The Domain Name Service, or DNS, is one of the cornerstones of modern IP networks, including the Internet, the best-known network of all. The DNS’ sole purpose is to find the IP address of a computer when all you have is its hostname. As simple as that may seem, it’s actually quite elaborate. On the Internet scale, any user must be able to find the IP address of any resource, wherever that resource may be. On the local scale, DNS must resolve any hostname to its local IP address and forward Internet address requests to public DNS servers. To assist network administrators in managing DNS efficiently, several different tools are available. Some will help with setting up DNS while others will assist with troubleshooting or monitoring your DNS environment. Today, we’ll be reviewing some of the best DNS tools available today.
We’ll start off our discussion by trying to explain what DNS is and how it works. We’ll do our best to keep it as non-technical as possible. Next, we’ll discuss DNS management. We’ll have a look at the different aspects of managing DNS. And since this article is all about tools, we’ll then introduce the different types of DNS tools that are available to network administrators. This will naturally lead us to our core subject: the best DNS tools available. We will review some of the most useful tools we could think of.
DNS – What It Is And How It Works
In the early days of the Internet, only a few handfuls of computers were interconnected in order to avoid having to address them using cumbersome IP addresses, each computer has a hostname and each interconnected computer had a text file—aptly named “hosts”—which contained the IP address to hostname correspondence of every other computer on the network.
As long as there were a limited number of interconnected computers, that worked fine but it soon became apparent that some better way of distributing the information had to be devised. DNS was thus specifically created for that very purpose. In a nutshell, DNS is a distributed version of the “hosts” file which can resolve the IP address of any hostname. The beauty of DNS is that it is a distributed system where each local administrator is only responsible for keeping data about the hosts he manages up to date on DNS servers.
Typically each organization has a local DNS server. It is responsible for resolving IP addresses for local resources. That server will transmit any request it can’t resolve to its forwarding server, a public DNS server on the Internet. I’ll spare you the details of exactly how they do it but each public name server can resolve any public hostname to a public IP address. By extension, your local DNS server can do that too as it will forward requests to a public server.
One of the drawbacks of this architecture is that resolving an IP address can take a while as many servers might have to forward the request to another one. This effect is mitigating by local caching. Whenever a DNS server requests some information on behalf or another server, it will still cache that information. The next time it is requested, it won’t have to fetch it from another server. Caching is not eternal, though, and sooner or later it will expire and require the servers to query other servers.
Managing local DNS is an important task. Every time a new device—be that a computer, a printer or any piece of network-connected equipment—is added to the network, its hostname and corresponding IP address must be added to the local DNS server. Depending on how you manage IP addresses and what tool you use, this could be a totally manual process, a fully automated one or anything in between.
Another important aspect of managing DNS is ensuring that the name resolution of your publicly available resources—such as your website, for example—is correctly configured and available on public DNS servers for any user to be able to reach them.
Monitoring is another important part of DNS administration. When the DNS is down, no hostname to IP address is possible and all interconnected resources become unreachable. This is definitely something one would want to avoid.
Different Types Of DNS Tools
There are several different types of DNS tools available. The first type is DNS audit tools. These types of tools will perform forward and reverse DNS requests to validate that both match. This is very useful as mismatched forward and reverse entries can cause all sorts of problems.
Another type of tool can be used to analyze the structure of your DNS architecture. It can discover the relations between DNS servers and help you have a more deterministic approach to DNS resolution. As we said earlier, DNS request forwarding can end up taking time so you’re better with an efficient architecture which this type of tool will help you confirm. DNS benchmarking software can also be used for that purpose. Just as it can be used to compare the performance of one public DNS server against another, which could help you determine the best public DNS server to forward requests to.
Next are command line tools which are typically used to test name resolution by manually querying servers. Nslookup and Dig are two such commands which we’ll look into later.
The last type of tools is online tools that can be used to run various DNS-oriented tests from multiple locations throughout the globe. These tools can give you a pretty good idea of how your hosts are resolved from distant clients.
The Best DNS Tools
With so many types of tools available, finding the best ones was no easy task. We’ve tried to find at least one of each type of tools to give you an idea of what’s available. We’re therefore including a mix of locally-installable software packages, command-line tools which are already built right into most operating systems and online tools.
