Fill Your Wardrobe
Checkout this exciting collection of branded First copy products
https://www.instagram.com/tizzytrendz/
https://www.instagram.com/tizzytrendz/
CryptoCurrency?Explained.
CryptoCurrency?Explained.
Cryptocurrency is the next evolution of money.
We know that in ancient days, commodities essential to daily living were considered money (e.g. cows and chickens) and traded among micro-economies. Then the modernization of society and urban cities brought the need to track money and value across large territories of land, which resulted in the birth of paper and coin money issued from the ruling governments.
A quarter of a century ago, an invention called the world wide web made it possible for people to buy and sell virtually anything, to anyone around the world using bank-issued credit cards, which are a substitute for paper and coin issued currencies and provide electronic payment. Finally, several years ago, a new form of money that is native to the internet was born - cryptocurrency. Below we explore what this new type of money is, how it works, and how you can get involved.
A quarter of a century ago, an invention called the world wide web made it possible for people to buy and sell virtually anything, to anyone around the world using bank-issued credit cards, which are a substitute for paper and coin issued currencies and provide electronic payment. Finally, several years ago, a new form of money that is native to the internet was born - cryptocurrency. Below we explore what this new type of money is, how it works, and how you can get involved.
What is Cryptocurrency?
Cryptocurrency Definition:
A cryptocurrency (also called a crypto-asset or crypto money) is a medium of exchange like government issued currencies, that uses cryptography to secure the exchange of digital information and control the creation of new units.
Cryptocurrency Explained:
As alluded to in the introduction, cryptocurrency is simply the next evolution of money. As many things in our world transition to becoming digital, so will our money.
How Does Cryptocurrency Work?
Cryptocurrencies provide a viable method of issuing tracking ownership of unique digital representations of value, which we call money.
Cryptocurrencies are fully self-contained systems that both control and track each unit of cryptocurrency. Each individual unit acts like peice data moving around a network. Units of a cryptocurrency can be as small as $0.01 USDm or as big as $1 Billion USD. Some cryptocurrencies are controlled by a single entity (i.e. centralized) and others are controlled by the public (i.e. decentralized).
Cryptocurrencies use various timestamping schemes to avoid the need for a trusted third party to verify the transactions added to the blockchain ledger. Bitcoin, the most popular cryptocurrency, uses a Proof-of-work scheme, which is also known as Mining. Other cryptocurrencies achieve the same result with alternative approaches that are often labeled Consensus Protocols or Consensus Platforms.
What are the Best Cryptocurrencies?
If you have heard about cryptocurrencies, then you have likely heard of bitcoin.
Bitcoin is the first cryptocurrency to successfully prove the viability of a cryptographic-backed public money supply that is open to anyone. From a market capitalization point of view and public adoption point of view, bitcoin is currently the most popular cryptocurrency. However, there are close to 1,000 different types of cryptocurrencies currently available on coin market cap, the most popular place to discover and track cryptocurrency prices. Among the many choices available, different cryptocurrencies provide different benefits over others. Some cryptocurrencies such as Litecoin provide faster confirmation times than bitcoin. Newer cryptocurrencies such as ether, refer to themselves as crypto assets and use their native token ether to power a decentralized virtual machine that can execute peer-to-peer smart contracts. Just like when shopping for a new smartphone, the best cryptocurrency is the one that fits your specific need that you intend to use it for.
Examples:
How to Invest In Cryptocurrency?
When bitcoin was first introduced to the world in 2009, each bitcoin was valued at less than $1 USD for quite some time. In late 2014, one bitcoin was valued over $1,000 USD. The current price of one bitcoin is about half of that, with varying degrees of volatility.
Hoping to strike it rich with short timelines and significant returns has caught the attention of speculators worldwide, causing great desire to learn how to invest in cryptocurrencies and yield returns that beat the stock market. The cryptocurrency market is only less than a decade old and still remains very small in comparison to the global financial markets of the world. These attributes (nascency and size) should remind investors to revisit a fundamental rule of investing: the higher the return, the greater the risk; the lower the return, the lesser the risk.
Cryptocurrency Investing Principle
Seeking to achieve the same returns seen with bitcoin during the 2009 to 2014 time period requires significant risk.
Higher Risk = Higher Return
An example of a high risk and high return cryptocurrency investment opportunity is to invest in a new cryptocurrency, with the anticipation that it achieve the same success as bitcoin.
Lower Risk = Lower Return
For those seeking a lower risk cryptocurrency investment opportunity, an example may include investing in a more mature cryptocurrency such as bitcoin that may not provide the same upward spike in value again, but may likely experience more natural and gradual growth over time.
An alternative to investing in cryptocurrencies, is investing in the underlying technology of cryptocurrencies, better known as blockchain technology.
Where to Buy Cryptocurrency?
Cryptocurrencies can be bought at many online providers, however, before you purchase cryptocurrency, make sure that you have a plan on how to store it in a cryptocurrency wallet. Most first time buyers often find the process of buying cryptocurrencies to be somewhat difficult, yet rewarding. Buying cryptocurrency through several of the exchanges online below can be done using a credit card or debit card.
Examples:
Where to Trade Cryptocurrency?
rading cryptocurrency is different from buying cryptocurrency. Although many of the places to buy cryptocurrency online, also provide trading services, the two acts are fundamentally different in nature. The industry of cryptocurrency trading is also beginning to mature and exchanges are providing more powerful tools that closely resemble the same market trading tools commonly found in the capital markets.
Why were cryptocurrencies invented?
