56.8 DNS Domain Name System

20220129

The Internet’s domain name system (DNS) is used to convert readable host names, like google.com, to a numeric IP (internet protocol) address like 172.217.10.14. The human readable host name is called a fully qualified host name or FQDN. This is what we see in our browser URL bar.

When you connect your computer to the network a connection to a DNS server somewhere on the Internet is also set up. The server makes it possible for your computer to do this translation. The IP address is the actual address of a computer that the Internet understands

A DNS server is often run by your internet service provider (ISP). This means that they can collect your metadata. This is the data about who you are looking up and when. Your ISP may analyse it themselves or even share it with third parties, perhaps even for advertising. Knowing what names you look up can be quite useful in quite accurately profiling you and your interests.

A privacy protecting and reputably fast DNS server is available at the IP address of 1.1.1.1 with a secondary address of 1.0.0.1. This is run by the network provider cloudflare in collaboration with the Asia Pacific and Oceania regional internet address manager known as APNIC. These DNS servers link to a pool of DNS servers which themselves will have IP addresses different to 1.1.1.1 (check using https://www.top10vpn.com/tools/what-is-my-dns-server/).

OpenDNS is another free public DNS server at 208.67.222.222 and 208.67.220.220. Google also have one at 8.8.8.8 and 8.8.4.4.

Privacy is enhanced further with encrypted DNS lookup through DNS over HTTPS as covered in Section 56.10.

To check which DNS server is in use the dig command can be helpful. Below 1.1.1.1 is identified as the DNS server.

dig google.com  | grep SERVER:
;; SERVER: 1.1.1.1#53(1.1.1.1)

To check which DNS server is in use the web site http://www.whatsmydnsserver.com can also be useful.

From the command line the Network Manager (NM) application for Linux provides the nmcli comman line tool. In the examples below replace the computer’s interface name (which is wlp0s20f3 in this example) with the name of the network device for the computer. If connected by an ethernet cable to the router then the interface name is often eth0. The following will list network interface names (see Section @ref(networking.interface.name) for details):

sudo lshw -class network -short

To check which DNS server is currently in use from your command line:

nmcli device show wlp0s20f3 | grep -i DNS

If you have multiple connections (WiFi and Ethernet) then try this command line:

$ systemd-resolve --status

To check who the IP address of your DNS server belongs to try:

$ nmcli device show wlp0s20f3 | grep -i DNS | head -1 | cut -d: -f2 |
  awk '{print($1)}' | xargs whois | egrep -i 'org-?name'


Your donation will support ongoing availability and give you access to the PDF version of this book. Desktop Survival Guides include Data Science, GNU/Linux, and MLHub. Books available on Amazon include Data Mining with Rattle and Essentials of Data Science. Popular open source software includes rattle, wajig, and mlhub. Hosted by Togaware, a pioneer of free and open source software since 1984. Copyright © 1995-2022 Graham.Williams@togaware.com Creative Commons Attribution-ShareAlike 4.0