What would happen if you disable DNS lookup in a production environment?
You'll see it asks questions about the IP address of the wikipedia.
Org, and when it succeeds it shows all the A records and IPs: ;; QUESTION SECTION: ;wikipedia. IN A .;
; ANSWER SECTION: wikipedia. 2326 IN A 208.90.181.182
; Generated by localhost.localdomain.
It just takes a moment, as I wrote the command and loaded the dig tool.org you'll see it doesn't even try to ask questions about the IP of wikipedia. Instead it shows the same A records it showed before. So you can see it's still querying DNS, but it doesn't show which records, let alone the questions it asks.
This makes it look as if DNS is not actually being used (except for resolving the wikipedia.org domain itself) in this environment. As I said above it takes a moment as you type the command. And there is no message like Your request timed out or something. But since it's clearly timing out it must have been running the DNS queries to ask about each IP of wikipedia.org to figure out which subdomain it should be looking up.
What is happening here? The full results of the dns command show that it says: No servers can be used to query for address information: (this may be. Because your host is offline). DNS query cache entries for : //172.0 - 172.255
Any ideas what is happening here?
Why would you want to disable DNS lookup in a lab environment?
My first question is about why I might want to do this.
In a lab environment, you may not have control over the network infrastructure. You may have a test lab that is configured as a standalone network. Or you may have a production server that is part of a public facing network. This way, you don't have to worry about DNS resolution.
I am more concerned with what impact it has on the client side. For example, is DNS lookup disabled when the browser requests a web page? Will an http get request to a web server go to a different web server? Is this safe for a live environment? If someone hacks into your web server, they can easily get a user to visit a malicious site. If they do this, would they still be able to perform DNS lookups? Seth CarnegieOct 9 '12 at 16:59. 1 Answer.
This is a really bad idea, it will cause a lot of problems, from DNS spoofing to the server being used as a man in the middle. DNS queries are performed by the DNS resolvers on the clients side, or on the local resolvers on the server if you have your own. When you disable DNS lookups, you are effectively telling the clients that you have no DNS resolver on your network. Ie. If you run a test lab, and you have no DHCP or DNS on the network you will be relying on the clients having a default configuration, such as Google DNS. This will work for a while, but the clients will eventually fall back to their default resolver which is most likely your router or ISP's DNS server.
If you have a live environment, where users are getting their DNS from a public DNS server, this will break things, not only will they have to make sure that they use a different DNS resolver for your network, but they will also have to remember to update their DNS resolver to point to your DNS server. Finally, if you have a server that has a web page available on it, you will be putting it in the path of a lot of people trying to view that page. Depending on how you set up your server you may be allowing access to a lot of people to get to that page, and who knows what they are trying to do once they get there.
Related Answers
How to do a reverse lookup with nslookup?
To check the status of the reverse lookup name, you need to perform DNS reverse...
What is an example of a reverse lookup zone?
If you have multiple DNS record...
What is reverse lookup IP address to hostname?
A reverse lookup is a process that is used to get details of a company from its r...