summaryrefslogtreecommitdiff
path: root/content
diff options
context:
space:
mode:
Diffstat (limited to 'content')
-rw-r--r--content/guide/stuff-about-dns-and-ip.md (renamed from content/guide/stuff-about-dns.md)109
1 files changed, 79 insertions, 30 deletions
diff --git a/content/guide/stuff-about-dns.md b/content/guide/stuff-about-dns-and-ip.md
index 06c3956..b336d30 100644
--- a/content/guide/stuff-about-dns.md
+++ b/content/guide/stuff-about-dns-and-ip.md
@@ -1,5 +1,5 @@
---
-title: Stuff about dns
+title: Stuff about DNS and IP
date: 2025-10-27T13:46:54+01:00
draft: true
index: false
@@ -25,7 +25,7 @@ There are two kinds of IP addresses; IPv4 and IPv6.
Try to get your local IPv4 address in your local network :
```sh
-ip a | grep "inet .*"
+ip a | grep "inet "
# You might get something like the following :
inet 127.0.0.1/8 .... # your localhost
@@ -38,16 +38,13 @@ You can even ping yourself or other devices in your house that are connected to
ping -c 2 192.0.2.1 # or localhost, ping yourself
```
-You can get your public IPv4 by going to websites that tell you your IP like [whatismyipaddress.com/](https://whatismyipaddress.com/)
+You can get your public IPv4 by going to websites that tell you your IP like [whatismyipaddress.com](https://whatismyipaddress.com/) or [ifconfig.co](https://ifconfig.co)
-Or curl [ifconfig.co](https://ifconfig.co) like so :
+You can also do it from the command line :
```sh
-curl ifconfig.co # gives you your public IPv6
-curl -6 ifconfig.co # it also works
-```
-```sh
-curl -4 ifconfig.co # gives you your public IPv4
+curl -6 ifconfig.co # gives IPv6
+curl -4 ifconfig.co # gives IPv4
```
### What's your Wi-Fi router local IP ?
@@ -55,7 +52,7 @@ curl -4 ifconfig.co # gives you your public IPv4
Just use the `ip` command again :
```sh
-ip route | grep default
+ip r | grep default
# You will get something like
default via IP_ADDRESS ...
@@ -65,18 +62,19 @@ If your ISP (Internet Service Provider) allows it, you can put the `IP_ADDRESS`
The password is probably the one you use to connect to Wi-Fi.
-### Can't open ports in range [0, 32765[
+### Can't open ports in range (0, 32765)
I had this problem. It's a serious issue if you are trying to self host because the HTTP/HTTPS port and tons of others are in this range.
-Personally, I just went to the website of my ISP and there was an option to get a "static full stack IPv4 address". Maybe you should call your ISP I don't know.
+To open these ports, I just went to the website of my ISP and there was an option to get a "static, full stack IPv4 address". Just some _thing_ to enable for free. The mail ports were also closed, I had to open them through the same website.
+
+Since then, I can open the ports I want (and send emails).
## DNS
### What is this ?
-DNS (Domain Name System) is pretty cool, it's a fancy _alias_ for IP adresses. See it like a `Dictionnary` data structure in programming.
-
+DNS (Domain Name System) is pretty cool, it's a fancy _alias_ for IP adresses.
So basically, you have a domain name that points to an IP address.
```txt
@@ -87,17 +85,21 @@ This is possible by setting DNS records. You set "A" record that bind the domain
Domain names are cool and convenient. It would be a pain to remember the IP addresses of my favourite websites.
+You also have subdomains. Like [dns.mielota.com](https://dns.mielota.com), `dns` is a subdomain of [mielota.com](/). With the help of a webserver like [NGINX](https://nginx.org) you can ask your server to serve different kind of content depending on the domain/subdomains.
+
+You also have "CNAME" records, they act like _alias_. "MX" records are for _Mail Exchange_ and "TXT" store some data.
+
### DNS resolvers
-A DNS resolver is a server that translates domain names into IP addresses. See it like _getter_ function :
+A DNS resolver is a server that translates domain names into IP addresses. See it like some function :
-```lua
-get_ip_from_domain_name("example.com") -- Returns 23.220.75.245
+```py
+get_ip_from("example.com") # Returns 23.220.75.245
```
-Some DNS resolvers have really weird IP addresses. There's 1.1.1.1 (cloudflare), 8.8.8.8 (google), 9.9.9.9 (quad9). I wonder how they even got them.
+Commons DNS resolvers have really weird IP addresses. There's 1.1.1.1 (cloudflare), 8.8.8.8 (google), 9.9.9.9 (quad9). I wonder how they even got them.