Technically, the idea of an electronic peer-to-peer currency was being tinkered with decades ago, but it wasn't truly successful until 2008, when bitcoin was conceived. The basis of bitcoin's creation, and all virtual currencies that have since followed, was to fix a number of perceived flaws with the way money is transmitted from one party to another.
What flaws? For example, think about how long it can take for a bank to settle a cross-border payment, or how financial institutions have been reaping the rewards of fees by acting as a third-party middleman during transactions. Cryptocurrencies work around the traditional financial system through the use of blockchain technology.
IMAGE SOURCE: GETTY IMAGES.
OK, what the heck is blockchain?
Blockchain is the digital ledger where all transactions involving a virtual currency are stored. If you buy bitcoin, sell bitcoin, use your bitcoin to buy a Subway sandwich, and so on, it'll be recorded, in an encrypted fashion, in this digital ledger. The same goes for other cryptocurrencies.
Think of blockchain technology as the infrastructure that underlies virtual coins. It's the foundation of your home, while the tethered virtual coin represents all the products built on top of that foundation.
Why is blockchain a potentially better choice than the current system of transferring money?
Blockchain offers a number of potential advantages, but is designed to cure three major problems with the current money transmittance system.
First, blockchain technology is decentralized. In simple terms, this just means there isn't a data center where all transaction data is stored. Instead, data from this digital ledger is stored on hard drives and servers all over the globe. The reason this is done is twofold: 1.) it ensures that no one person or company will have central authority over a virtual currency, and 2.) it acts as a safeguard against cyberattacks, such that criminals aren't able to gain control of a cryptocurrency and exploit its holders.
Secondly, as noted, there's no middleman with blockchain technology. Since no third-party bank is needed to oversee these transactions, the thought is that transaction fees might be lower than they currently are.
Finally, transactions on blockchain networks may have the opportunity to settle considerably faster than traditional networks. Let's remember that banks have pretty rigid working hours, and they're closed at least one or two days a week. And, as noted, cross-border transactions can be held for days while funds are verified. With blockchain, this verification of transactions is always ongoing, which means the opportunity to settle transactions much more quickly, or perhaps even instantly.
IMAGE SOURCE: GETTY IMAGES.
How are transactions verified on a blockchain?
You might be wondering how these blockchain transactions are verified. After all, there are logistics involved, such as making sure that the same virtual coin isn't being spent twice. Often this verification falls onto a group of folks known as "miners."
Cryptocurrency miners are nothing more than people with high-powered computers who are competing against other people with high-powered computers to solve complex math equations. These equations are a product of the encryption designed to protect transaction data on the digital ledger.
The first miner to solve these equations, and in the process verify transactions on the ledger, gets a reward, which is known as a "block reward." This reward is paid out in virtual coins, and is an example of how bitcoin transactions are verified. This process is referred to as "proof of work."
The only other major verification process in place is known as "proof of stake." Instead of having people use tons of resources trying to solve complex equations to verify transactions, the proof of stake model chooses who gets to verify the next block of transactions based on their ownership in a virtual currency. In essence, the more you own, the better chance you have of getting to verify transactions. With proof of stake, there is no competition among your peers and no excessive energy usage while solving complex equations, which can make it much more cost-effective.
The proof of stake model also rewards those folks who verify transactions differently. Instead of being paid in virtual coins, the stakeholder earns the transaction fees tied to that block of transactions.
IMAGE SOURCE: GETTY IMAGES.
Are blockchain networks public or private?
The interesting thing is that blockchain has the opportunity to be public or private. As you might imagine, a private blockchain would appeal most to businesses, while public blockchains are most appealing to consumers who might want to use their virtual currency to buy goods or services, or to cryptocurrency investors.
A private blockchain, just as it sounds, allows a business to place restrictions on who has access to data, and who can make transactions on the network. Meanwhile, public blockchains allow anyone to join and participate. Bitcoin is an example of a public blockchain.
Is it true that cryptocurrency transactions are anonymous?
The answer to this is, "it depends." Most cryptocurrencies aren't as anonymous as you'd think. Sure, you don't have to supply your Social Security number or bank account to begin trading or investing in cryptocurrencies, but any transaction you make is still going to be recorded in the underlying digital ledger.
Recently, the Internal Revenue Service (IRS) won a court case against cryptocurrency exchange Coinbase that required the exchange to turn over information on 14,355 users who, between 2013 and 2015, exchanged at least $20,000 worth of bitcoin. While the IRS primarily sought this info to go after possible capital-gain tax evaders, the bigger idea here is that these transactions aren't as anonymous as you'd think.
There is, however, a group of cryptocurrencies known "privacy coins" that have a sole purpose of beefing up the anonymity and privacy of a transaction. They use specialized protocols to help hide the identity of the sender of a payment. Monero and Dash are examples of coins that belong to this specialized group.
IMAGE SOURCE: GETTY IMAGES.
How do virtual coins fit into all of this?
As noted, digital currencies are what investors are buying. In nearly all instances, buying a cryptocurrency won't give an investor any ownership in the underlying blockchain technology. This happens to be one of the biggest differences between cryptocurrencies and traditional investments, like stocks. If you buy stock in a publicly traded company, you own a fractional percentage of that business. That's not the case with nearly all cryptocurrencies.
So, what do the virtual coins do exactly? In many instances, the coins are required to pay for transactions fees on a blockchain. Ethereum, which is one of the largest cryptocurrencies by market cap behind bitcoin, requires users of its blockchain to pay transaction fees in its coin, known as Ether. But there are other potential applications.
