in today’s lecture I wanted to show you a few interesting things as well as important ones. So there is one more command called Dig which does similar things but Dig provides much more systematic and much more detailed output. So if you do a Dig on the domain name which is Zilbura. com, there are two important things to remember. You get a very nice output. Now there are two important sections over here, one is the question section over here and second is the answer section. So in the question section you will see the question is Zeelvura. com. So this is the question which is being asked to the DNS server and the DNS server gave an answer to this and the answer is the IP address. Now, along with this, Dig also shows various interesting things like the query time which is one millisecond. It tells the details related to which DNS server the question was asked to and the DNS server is this specific one. Perfect. Now this is what we see as a front end but when you talk about back end, there are a lot of interesting things that happened when we look into the packet capture. So we’ll open up the wireshark and we’ll see on how exactly this would really work. So I’ll type wireshark and this is the wireshark application. Perfect. So now here you will see there are three interfaces which are present. One is WiFi and two are related to the virtual machine. Now in our case, since we’ll be using WiFi, you see there are a lot of wireless packets that you will see over here. So this is something that we’ll be doing. Now before that, I have a terminal over here. So this is the Windows Terminal. Now, if you just do a NS lookup in the Windows Terminal, it will basically give you the IP address of the DNS server. This is the default DNS server to which the request will be made. Now, in my case, this DNS server belongs to my ISP my Internet service provider, which I’ll be using. So just keep this in mind. We’ll understand this in later details anyway. So let’s do one thing. Let’s start the packet capture.

I’ll select the WiFi interface and I’ll click on the Start packet capture and this is the region where the packets will be displayed. You see there are already certain packets which are coming. This belongs to various things like your browser and there are various applications which are running. So I’ll do Nslooka and let me do Kplabs in this time and you see I got a response and this is the IP address associated with Kplabs in. Perfect. So this was a front end. Now let’s look into the back end, back end. There are a lot of interesting things that has happened. So if you type DNS over here and there are a lot of other DNS queries. We are specifically looking into the DNS query which is associated with Kplabs in, which is this specific one. So this is the standard query.

So you see standard query and after that you have a standard query response. So this is the question section and this is the answer section. So let’s go ahead and click on the standard query. Now in the source you see this is the source IP address. So this is my laptop’s IP address and destination. This is the IP address of the DNS server. So if you go to the domain name, you’ll see the type is standard query. And in here the questions is one. That means one question has been asked and what is the question which has been asked is presented under the query which is what is the IP associated with KP labs in? So this is the question which is being asked. Now let me just minimize and this is the question which has been asked by my laptop’s IP address to the DNS server. Now, in response to this, the DNS server has given an answer. You see, DNS server has given a response.

If you just maximize this and in the response section, let me just show you in the response section, if you will see in the answer section it has given me an answer saying that the IP address associated with Kplabs in is 102, 819-9241, 125. And what tools like Nslookup or Dig does is it takes this specific value and it will display this specific value in the screen. Now, Wireshack does a very nice thing like you don’t really have to open this up. It will give you a brief summary in the info section itself where this packet is a standard query, where the query is made for Kplabs in and the second packet is standard query response. It tells the response for Kplabs in and also the answer which is 102, 819-9241, 125. Perfect. So I hope you got the basic on what really happens behind the scenes when you do a DNS based lookup. Now, there is one more interesting thing that I would like to show you. Let’s just start this up. So we’ll just revise on what we have seen where we have a DNS client over here. So this DNS client can be a browser or it can be a Nslookup tool or a Dig or various other tools and you have a DNS server. Now, a DNS client will send a request to the DNS server and this request will be like what is the IP address of KP Labs in? So this is called as the standard query. Now, this will be sent to the DNS server. DNS server will check the IP address associated with kplabs dot in and it will send a response back saying the IP address is 128, 199, dot 241, dot 125. So this is a very highlevel overview on how exactly the standard query and standard response work. There are lot of other details which happens behind the scenes which we’ll be discussing in the subsequent lectures.