Our first two tools are part of the SolarWinds Engineer’s Toolset. Perhaps you already know SolarWinds. Perhaps you’re even using some of its products. The company has carved itself a solid reputation for making some of the best network administration tools. Its flagship product, the Network Performance Monitor, is recognized by many as one of the best network monitoring tools. SolarWinds is also famous for its many free tools. They are smaller tools, each addressing a specific need of network administrators. Two examples of these free tools are the Advanced Subnet Calculator and the Kiwi Syslog Server.
Back to the SolarWinds Engineer’s Toolset, this is a bundle of over 60 different tools. Some of the included tools are free tools from SolarWinds whereas others are tools that are exclusively found as part of this package. When it comes to DNS tools, two of them are included in the Engineer’s Toolset, the SolarWinds DNS Audit and the SolarWinds DNS Structure Analyzer. As for the other tools the bundle contains, we’ll get back to them shortly.
The SolarWinds DNS Audit tool is mostly useful to administrators who manage and configure their DNS manually. What it does is pretty simple but its benefits are incredible. This tool will scan a range of IP address and issue reverse-DNS queries for each address. Reverse DNS is the process of interrogating a DNS server to get the hostname corresponding to an IP address instead of the contrary. A properly configured DNS server should have a reverse DNS record for each forward record it contains.
So, once the tool has finished resolving each IP address into a hostname, t will try to resolve each hostname to its IP address and it will report on any record where a mismatch is found. The result of the audit is shown in tabular form with one line for each IP address scanned.
This next tool from the SolarWinds Engineer’s Toolset, the SolarWinds DNS Structure Analyzer tool is very different in what it does and how it operates. This tool will discover and create visual diagrams the of hierarchical DNS structure of your organization’s DNS resource records, including root servers, name servers, global top-level domain servers, cName pointers, and authoritative address servers. The tool also makes it easy to distinguish the relationships between multiple name servers and target IP addresses using the DNS structure diagram. Furthermore, redirections from one DNS server to another are graphically displayed.
The SolarWinds DNS Structure Analyzer tool might not be for everyone but for those who have a need for this type of tool, it can’t really be beaten. And since it is part of the Engineer’s Toolset free trial, we can only suggest you give it a try and see for yourself if you have a need for it.
Other Tools Included In The Engineer’s Toolset
The SolarWinds Engineer’s Toolset includes many great troubleshooting tools. You’ll find tools such as Ping Sweep, DNS Analyzer and TraceRoute which can be used to perform network diagnostics and help resolve complex network issues quickly. And for the security-conscious network administrators, some of the tools can be used to simulate attacks on your network and help identify vulnerabilities.
The SolarWinds Engineer’s Toolset also has some excellent monitoring and alerting tools. Some will monitor your devices and raise alerts when they detect availability or health issues. This can often give you enough time to react before users even notice there is a problem. And to make thing even better, you can use some of the included tools for configuration management and log consolidation.
Here are some of the tools you’ll find in the SolarWinds Engineer’s Toolset besides the DNS audit and DNS Structure Analyzer tools.
- Port Scanner
- Switch Port Mapper
- SNMP sweep
- IP Network Browser
- MAC Address Discovery
- Ping Sweep
- Response Time Monitor
- CPU Monitor
- Interface Monitor
- Router Password Decryption
- SNMP Brute Force Attack
- SNMP Dictionary Attack
- Config Compare, Downloader, Uploader, and Editor
- SNMP trap editor and SNMP trap receiver
- Subnet Calculator
- DHCP Scope Monitor
- DNS Structure Analyzer
- DNS Audit
- IP Address Management
- WAN Killer
There are many tools included in the SolarWinds Engineer’s Toolset. Too many to mention them all, actually. With a free 14-day trial available, Perhaps your best bet is to download the bundle and see for yourself all that the toolset can do for you.
2. GRC’s DNS Benchmark
The name of this tool says a lot about what it is. If you’ve been wondering if your choice of DNS servers is impeding your Internet experience, the GRC’s DNS Benchmark will provide a unique, comprehensive, accurate and free Windows—and Linux when using Wine—utility to determine the exact performance of local and remote DNS servers.