For example, Ripple's coin, known as the XRP, may serve as an intermediary that'll allow transactions to settle faster. Ripple is a blockchain company that's focused on partnering with big banks and financial institutions. Imagine that a customer in Japan wants to make a payment to a business in the U.K. If this payment were routed through Ripple's blockchain, it could take the payment in Japanese yen, convert that payment into XRP coins, then convert those coins into British pounds. All of this could theoretically be done instantly, or at the very least considerably faster than traditional banks (and hopefully for a lower cost).
How should cryptocurrencies be valued?
Truth be told, no one knows the answer to this, because it's dependent on a number of factors. These include:
- How quickly blockchain technology is adopted by bigger businesses;
- How quickly merchants are willing to accept virtual currencies as a form of payment;
- Whether governments around the world will accept cryptocurrencies as legal tender, or choose to ban them entirely.
It's also unclear at times how cohesive a virtual coin and its underlying blockchain are. The example above involving Ripple's blockchain and its XRP shows how the two work pretty well hand-in-hand. Not all cryptocurrencies have a coin that has a clear-cut use or enhances the value of its underlying blockchain. This is why valuing cryptocurrencies often proves difficult.
IMAGE SOURCE: GETTY IMAGES.
Why have cryptocurrencies gone up so much?
Again, there's no 100% correct answer here, but the key in their success remains two factors. First, retail investors (i.e., non-professional investors) have accounted for most virtual currency trading. Institutional investors have kept to the sidelines because either their company won't allow them to invest in cryptocurrencies, or they're simply too volatile to merit an investment. Retail investors tend to be more reliant on their emotions relative to institutional investors, leading to moves that tend to overshoot to the upside, and downside.
The second factor is that this isn't exactly a "fair" market. Among traditional equities, like the stock market, an investor has the opportunity to buy, sell, and even bet against an equity. Money can be made if an equity moves up or down. With nearly all cryptocurrencies, except bitcoin, buying or selling is the only option. There is no way to make money if a cryptocurrency goes down, which naturally tends to incentivize buying. This probably won't last forever, but it's played a key role in pushing prices higher.
Bitcoin is overhyped: 10 better buys for you nowWhen investing geniuses David and Tom Gardner have a stock tip, it can pay to listen. After all, the newsletter they have run for over a decade, Motley Fool Stock Advisor, has tripled the market.*
David and Tom just revealed what they believe are the ten best stocks for investors to buy right now... and investing directly in Bitcoin was noticeably absent from their recommendations! That's right -- they think these 10 stocks are better buys.
What is a VPN? Virtual Private Network explained
What is a VPN? Virtual Private Network explained
What is a VPN?
What is a VPN? VPN stands for Virtual Private Network. A VPN is a lot like what it sounds like: a private network. Imagine a wifi network like a big highway. Everyone on that network has their traffic running on that highway where everyone can see each others traffic. Anyone with the right technical know-how would be able to take your internet traffic and start taking valuable information such as banking details. When a user connects to a VPN, they are suddenly connecting to a private network where all their internet traffic is encrypted. So instead of taking that major highway with everyone else on that network, you get your own private road that no one else is allowed on.
Why use a VPN?
As discussed above, VPNs will encrypt your traffic so that prying eyes won’t be able to see what you’re doing nor steal any information from you.
Aside from encryption, a VPN will also change your IP address. By changing your IP address, websites will not be able to tell where your actual location is. Before connecting to a VPN, you will need to select a server to connect to. The server you choose will determine what type of IP address you get. For instance, if you connect to a U.K. server, you will get a U.K. IP address – making it seem like your physical location is in the U.K. When surfing the internet, you will start to notice you are getting ads catered to U.K. products. You might even notice that your Google searches are brining up U.K. related searches. By changing your IP address, you can surf the internet anonymously and not have to worry about websites knowing who you are.
Other popular uses
Another very popular reason that people connect to a VPN is to access geo-blocked content. There are some online services, websites, and content that are only available for people in a particular region. But when you connect to a VPN, you can make your device appear in that particular region and bypass those blackouts.
People also like to use VPNs paired with sport streaming services. For example, NFL Gamepass in the United States doesn’t show live games, only on-demand after the game has already been played. But with a VPN, users can hack NFL Gamepass to get the international version which shows all the live games. People also do this with NBA League Pass to bypass blackouts within the United States.
There are also popular tools such as Tor that help people access the Dark Net. But it’s also important that you pair a VPN with Tor before going onto the Dark Net.
When do I need a VPN?
The best rule of thumb is to just use a VPN every time you connect to the internet. Making it a habit to connect to your VPN every time you go only will drastically increase your online security.
If you’re not connecting to a VPN all the time, at least make sure you are using it when visiting an adult site or downloading torrents. These sites can be a bit sketchy at times and it’s always best to make sure you have some form of protection & anonymity when visiting them.
Traveling is another crucial time to use a VPN. Whether you are going out of the country or just away from your home, you should travel with a VPN. When traveling, you are most likely going to be connecting to a public wifi network in a hotel, coffee shop, or other public place. A VPN will help keep your internet traffic private when connecting to these networks.
How much does a VPN cost?
It’s pretty easy to find a VPN service online that is free. But you should always be weary of a free VPN service. Popular “free” VPN services have been caught using their users in a botnet scheme where anyone could be using YOUR IP address to do whatever they wanted – you don’t want that. Free VPN services need to make money somehow so they normally use their users (sometimes without their knowledge or consent) to make make money other ways.