3. Understanding DNS Records

Hey everyone and welcome back to the Knowledge Port video series. Now, in the previous few lectures we have been discussing the Basic about DNS and we also looked into the wireshark packet capture to understand the DNS standard query and standard response. So, continuing with our lectures on DNS, today we will be speaking about DNS records. Now, understanding DNS record is very important because in real world environment this is something that you will be mostly working with. So let’s get started. Now, in a very simple terms, DNS records are basically mapping files which are stored in a DNS server. We’ll discuss about this point when we go ahead with a practical demo. So for example, you have a Kplabs in. The Kplabs in is associated with a specific IP address. Similarly, you have a sub domain called IPA kplabs in which is associated with one more IP address. You have spacewalk kplabs in which is also associated with a different IP address. So what you have is you have three records over here. So this is the first record, you have a second record and you have third record.

Now, these records are basically stored in a DNS server. So let’s just look into the Basic working like we did in the earlier lecture. So you have a DNS client, you have a DNS server. DNS client will send a request which is a standard query asking what is the IP address of Kplabs in? Now, how will DNS Server know what is the IP address of a Kplabs in? And the answer is DNS server has a table or it has a database which contains various records. So you have a record one which is Kplabs in and there is a mapping. So the mapping associated with a domain is an IP address over here. So what DNS server will do, DNS server will query the underlying table. Now, when a client says what is the IP address of KP labsor in? DNS server will go ahead and look. The IP address is 102 819-924-1125 and then it will respond back this specific value to the client perfect.

Now let’s look into how this specific console really looks like. Let me show you so I have a domain Kplabs in which we were discussing and this is the table which is associated with kplabs in domain. So if you see over here kplabs in and in the answer there is the IP address which is associated over here. So if you do let me show you, if you do a NS lookup Kplabs in, you will get the IP address which is present over here one 2819-924-1125 and similar is the IP address that you will find over here. Let’s do one thing if you see, if you do Ms lookup, I’ll say demo Kplabs in and you see I cannot really find a specific answer. Now, the reason to this is because there is no specific value which is associated with demo kplabs in. So if I just do demo kplabs, I cannot really find anything. So let’s do one thing. I’ll create Demo kplabs in and let me give a random IP address and I’ll click on Add Record.

Okay? So now there is one record which is added. Along with that, if you see over here I have various other records which are created. This is a record NGINX kplabs in and it has a specific IP address. You have IPA kplabs in and you have a specific IP address. So let’s do one thing. Let me try to do NS. Lookup again on Demo kplabs in and this time you will see that I got the answer. Now I hope you are understanding on how this really works. So this DNS server associated with KP lab in has a backend file mapping. And this file mapping looks something similar to this. This is a gui. And as soon as we added, or when we do a lookup for demo kplabs in, the DNS server will respond back with the Answer.

So this section is called as the Answer and it will respond back with the value which is stored in the Answer section. Perfect. So this is the basic that I really wanted to show you related to DNS records. Now, if you’ll see over here there are various type of DNS records. Over here you have DNS record, you have A, you have TXT, you have MX. Then if you have NS, and there are various DNS records which are present over here. So I’ll just forward this and we’ll go to the DNS record. So there are various types of DNS records. Each of the DNS records serves a specific purpose. So again, we have discussed that there are various types.

You have A, you have four times A, you have CNAME, alias MX, you have NS, ptrso, TX, The, SRAV, and many others. So each of these DNS records solves a specific purpose. And when we work in a real world scenario, we have to understand on what type of DNS record will be needed for our organization. And this is very important because whenever you work in practical point of view, you will be working on the DNS record type. Like generally, whenever you create a record, you have various DNS record that you have to select. And if you do not really select the right type, then it will not work. So let me give you an example. Let’s say I’ll say Demo One. And here I’ll copy say Zeelbora. com. I’ll put Zeelbora. com here in the answer section and I’ll click on Add record. And now here you see the Record Answer field is invalid. So every record type which is present has a specific format that has to be present in the Answer section. You cannot really put any random format.

