Home > Articles > Cisco Certification > CCIE > CCIE Security v4.0 Quick Reference: Application and Infrastructure Security

CCIE Security v4.0 Quick Reference: Application and Infrastructure Security

Chapter Description

This chapter from CCIE Security v4.0 Quick Reference, 3rd Edition covers HTTP, HTTPS, Simple Mail Transfer, Protocol, File Transfer Protocol, Domain Name System, and Trivial File Transfer Protocol.

Domain Name System

Domain Name System (DNS) is a name resolution protocol that translates hostnames to IP addresses and vice versa. A DNS server is a host that runs the DNS service and is configured to process the translation for the user transparently by using TCP/UDP port 53. TCP port 53 is also used for DNS zone transfers. UDP 53 is used for DNS lookups and browsing.

DNS is a hierarchical database where the data is structured in a tree, with the root domain (.) at the top. Various subdomains branch out from the root, much like the directory structure of a UNIX or Windows file system. Cisco routers can be configured for DNS lookups so that users can simply type a hostname versus an IP address. Local names can also be statically configured for devices. A name server stores information about its domain in the form of several kinds of resource records, each of which stores a different kind of information about the domain and the hosts in the domain. These records are traditionally text entries stored in different files on the domain name server. The Cisco DNM browser is a graphical utility that enables you to edit these records via a graphical interface, which reduces the chance of errors in text files. A router does not provide DNS server responses to client devices such as PCs or UNIX hosts. Table 3-2 describes the different record types.

Table 3-2 Different DNS Record Types

Record Type


Start of Authority (SOA)

Required for every domain. Stores information about the DNS itself for the domain

Name Server (NS)

Stores information used to identify the name servers in the domain that store information for that domain

Address (A)

Stores the hostname and IP address of individual hosts and translates hostnames to IP addresses

Canonical Name (CNAME)

Stores additional hostnames, or aliases, for hosts in the domain

Mail Exchange (MX)

Stores information about where mail for the domain should be delivered

Pointer (PTR)

Stores the IP address and hostname of individual hosts and translates IP addresses to hostnames in a reverse DNS lookup

Host Information (HINFO)

Stores information about the hardware for specific hosts

Well Known Services (WKS)

Stores information about the various network services available from hosts in the domain

Text Information (TXT)

Stores up to 256 characters of text per line

Responsible Person (RP)

Stores information about the person responsible for the domain

6. Trivial File Transfer Protocol | Next Section Previous Section