When you use a paid VPN service, you know at least that it has no reason to make money other ways. The company can be held accountable. You often will get much better customer service any time you have problems as they will have motivation to keep you as a customer. Having paid customers also keeps a company on it’s toes to offer the best service available. My Private Network is constantly adding new servers, protocols, and encryption to make sure our customers get the best product on the market. Our team is also one of the top-rated VPN companies on TrustPilot!
What a VPN Can Do For You
A virtual private network supplies network connectivity over a potentially long physical distance. In this respect, a VPN is a form of Wide Area Network. VPNs support file sharing, video conferencing and similar network services.
A VPN can work over both public networks like the Internet and private business networks. Using a method called tunneling, a VPN runs over the same hardware infrastructure as existing Internet or intranet links. VPN technologies includes various security mechanisms to protect these virtual connections.
Virtual private networks generally don't provide any new functionality that isn't already offered through alternative mechanisms, but a VPN implements those services more efficiently and cheaply in most cases. Specifically, a VPN supports at least three different modes of use:
- Internet remote access client connections
- LAN-to-LAN inter-networking
- Controlled access within an intranet
Internet VPNs for Remote Access
In recent years, many organizations have increased the mobility of their workers by allowing more employees to telecommute. Employees also continue to travel and face a growing need to stay connected to their company networks.
A VPN supports remote, protected access to the corporate home offices over the Internet. An Internet VPN solution uses a client/server design and works as follows:
- A remote host (client) intending to log into the company network first connects to any public Internet connection.
- Next, the client initiates a VPN connection to the company VPN server. This connection is made using a VPN application installed on the remote computer.
- After the connection has been established, the remote client can communicate with the internal company systems over the Internet just as if it were inside the local network.
Before VPNs, remote workers accessed company networks over private leased lines or through dialup remote access servers. While VPN clients and servers careful require installation of hardware and software, an Internet VPN is a superior solution in many situations.
VPNs for Personal Online Security
Several vendors offer subscription service to virtual private networks. When you subscribe, you'll get access to their VPN service, which you can use on your laptop, PC or smartphone. The VPN's connection is encrypted, meaning people on the same Wi-Fi network (like at a coffee shop) cannot "sniff" your traffic and intercept information like your social-media accounts or banking information.
VPNs for Internetworking
Besides using virtual private networks for remote access, a VPN can also bridge two networks together. In this mode of operation, an entire remote network (rather than just a single remote client) can join to a different company network to form an extended intranet. This solution uses a VPN server-to-server connection.
Intranet Local Network VPNs
Internal networks may also use VPN technology to implement controlled access to individual subnets within a private network. In this mode of operation, VPN clients connect to a VPN server that acts as the network gateway.
This type of VPN use does not involve an Internet Service Provider or public network cabling. However, it allows the security benefits of VPN to be deployed inside an organization. This approach has become especially popular as a way for businesses to protect their Wi-Fi local networks.
How VPNs Work
One popular technology to accomplish these goals is a VPN (virtual private network). A VPN is a private network that uses a public network (usually the Internet) to connect remote sites or users together. The VPN uses "virtual" connections routed through the Internet from the business's private network to the remote site or employee. By using a VPN, businesses ensure security -- anyone intercepting the encrypted data can't read it.
VPN was not the first technology to make remote connections. Several years ago, the most common way to connect computers between multiple offices was by using a leased line. Leased lines, such as ISDN(integrated services digital network, 128 Kbps), are private network connections that a telecommunications company could lease to its customers. Leased lines provided a company with a way to expand its private network beyond its immediate geographic area. These connections form a single wide-area network (WAN) for the business. Though leased lines are reliable and secure, the leases are expensive, with costs rising as the distance between offices increases.
Today, the Internet is more accessible than ever before, and Internet service providers (ISPs) continue to develop faster and more reliable services at lower costs than leased lines. To take advantage of this, most businesses have replaced leased lines with new technologies that use Internet connections without sacrificing performance and security. Businesses started by establishing intranets, which are private internal networks designed for use only by company employees. Intranets enabled distant colleagues to work together through technologies such as desktop sharing. By adding a VPN, a business can extend all its intranet's resources to employees working from remote offices or their homes.
This article describes VPN components, technologies, tunneling and security. First, let's explore an analogy that describes how a VPN compares to other networking options.
WHAT IS DNS?
WHAT IS DNS?
If you use the Internet for any function, like you’re doing right now, you’re going to want to read this.
Whether it’s simply for checking your email, late night online shopping, sharing too much on social media, or your entire life revolves around Internet access, DNS affects you. The Flood Marketing team, recently took a lesson from DNS Made Easy and their introductory “DNS Explained,” video. We wanted the whole team to understand a little more on how the Internet works and why choosing the best name for a website is so important. Our brilliant Lead Web Developer, Christian, headed up this topic and schooled us all on three letters we will certainly never forget.
This little-known acronym is a mammoth in the world of technology. DNS stands for Domain Name System. Several feet below us, underground and underwater, sit machines that talk to one another and allow everyone on Earth to benefit from the many uses of the Internet. Each of these computers communicate through IP addresses. IP addresses are defined as unique strings of numbers which are separated by periods, that identify each computer using the “Internet Protocol.”
Enter, DNS. The Domain Name System decodes these IP addresses into actual domain names. For example, www.facebook.com, is actually, 157.240.17.35. But who could remember that? It is much easier to remember “Facebook” instead. See how friendly DNS is? It makes life online so incredibly simple.