Although GRC’s DNS Benchmark is packed with features to satisfy the needs of even the most demanding and seasoned network administrators—and it offers features designed to enable serious DNS performance investigation, the tool is also extremely easy to use, even for casual and first-time users. One of the best features of this tool is its price. Although the product is no open-source, it is free and anyone can download it.
Next on our list is a pretty useful troubleshooting tool that’s included with most operating systems—including all modern versions of Windows—called nslookup. It is often overlooked as a troubleshooting tool yet it brings real value. Nslookup is one of the most basic tools you can use to verify the proper configuration of DNS servers. Its name is short for “name server lookup”.
Seeing nslookup at work is the best way to understand what it does and how you can benefit from it so we’ll start with a small demonstration. Using the command is rather simple, you just type it in followed by whatever you’re querying. For our example, we’ll use www.google.com.
The command would look like this:
And this is what the response from nslookup would look like:
Server: my.local.dns.server Address: 10.10.10.10 Non-authoritative answer: Name: www.google.com Addresses: 2607:f8b0:4002:80f::2004 184.108.40.206
The first two lines of the response tell you what server it is using to obtain the information and that server’s IP address. By default, it will use the first DNS server that is configured on the computer where you use the command. In the second nslookup tells you it is providing a non-authoritative answer. This is not something to be concerned about. It just means that the server giving the answer has obtained the information from another server. In fact, it would be rather surprising to obtain an authoritative answer from your local computer’s DNS server. You’d typically see that when querying about another local machine. Next, of course, is the information about your actual query. Nslookup first lists the name that you queried, followed by the actual answer or, in the specific case, answers. In our example, the query returned both an IPV6 and an IPV4 address.
Nslookup also has an interactive mode which you activate by typing the command by itself. Once the tool is started—you’ll notice that the command prompt changes to a “>”—you’re ready to answer commands directly.
There are many different ways that you can query DNS servers with nslookup. You can fetch only information about mail server settings by typing “set type=mx” in interactive mode. You can also connect to a specific DNS server. For example, to connect to Google’s DNS server, you would type “server 220.127.116.11”.
Nslookup has many more options than that and it helps to be knowledgeable about the Domain Name Service to get the most out of it. Although this is a dated tool and many would like to see it replaced by something more modern—such as dig, our next tool—it remains one of the most-used DNS tools.
Dig is another command-line tool that has been gaining in popularity. Its purpose is almost identical to nslookup’s but its syntax is a bit different. Also, answers from dig are a bit more elaborate than those from nslookup. This is one of the reasons why dig has not managed to supersede its older cousin. Another reason is that, while nslookup is on almost every system, dig is only present on some Linux distributions. It can be installed on any Linux or Windows computer but, to many administrators, why bother when nslookup gets the job done?
This is what a typical dig query looks like:
$ dig -t mx www.google.com ; <<>> DiG 9.10.3-P4-Ubuntu <<>> -t mx www.google.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40683 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;www.google.com. IN MX ;; AUTHORITY SECTION: google.com. 60 IN SOA ns1.google.com. dns-admin.google.com. 164707171 900 900 1800 60 ;; Query time: 61 msec ;; SERVER: 127.0.1.1#53(127.0.1.1) ;; WHEN: Wed Aug 09 14:34:03 EDT 2017 ;; MSG SIZE rcvd: 113
As you can see, it is much more elaborate than a typical nslookup’s response.
5. Online DNS tools – DNSstuff
The last set of DNS tools we want to talk about are online DNS tools. Those tools can be very handy as they give you a different perspective, that of a remote device somewhere on the Internet. There are countless websites which offer DNS tools. They vary in the exact tools they offer but all of them will at least let you obtain a public IP address from a fully qualified domain name.
For example, DNSstuff is one such website which offers about a dozen different tools to test various aspects of DNS, including an elaborate and easy-to-use equivalent of nslookup or dig. The main drawback of these types of tools is that you can’t usually pick a specific DNS server. What you get is the perspective from a remote Internet location.