0

I was quite eager to understand, how does DNS server work.

Scenario

If I do a DNS query, it reaches to local DNS server, now local DNS server checks locally, if information is not present, it queries for other DNS servers (in a hierarchical manner, root DNS, Top Level DNS, etc, so on).

Thoughts & Question

I wondered, does the local DNS server change the source ip of my request packet it received and if does change my source ip to its source ip for querying to other Dns servers, like NAT does (please correct me if I am thinking wrong), how does it keep track of me (like NAT does), like when the response comes from Root/TL/Secondary Dns server, how does it know that this response has to be directed to me.

marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
Warm_up
  • 61
  • 1
  • 10

1 Answers1

0

Yes, the recursive (caching) name server issues the query itself, so the root, TLD, and authoritative servers all see the query source as being the recursive server.

If the recursive server supports EDNS0, the edns-client-subnet will pass through the /24 netblock of the client, allowing the authoritative server to see the first three octets of the client that initiated the request.

DNS responses are correlated with requests through examining the QUERY field of the response packet.

Nate Lindstrom - NS1
  • 16
  • 2