A fun fact about how DNS works; when we type in a URL (Uniform Resource Locator – see how much you’ve already learned here today?) you type in “www.website.com”, but in reality you are asking the mastermind systems hundreds of feet below us to take you to www.website.com. – with that dot at the end. Why?
As DNS Made Easy explains, “that dot represents the root of the Internet’s name space.” Though we never see that end period on any domain name, it does exist and most definitely serves a purpose. The website you are searching for may already be in your computer’s memory, which helps speed things up a bit. However, that little end dot gets that Protocol talking! The browser and operating system work together to find the webpage you wish to enter. If they don’t know where to take you, these technologies begin to communicate with the Resolving Name Server. From there multiple systems work together to get you to where you need to be in the World Wide Web. The Authoritative Name Servers then search for the domain name in question with the domain’s registrar.
Each time a domain name is purchased, “the registrar is told which authoritative name servers that domain should use.” From there, another guest at the party, the TLD – Top Level Domain – servers take this domain name back to your operating system’s memory. While this process is confusing and complex, DNS Made Easy points out, that the entire cycle takes less time than it does to blink an eye.
Why is DNS important?
DNS is like a phone book for the Internet. If you know a person’s name but don’t know their telephone number, you can simply look it up in a phone book. DNS provides this same service to the Internet.
When you visit http://dyn.com in a browser, your computer uses DNS to retrieve the website’s IP address of 204.13.248.115. Without DNS, you would only be able to visit our website (or any website) by visiting its IP address directly, such as http://204.13.248.115.
How does DNS work?
When you visit a domain such as dyn.com, your computer follows a series of steps to turn the human-readable web address into a machine-readable IP address. This happens every time you use a domain name, whether you are viewing websites, sending email or listening to Internet radio stations like Pandora.
Step 1: Request information
The process begins when you ask your computer to resolve a hostname, such as visiting http://dyn.com. The first place your computer looks is its local DNS cache, which stores information that your computer has recently retrieved.
If your computer doesn’t already know the answer, it needs to perform a DNS query to find out.
Step 2: Ask the recursive DNS servers
If the information is not stored locally, your computer queries (contacts) your ISP’s recursive DNS servers. These specialized computers perform the legwork of a DNS query on your behalf. Recursive servers have their own caches, so the process usually ends here and the information is returned to the user.
Step 3: Ask the root nameservers
If the recursive servers don’t have the answer, they query the root nameservers. A nameserveris a computer that answers questions about domain names, such as IP addresses. The thirteen root nameservers act as a kind of telephone switchboard for DNS. They don’t know the answer, but they can direct our query to someone that knows where to find it.
Step 4: Ask the TLD nameservers
The root nameservers will look at the first part of our request, reading from right to left — www.dyn.com — and direct our query to the Top-Level Domain (TLD) nameservers for .com. Each TLD, such as .com, .org, and .us, have their own set of nameservers, which act like a receptionist for each TLD. These servers don’t have the information we need, but they can refer us directly to the servers that do have the information.
Step 5: Ask the authoritative DNS servers
The TLD nameservers review the next part of our request — www.dyn.com — and direct our query to the nameservers responsible for this specific domain. These authoritative nameservers are responsible for knowing all the information about a specific domain, which are stored in DNS records. There are many types of records, which each contain a different kind of information. In this example, we want to know the IP address for www.dyndns.com, so we ask the authoritative nameserver for the Address Record (A).
Step 6: Retrieve the record
The recursive server retrieves the A record for dyn.com from the authoritative nameservers and stores the record in its local cache. If anyone else requests the host record for dyn.com, the recursive servers will already have the answer and will not need to go through the lookup process again. All records have a time-to-live value, which is like an expiration date. After a while, the recursive server will need to ask for a new copy of the record to make sure the information doesn’t become out-of-date.
Step 7: Receive the answer
Armed with the answer, recursive server returns the A record back to your computer. Your computer stores the record in its cache, reads the IP address from the record, then passes this information to your browser. The browser then opens a connection to the webserver and receives the website.
This entire process, from start to finish, takes only milliseconds to complete.
Domain Terminology
We should start by defining our terms. While some of these topics are familiar from other contexts, there are many terms used when talking about domain names and DNS that aren't used too often in other areas of computing.
Let's start easy:
Domain Name System
The domain name system, more commonly known as "DNS" is the networking system in place that allows us to resolve human-friendly names to unique addresses.
Domain Name
A domain name is the human-friendly name that we are used to associating with an internet resource. For instance, "google.com" is a domain name. Some people will say that the "google" portion is the domain, but we can generally refer to the combined form as the domain name.
The URL "google.com" is associated with the servers owned by Google Inc. The domain name system allows us to reach the Google servers when we type "google.com" into our browsers.
IP Address
An IP address is what we call a network addressable location. Each IP address must be unique within its network. When we are talking about websites, this network is the entire internet.
IPv4, the most common form of addresses, are written as four sets of numbers, each set having up to three digits, with each set separated by a dot. For example, "111.222.111.222" could be a valid IPv4 IP address. With DNS, we map a name to that address so that you do not have to remember a complicated set of numbers for each place you wish to visit on a network.
Top-Level Domain
A top-level domain, or TLD, is the most general part of the domain. The top-level domain is the furthest portion to the right (as separated by a dot). Common top-level domains are "com", "net", "org", "gov", "edu", and "io".
Top-level domains are at the top of the hierarchy in terms of domain names. Certain parties are given management control over top-level domains by ICANN (Internet Corporation for Assigned Names and Numbers). These parties can then distribute domain names under the TLD, usually through a domain registrar.
