dig v/s host v/s nslookup

Dig and nslookup are two tools that can be used to query DNS servers. 

They both perform similar functions, but there are some key differences. For example, nslookup can only be used to query one DNS server at a time, while dig can query multiple DNS servers simultaneously. Additionally, dig provides more detailed information about the DNS records that are returned, while nslookup only displays the A and AAAA records.

Nslookup is a network administration command-line tool for querying the Domain Name System (DNS) to obtain domain name or IP address mapping, or other DNS records. Nslookup has two modes: interactive and non-interactive.

dig uses the OS resolver libraries. nslookup uses is own internal ones. 

What is dig and nslookup?

dig

(on Mac OS X and Linux) and nslookup (on Microsoft Windows) are the primary command-line tools for troubleshooting DNS issues. While web-based tools are convenient and easy to use, it is often faster to use a command-line tool on your own system.

nslookup is deprecated.

nslookup

is an abbreviation of name server lookup and allows you to query your DNS service. The tool is typically used to obtain a domain name via your command line interface (CLI), receive IP address mapping details, and lookup DNS records. This information is retrieved from the DNS cache of your chosen DNS server.

host

 command is an easy to use command-line utility for performing DNS lookups under Linux, macOS, BSD and Unix-like systems. We can use it to find or convert DNS names to IP addresses and vice versa.

It also performs DNS lookups related to the DNS query. The host command's default behavior displays a summary of its command-line arguments and supported options.

List of DNS record types

Before you use the host command you should aware of common types of resource records of the DNS. Here are most common resource records:

By default, host command looks for A, AAAA, and MX records only.

Border Gateway Protocol

BGP(Border Gateway Protocol)

BGP stands for Border Gateway Protocol. It is a standardized gateway protocol that exchanges routing information across autonomous systems (AS). When one network router is linked to other networks, it cannot decide which network is the best network to share its data to by itself.

Border Gateway Protocol considers all peering partners that a router has and sends traffic to the router closest to the data’s destination. This communication is possible because, at boot, BGP allows peers to communicate their routing information and then stores that information in a Routing Information Base (RIB).

The main goal of BGP is to find any path to the destination that is loop-free. 

The types of BGP are as follows −

Internal BGP

Routes are exchanged, and traffic is transmitted over the Internet using external BGP or eBGP. Autonomous systems can also use an internal BGP version to route through their internal networks, known as internal BGP.

External BGP

External BGP is like international shipping; some specific standards and guidelines need to be followed when shipping a piece of mail internationally. Once that piece of mail reaches its destination country, it has to go through its local mail service to reach its final destination.

Each country has its internal mail service that doesn’t necessarily follow the same guidelines as other countries. Similarly, each autonomous system can have its internal routing protocol for routing data within its network.

Resource Public Key Infrastructure (RPKI)

What is RPKI?

RPKI  is a security layer in BGP routing that provides full cryptographic trust towards ownership where the owners have a publicly available identifier. With BGP, the ground truth of ownership does not exist. Anyone is allowed to advertise a better route, whether maliciously or accidentally. Resource Public Key Infrastructure makes BGP more secure and reliable. Using RPKI, legitimate holders of number resources are able to control the operation of Internet routing protocols to prevent route hijacking and other attacks.

Routing information to a small network creates an overload. Malicious routing brings sensitive information to the wrong place. BGP errors have the potential for fraud and large-scale outages. Some notable cases are:

• Amazon – Route 53 BGP hijack of Amazon DNS for a cryptocurrency heist.
• Google – Misconfiguration of BGP filtering during an update routed traffic to China, Russia, and Nigeria.
• Mastercard, Visa, and major banks – Leaked 36 prefixes of payment services.
• YouTube – An attempt to block the YouTube website in Pakistan ended up taking it down.

RPKI Benefits

Implementing and using RPKI comes with the following benefits:

• Proof of origin. Resource holders have ownership proof to use specific resources through a signed certificate trust chain, helping prevent mistakes about the information origin.
• Cryptographic identity verification. Resource holders have a way to prove ownership to customers when distributing resources.
• Route hijacking prevention. Resource users protect the information provided by resource holders through a digital signature, which a verified resource holder generates and supplies to the user. Attempts to alter the signature renders it invalid.

Why do we need RPKI?

Routing protocols are potentially at risk of attacks that can harm individual users or network operations as a whole. RPKI was specified by the IETF to provide a secure means to certify the allocation of Internet number resources, as a step towards securing routing. The Internet Architecture Board considers a "properly designed and deployed RPKI an absolute prerequisite to having a secure global routing system, which is in turn a prerequisite to having a reliable worldwide Internet."

IANA

Internet Assigned Numbers Authority (IANA) 

This is a non-profit organization responsible for coordinating the activities for the smooth functioning of the Internet. Since the internet is a global network, IANA undertakes the responsibility to allocate and maintain unique codes and numbering systems that are used in Internet protocols. IANA liaisons with Internet Engineering Task Force (IETF) and Request for Comments (RFC) teams for working on Internet-connected systems. It is responsible for maintaining a collection of registries for coordination of IP addressing and Domain Name Service (DNS) root zones.

Domain Name Services 

DNS is a hierarchical database that links domain names with IP addresses. IANA administers the top-level hierarchy, the DNS root zone, for efficient transfer of data between computers. It operates '.int' top-level domain for international organizations and '.arpa' zone for Internal Protocols and root servers.

Number Resources

 It coordinates the Internet Protocol addressing systems (IP), commonly known as IP Addresses, which are used for routing internet traffic. Another function is to allocate the Autonomous System (AS) numbers to Regional Internet Registries according to their needs and document the protocol assignments made by the IETF.

Protocol Assignments 

The Protocol management function involves maintaining the codes and numbers used in Internet protocols. These services are done in collaboration with IETF.

Since 1997, this role has been performed by Internet Corporation for Assigned Names and Numbers (ICANN).

Internet Corporation for Assigned Names and Numbers (ICANN) 

This is an internationally organized non-profit corporation whose major role is to keep the Internet stable, secure and interoperable. It includes participants from different parts of the world who designs policies on the Internet's unique identifiers and its naming system. As a public-private partnership, ICANN now performs IANA functions under a contract from the United States' Department of Commerce.

Major activities performed by ICANN are:

• To preserve the operational stability of the Internet.

• To promote competition and develop policies for Internet's unique identifier and naming.

• To achieve greater participation from global internet communities.

• To develop policies and procedures and follow a consensus-driven approach.

• To contract with registries and registrars (companies that sell domain names) for improving domain name system.

 

Public and Private IP's

IP Addresses

What is a public IP address?

A public IP address((or external) can be accessed directly over the internet and is assigned to your network router by your ISP(internet service provider). Personal devices are also have private IP’s that remains hidden when you connect to the internet through your router’s public IP.

What is a private IP address?

A private IP address(local vs. internal IP) which your network router assigns to your device. Each device within the same network is assigned a unique private IP address (sometimes called a private network address). Private IP addresses allows that devices connected to the same network communicate with one another without connecting to the entire internet. 

Summarizing the differences between private and public IP addresses