-Try one of them yourself. Send a DNS query for whatever domain name, to one of these DNS resolvers.
+Try one of them yourself. Send a DNS query to one of these DNS resolvers to get the IP of some domain name.
Install the `dig` command first.
@@ -106,48 +108,95 @@ sudo pacman -S bind # On Arch
sudo apt install dnsutils # On Debian
```
+(Note that you can pass in the `+short` arg to the `dig` command if you don't like the verbose output)
+
Now you can query some DNS resolver :
```sh
dig example.com @1.1.1.1
```
-> Note that some DNS providers are unsafe and/or log the IP of websites you connect to. Choose your DNS resolver carefully. Also know that using DNS over HTTPS or DNS over TLS doesn't make you invisible.
+> Note that some DNS resolvers are unsafe and/or log the IP of websites you connect to. Choose your DNS resolver carefully. Also know that using DNS over HTTPS or DNS over TLS doesn't make you invisible.
### Control the websites you can visit
You can filter the responses of DNS resolvers with programs like [blocky](https://0xerr0r.github.io/blocky/latest/).
-You can ask `blocky` to redirect some domain names to the null IP 0.0.0.0. By doing so you can stop your computer/browser/phone from querying websites containing ads, malware, or [unwanted content](https://denshi.org/antiporn).
+You can ask `blocky` to redirect some domain names to the null IP 0.0.0.0. For example you can add `example.com` to your "blacklist" and you will get this :
+
+```sh
+dig example.com @your_custom_dns
+# you will get 0.0.0.0
+```
-For example ask for the IP of `ads.google.com` :
+By doing so you can stop your computer/browser/phone from finding websites containing ads, malware, or [unwanted content](https://denshi.org/antiporn).
+
+For example ask for the IP of `ads.google.com` to the 8.8.8.8 DNS server:
```sh
-dig ads.google.com @8.8.8.8
+dig +short ads.google.com @8.8.8.8
```
-You got the IP address right ? Now try with my DNS resolver :
+You got the IP address right ? Now do the same with my DNS server:
```sh
-dig ads.google.com @dns.mielota.com # or put the IPv4 of my server
+dig +short ads.google.com @dns.mielota.com # or put the IPv4 of my server
```
You will get 0.0.0.0
-Here are some useful links if you want to do the same :
+Here are some useful links if you want to use blocky on your server/computer.
+
+- [Blocky DNS](https://0xerr0r.github.io/blocky/latest/)
- [Comfy Guide to Blocky](https://comfy.guide/server/blocky)
- [Comfy Guide to Blocky (video)](https://www.youtube.com/watch?v=Uq6mafo9fEc)
-- [Blocky DNS](https://0xerr0r.github.io/blocky/latest/)
-You can also run `blocky` locally and query your `localhost`.
+Use this command to get the blacklists I use (if you want the same ones):
+
+```sh
+curl -fsSL "https://codeberg.org/mielota/dox/raw/branch/main/opt/blocky/blocky.yml" | grep -o "\- http.*"
+```
+
+### Get records of a domain name
+
+You can see what DNS records are setup for domain names too. For example, ask for the A record of my domain name :
+
+```sh
+dig +short A mielota.com
+```
+
+You can get the MX records of let's say, GitHub :
+
+```sh
+dig +short MX github.com
+```
+
+You can of course ask for AAAA, TXT, CNAME etc.
### Reverse DNS
If you want to setup an email server, you have to setup `reverse DNS`, it's basically DNS but the other way around : Give an IP, get a domain name.
-To setup r-dns I had to go to my ISP's website. Some people say that they had to call their ISP. Some people are not allowed to have r-dns. So it's just a matter of luck.
+To setup r-DNS I had to go to my ISP's website. Some people say that they had to call their ISP. Some people are not allowed to have r-DNS. So it's just a matter of luck.
+
+You can see if you have r-DNS with this command :
+
+```sh
+dig +short -x IP_ADDRESS_OF_YOUR_SERVER
+```
+
+For example you can see that Arch Linux has a working reverse DNS:
+
+```sh
+dig +short -x $(dig +short archlinux.org) # -> "archlinux.org."
+```
## Conclusion ?
-These are just some random infos about DNS. Nothing big. Of course, I only covered the **tip** of the iceberg in _whatever_ this is.
+These were just some random infos.
+
+More links :
+
+- [Check if your DNS records are okay](https://intodns.com/)
+- [Addr Tools](https://addr.tools/)
generated by cgit v1.2.3 (git 2.46.0) at 2026-05-27 20:04:17 +0000