Hosts
Within a domain, the domain owner can define individual hosts, which refer to separate computers or services accessible through a domain. For instance, most domain owners make their web servers accessible through the bare domain (example.com) and also through the "host" definition "www" (www.example.com).
You can have other host definitions under the general domain. You could have API access through an "api" host (api.example.com) or you could have ftp access by defining a host called "ftp" or "files" (ftp.example.com or files.example.com). The host names can be arbitrary as long as they are unique for the domain.
SubDomain
A subject related to hosts are subdomains.
DNS works in a hierarchy. TLDs can have many domains under them. For instance, the "com" TLD has both "google.com" and "ubuntu.com" underneath it. A "subdomain" refers to any domain that is part of a larger domain. In this case, "ubuntu.com" can be said to be a subdomain of "com". This is typically just called the domain or the "ubuntu" portion is called a SLD, which means second level domain.
Likewise, each domain can control "subdomains" that are located under it. This is usually what we mean by subdomains. For instance you could have a subdomain for the history department of your school at "www.history.school.edu". The "history" portion is a subdomain.
The difference between a host name and a subdomain is that a host defines a computer or resource, while a subdomain extends the parent domain. It is a method of subdividing the domain itself.
Whether talking about subdomains or hosts, you can begin to see that the left-most portions of a domain are the most specific. This is how DNS works: from most to least specific as you read from left-to-right.
Fully Qualified Domain Name
A fully qualified domain name, often called FQDN, is what we call an absolute domain name. Domains in the DNS system can be given relative to one another, and as such, can be somewhat ambiguous. A FQDN is an absolute name that specifies its location in relation to the absolute root of the domain name system.
This means that it specifies each parent domain including the TLD. A proper FQDN ends with a dot, indicating the root of the DNS hierarchy. An example of a FQDN is "mail.google.com.". Sometimes software that calls for FQDN does not require the ending dot, but the trailing dot is required to conform to ICANN standards.
Name Server
A name server is a computer designated to translate domain names into IP addresses. These servers do most of the work in the DNS system. Since the total number of domain translations is too much for any one server, each server may redirect request to other name servers or delegate responsibility for a subset of subdomains they are responsible for.
Name servers can be "authoritative", meaning that they give answers to queries about domains under their control. Otherwise, they may point to other servers, or serve cached copies of other name servers' data.
Zone File
A zone file is a simple text file that contains the mappings between domain names and IP addresses. This is how the DNS system finally finds out which IP address should be contacted when a user requests a certain domain name.
Zone files reside in name servers and generally define the resources available under a specific domain, or the place that one can go to get that information.
Records
Within a zone file, records are kept. In its simplest form, a record is basically a single mapping between a resource and a name. These can map a domain name to an IP address, define the name servers for the domain, define the mail servers for the domain, etc.
How DNS Works
Now that you are familiar with some of the terminology involved with DNS, how does the system actually work?
The system is very simple at a high-level overview, but is very complex as you look at the details. Overall though, it is a very reliable infrastructure that has been essential to the adoption of the internet as we know it today.
Root Servers
As we said above, DNS is, at its core, a hierarchical system. At the top of this system is what are known as "root servers". These servers are controlled by various organizations and are delegated authority by ICANN (Internet Corporation for Assigned Names and Numbers).
There are currently 13 root servers in operation. However, as there are an incredible number of names to resolve every minute, each of these servers is actually mirrored. The interesting thing about this set up is that each of the mirrors for a single root server share the same IP address. When requests are made for a certain root server, the request will be routed to the nearest mirror of that root server.
What do these root servers do? Root servers handle requests for information about Top-level domains. So if a request comes in for something a lower-level name server cannot resolve, a query is made to the root server for the domain.
The root servers won't actually know where the domain is hosted. They will, however, be able to direct the requester to the name servers that handle the specifically requested top-level domain.
So if a request for "www.wikipedia.org" is made to the root server, the root server will not find the result in its records. It will check its zone files for a listing that matches "www.wikipedia.org". It will not find one.
It will instead find a record for the "org" TLD and give the requesting entity the address of the name server responsible for "org" addresses.
TLD Servers
The requester then sends a new request to the IP address (given to it by the root server) that is responsible for the top-level domain of the request.
So, to continue our example, it would send a request to the name server responsible for knowing about "org" domains to see if it knows where "www.wikipedia.org" is located.
Once again, the requester will look for "www.wikipdia.org" in its zone files. It will not find this record in its files.
However, it will find a record listing the IP address of the name server responsible for "wikipedia.org". This is getting much closer to the answer we want.
Domain-Level Name Servers
At this point, the requester has the IP address of the name server that is responsible for knowing the actual IP address of the resource. It sends a new request to the name server asking, once again, if it can resolve "www.wikipedia.org".
The name server checks its zone files and it finds that it has a zone file associated with "wikipedia.org". Inside of this file, there is a record for the "www" host. This record tells the IP address where this host is located. The name server returns the final answer to the requester.
What is a Resolving Name Server?
In the above scenario, we referred to a "requester". What is the requester in this situation?
In almost all cases, the requester will be what we call a "resolving name server" A resolving name server is one configured to ask other servers questions. It is basically an intermediary for a user which caches previous query results to improve speed and knows the addresses of the root servers to be able to "resolve" requests made for things it doesn't already know about.
Basically, a user will usually have a few resolving name servers configured on their computer system. The resolving name servers are usually provided by an ISP or other organizations. For instance Google provides resolving DNS servers that you can query. These can be either configured in your computer automatically or manually.
