A|S
DATA EXTREMES
HomeLab HQ.hub

DNS Fundamentals

How human-readable names become machine-routable addresses.

What DNS Does

DNS (Domain Name System) is the internet's phone book. Machines route traffic by IP address — humans remember names. DNS bridges that gap. When you typegoogle.com, your device asks a DNS resolver to translate that name into an IP address it can actually route to.

In a homelab, DNS matters at two levels: public DNS for internet access, and local DNS so your services can reach each other by name instead of IP.

The DNS Lookup Chain

1. You type: google.com

2. OS checks local cache → not found

3. Asks local resolver (router / Pi-hole / Unbound)
   → may have it cached → returns immediately

4. Local resolver asks Recursive Resolver (8.8.8.8 / 1.1.1.1)

5. Recursive resolver asks Root Servers ("who handles .com?")
   → points to .com TLD servers

6. TLD server says "google.com is at these nameservers"

7. Authoritative nameserver returns: 142.250.72.14

8. Response cached at each layer with TTL timer

DNS Record Types

DNS isn't just for IP lookups. Different record types handle different purposes. Knowing them is essential for configuring services, email, and Cloudflare.

A      → hostname to IPv4 address
         example.com → 203.0.113.10

AAAA   → hostname to IPv6 address
         example.com → 2001:db8::1

CNAME  → alias one name to another (not to an IP)
         www.example.com → example.com

MX     → mail server for the domain
         example.com → mail.example.com (priority 10)

TXT    → arbitrary text — used for SPF, DKIM, domain verification
         "v=spf1 include:_spf.google.com ~all"

PTR    → reverse lookup: IP → hostname (used in logs/email)
         10.113.0.203.in-addr.arpa → mail.example.com

NS     → which nameservers are authoritative for this domain

SOA    → Start of Authority — zone metadata, serial number

TTL — Time to Live

Every DNS record has a TTL (in seconds) that tells resolvers how long to cache it. Low TTL = changes propagate fast but more DNS queries. High TTL = efficient but slow to update.

TTL 300    → cache for 5 minutes  (use before changing IPs)
TTL 3600   → cache for 1 hour    (typical)
TTL 86400  → cache for 24 hours  (stable records)

Pro tip: lower TTL hours before migrating a server,
         raise it again after confirming everything works.

Local DNS in Your Homelab

Running a local resolver like Pi-hole or Unbound means DNS queries never leave your network for internal services. You can also block ads and telemetry at the DNS layer for every device on your LAN.

Local DNS setup example:
  Router DHCP → hand out 192.168.1.120 as DNS server
  Pi-hole / Unbound at 192.168.1.120 handles all queries
  Local overrides:
    proxmox.home    → 192.168.1.100
    npm.home        → 192.168.1.120
    authelia.home   → 192.168.1.120

Useful DNS Commands

# Basic lookup
dig google.com
nslookup google.com

# Specific record type
dig google.com MX
dig google.com TXT

# Query a specific DNS server
dig @8.8.8.8 google.com
dig @192.168.1.120 proxmox.home

# Reverse lookup (IP → hostname)
dig -x 8.8.8.8

# Short output
dig +short google.com

# Check TTL remaining
dig +ttlid google.com

≈·*•—[ A|S ]—•*·≈

< IP Addresses & Subnets

- Crafted by Axiom|Spectre