So as far as the A record is concerned, you need to have an IP address only. So if I change it to C name. And if I click on Add record now, you will see that it has taken this specific value. So I hope you understood the basic about the DNS records and what are the DNS record types which are present. The last thing I would like to show you is that there are DNS which is unique. So there are various websites from which you can buy the domain names from. You have GoDaddy, you have name. Personally, I really like Name. com because it is very systematic and I prefer Name. com, but I have my domains in GoDaddy because first time when you buy, it is very cheap like Rs99, like $1. 5 per year for which you can buy a domain name from.

Now, one thing that you have to remember is that the domain name is unique. So if I do a Zeelboro. com over here, since I have already brought Zilbura. com, you cannot really get a duplicate name. Okay? So Zealbora. com you will not be able to find because Zilbora. com is already taken. But it will show you what are the other extensions which are available, like Zelvora Tin or Zelda XYZ, et cetera, which you will be able to take once you buy this domain. Then you will be presented with this specific screen which will be empty and you will be filling these specific records according to your requirements. So I would really encourage you to buy a domain. Again, it is very cheap. First time, if you’ll buy, it cost us one dollars. So go ahead and buy the domain and this will really help you understand on how things really.

Comments
* The most recent comment are at the top

Interesting posts

The Growing Demand for IT Certifications in the Fintech Industry

The fintech industry is experiencing an unprecedented boom, driven by the relentless pace of technological innovation and the increasing integration of financial services with digital platforms. As the lines between finance and technology blur, the need for highly skilled professionals who can navigate both worlds is greater than ever. One of the most effective ways… Read More »

CompTIA Security+ vs. CEH: Entry-Level Cybersecurity Certifications Compared

In today’s digital world, cybersecurity is no longer just a technical concern; it’s a critical business priority. With cyber threats evolving rapidly, organizations of all sizes are seeking skilled professionals to protect their digital assets. For those looking to break into the cybersecurity field, earning a certification is a great way to validate your skills… Read More »

The Evolving Role of ITIL: What’s New in ITIL 4 Managing Professional Transition Exam?

If you’ve been in the IT service management (ITSM) world for a while, you’ve probably heard of ITIL – the framework that’s been guiding IT professionals in delivering high-quality services for decades. The Information Technology Infrastructure Library (ITIL) has evolved significantly over the years, and its latest iteration, ITIL 4, marks a substantial shift in… Read More »

SASE and Zero Trust: How New Security Architectures are Shaping Cisco’s CyberOps Certification

As cybersecurity threats become increasingly sophisticated and pervasive, traditional security models are proving inadequate for today’s complex digital environments. To address these challenges, modern security frameworks such as SASE (Secure Access Service Edge) and Zero Trust are revolutionizing how organizations protect their networks and data. Recognizing the shift towards these advanced security architectures, Cisco has… Read More »

CompTIA’s CASP+ (CAS-004) Gets Tougher: What’s New in Advanced Security Practitioner Certification?

The cybersecurity landscape is constantly evolving, and with it, the certifications that validate the expertise of security professionals must adapt to address new challenges and technologies. CompTIA’s CASP+ (CompTIA Advanced Security Practitioner) certification has long been a hallmark of advanced knowledge in cybersecurity, distinguishing those who are capable of designing, implementing, and managing enterprise-level security… Read More »

Azure DevOps Engineer Expert Certification: What’s Changed in the New AZ-400 Exam Blueprint?

The cloud landscape is evolving at a breakneck pace, and with it, the certifications that validate an IT professional’s skills. One such certification is the Microsoft Certified: DevOps Engineer Expert, which is validated through the AZ-400 exam. This exam has undergone significant changes to reflect the latest trends, tools, and methodologies in the DevOps world.… Read More »

img