When you type a URL in the address bar of your browser, your computer first looks to see if it can find out locally where the resource is located. It checks the "hosts" file on the computer and a few other locations. It then sends the request to the resolving name server and waits back to receive the IP address of the resource.
The resolving name server then checks its cache for the answer. If it doesn't find it, it goes through the steps outlined above.
Resolving name servers basically compress the requesting process for the end user. The clients simply have to know to ask the resolving name servers where a resource is located and be confident that they will investigate and return the final answer.
Zone Files
We mentioned in the above process the idea of "zone files" and "records".
Zone files are the way that name servers store information about the domains they know about. Every domain that a name server knows about is stored in a zone file. Most requests coming to the average name server are not something that the server will have zone files for.
If it is configured to handle recursive queries, like a resolving name server, it will find out the answer and return it. Otherwise, it will tell the requesting party where to look next.
The more zone files that a name server has, the more requests it will be able to answer authoritatively.
A zone file describes a DNS "zone", which is basically a subset of the entire DNS naming system. It generally is used to configure just a single domain. It can contain a number of records which define where resources are for the domain in question.
The zone's
$ORIGIN is a parameter equal to the zone's highest level of authority by default.
So if a zone file is used to configure the "example.com." domain, the
$ORIGIN would be set to example.com..
This is either configured at the top of the zone file or it can be defined in the DNS server's configuration file that references the zone file. Either way, this parameter describes what the zone is going to be authoritative for.
Similarly, the
$TTL configures the "time to live" of the information it provides. It is basically a timer. A caching name server can use previously queried results to answer questions until the TTL value runs out.Record Types
Within the zone file, we can have many different record types. We will go over some of the more common (or mandatory types) here.
SOA Records
The Start of Authority, or SOA, record is a mandatory record in all zone files. It must be the first real record in a file (although $ORIGIN or $TTL specifications may appear above). It is also one of the most complex to understand.
The start of authority record looks something like this:
domain.com. IN SOA ns1.domain.com. admin.domain.com. ( 12083 ; serial number 3h ; refresh interval 30m ; retry interval 3w ; expiry period 1h ; negative TTL )
Let's explain what each part is for:
- domain.com.: This is the root of the zone. This specifies that the zone file is for the
domain.com.domain. Often, you'll see this replaced with@, which is just a placeholder that substitutes the contents of the$ORIGINvariable we learned about above. - IN SOA: The "IN" portion means internet (and will be present in many records). The SOA is the indicator that this is a Start of Authority record.
- ns1.domain.com.: This defines the primary master name server for this domain. Name servers can either be master or slaves, and if dynamic DNS is configured one server needs to be a "primary master", which goes here. If you haven't configured dynamic DNS, then this is just one of your master name servers.
- admin.domain.com.: This is the email address of the administrator for this zone. The "@" is replaced with a dot in the email address. If the name portion of the email address normally has a dot in it, this is replace with a "\" in this part (your.name@domain.com becomes your\name.domain.com).
- 12083: This is the serial number for the zone file. Every time you edit a zone file, you must increment this number for the zone file to propagate correctly. Slave servers will check if the master server's serial number for a zone is larger than the one they have on their system. If it is, it requests the new zone file, if not, it continues serving the original file.
- 3h: This is the refresh interval for the zone. This is the amount of time that the slave will wait before polling the master for zone file changes.
- 30m: This is the retry interval for this zone. If the slave cannot connect to the master when the refresh period is up, it will wait this amount of time and retry to poll the master.
- 3w: This is the expiry period. If a slave name server has not been able to contact the master for this amount of time, it no longer returns responses as an authoritative source for this zone.
- 1h: This is the amount of time that the name server will cache a name error if it cannot find the requested name in this file.
A and AAAA Records
Both of these records map a host to an IP address. The "A" record is used to map a host to an IPv4 IP address, while "AAAA" records are used to map a host to an IPv6 address.
The general format of these records is this:
host IN A IPv4_address host IN AAAA IPv6_address
So since our SOA record called out a primary master server at "ns1.domain.com", we would have to map this to an address to an IP address since "ns1.domain.com" is within the "domain.com" zone that this file is defining.
The record could look something like this:
ns1 IN A 111.222.111.222
Notice that we don't have to give the full name. We can just give the host, without the FQDN and the DNS server will fill in the rest with the $ORIGIN value. However, we could just as easily use the entire FQDN if we feel like being semantic:
ns1.domain.com. IN A 111.222.111.222
In most cases, this is where you'll define your web server as "www":
www IN A 222.222.222.222
We should also tell where the base domain resolves to. We can do this like this:
domain.com. IN A 222.222.222.222
We could have used the "@" to refer to the base domain instead:
@ IN A 222.222.222.222
We also have the option of resolving anything that under this domain that is not defined explicitly to this server too. We can do this with the "*" wild card:
* IN A 222.222.222.222
All of these work just as well with AAAA records for IPv6 addresses.
CNAME Records
CNAME records define an alias for canonical name for your server (one defined by an A or AAAA record).
For instance, we could have an A name record defining the "server1" host and then use the "www" as an alias for this host:
server1 IN A 111.111.111.111
www IN CNAME server1
Be aware that these aliases come with some performance losses because they require an additional query to the server. Most of the time, the same result could be achieved by using additional A or AAAA records.
One case when a CNAME is recommended is to provide an alias for a resource outside of the current zone.
MX Records
MX records are used to define the mail exchanges that are used for the domain. This helps email messages arrive at your mail server correctly.
Unlike many other record types, mail records generally don't map a host to something, because they apply to the entire zone. As such, they usually look like this:
IN MX 10 mail.domain.com.
Note that there is no host name at the beginning.
Also note that there is an extra number in there. This is the preference number that helps computers decide which server to send mail to if there are multiple mail servers defined. Lower numbers have a higher priority.
The MX record should generally point to a host defined by an A or AAAA record, and not one defined by a CNAME.
So, let's say that we have two mail servers. There would have to be records that look something like this:
IN MX 10 mail1.domain.com.
IN MX 50 mail2.domain.com.
mail1 IN A 111.111.111.111
mail2 IN A 222.222.222.222
In this example, the "mail1" host is the preferred email exchange server.
We could also write that like this:
IN MX 10 mail1
IN MX 50 mail2
mail1 IN A 111.111.111.111
mail2 IN A 222.222.222.222
NS Records
This record type defines the name servers that are used for this zone.
You may be wondering, "if the zone file resides on the name server, why does it need to reference itself?". Part of what makes DNS so successful is its multiple levels of caching. One reason for defining name servers within the zone file is that the zone file may be actually being served from a cached copy on another name server. There are other reasons for needing the name servers defined on the name server itself, but we won't go into that here.
Like the MX records, these are zone-wide parameters, so they do not take hosts either. In general, they look like this:
IN NS ns1.domain.com.
IN NS ns2.domain.com.
You should have at least two name servers defined in each zone file in order to operate correctly if there is a problem with one server. Most DNS server software considers a zone file to be invalid if there is only a single name server.
As always, include the mapping for the hosts with A or AAAA records:
IN NS ns1.domain.com.
IN NS ns2.domain.com.
ns1 IN A 111.222.111.111
ns2 IN A 123.211.111.233
There are quite a few other record types you can use, but these are probably the most common types that you will come across.
PTR Records
The PTR records are used define a name associated with an IP address. PTR records are the inverse of an A or AAAA record. PTR records are unique in that they begin at the
.arpa root and are delegated to the owners of the IP addresses. The Regional Internet Registries (RIRs) manage the IP address delegation to organization and service providers. The Regional Internet Registries include APNIC, ARIN, RIPE NCC, LACNIC, and AFRINIC.
Here is an example of a PTR record for 111.222.333.444 would look like:
444.333.222.111.in-addr.arpa. 33692 IN PTR host.example.com.
This example of a PTR record for an IPv6 address shows the nibble format of the reverse of Google's IPv6 DNS Server
2001:4860:4860::8888.8.8.8.8.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.6.8.4.0.6.8.4.1.0.0.2.ip6.arpa. 86400IN PTR google-public-dns-a.google.com.
The command line tool
dig with the -x flag can be used to look up the reverse DNS name of an IP address.
Here is an example of a dig command. The
+short is appended to reduce the output to the reverse DNS name.
- dig -x 8.8.4.4 +short
The output for the dig command above will be the domain name in the PTR record for the IP address:
google-public-dns-b.google.com.
Servers on the Internet use PTR records to place domain names within log entries, make informed spam handling decisions, and display easy-to-read details about other devices.
Most commonly-used email servers will look up the PTR record of an IP address it receives email from. If the source IP address does not have a PTR record associated with it, the emails being sent may be treated as spam and rejected. It is not important that the FQDN in the PTR matches the domain name of the email being sent. What is important is that there is a valid PTR record with a corresponding and matching forward A record.
Normally network routers on the Internet are given PTR records that correspond with their physical location. For example you may see references to 'NYC' or 'CHI' for a router in New York City or Chicago. This is helpful when running a traceroute or MTR and reviewing the path Internet traffic is taking.
Most providers offering dedicated servers or VPS services will give customers the ability to set a PTR record for their IP address. DigitalOcean will automatically assign the PTR record of any Droplet when the Droplet is named with a domain name. The Droplet name is assigned during creation and can be edited later using the settings page of the Droplet control panel.
Note: It is important that the FQDN in the PTR record has a corresponding and matching forward A record. Example: 111.222.333.444 has a PTR of server.example.com and server.example.com is an A record that points to 111.222.333.444.
CAA Records
CAA records are used to specify which Certificate Authorities (CAs) are allowed to issue SSL/TLS certificates for your domain. As of September 8, 2017 all CAs are required to check for these records before issuing a certificate. If no record is present, any CA may issue a certificate. Otherwise, only the specified CAs may issue certificates. CAA records can be applied to single hosts, or entire domains.
An example CAA record follows:
example.com. IN CAA 0 issue "letsencrypt.org"
The host,
IN, and record type (CAA) are common DNS fields. The CAA-specific information above is the 0 issue "letsencrypt.org" portion. It is made up of three parts: flags (0), tags (issue), and values ("letsencrypt.org").- Flags are an integer which indicates how a CA should handle tags it doesn't understand. If the flag is
0, the record will be ignored. If1, the CA must refuse to issue the certificate. - Tags are strings that denote the purpose of a CAA record. Currently they can be
issueto authorize a CA to create certificates for a specific hostname,issuewildto authorize wildcard certificates, oriodefto define a URL where CAs can report policy violations. - Values are a string associated with the record's tag. For
issueandissuewildthis will typically be the domain of the CA you're granting the permission to. Foriodefthis may be the URL of a contact form, or amailto:link for email feedback.
You may use
dig to fetch CAA records using the following options:
- dig example.com type257
For more detailed information about CAA records, you can read RFC 6844, or our tutorial How To Create and Manage CAA Records Using DigitalOcean DNS