DNS stands for Domain Name System. DNS is used for name resolution on a TCP/IP network. Before you can understand what DNS is and where it came from, you have to first understand how name resolution occurred before
DNS was developed. When the Internet was just started and only had a few hundred computers connected to it, name resolution was very simple and easy to maintain. The original TCP/IP specification implemented name
resolution using a special text file called HOSTS. A copy of this file was stored on every computer system on the Internet. The HOSTS file contained a list of IP addresses for every computer on the Internet that mapped
to the corresponding system names. A central HOSTS file was updated and distributed on a daily basis. This worked fairly well until there
were a few thousand systems connected to the Internet. Even though TCP/IP systems still have a HOSTS file on their computer, the HOSTS file is no longer the primary source for name resolution.
Originally, the concept of having a central supercomputer for name resolution was considered, but this solution would also reach a limit so it was not very practical. The idea of delegating the name resolution process
would mitigate the concerns of a limiting process. The DNS hierarchy was born and to this day, still growing and expanding in size.
The "root" domain is comprised of 13 DNS systems dispersed around the world, known collectively as the DNS root servers. While there are 13 IP addresses that represent these systems, there are actually more than
13 servers. Some of the IP addresses are actually load balanced virtual IPs, so there may be two or more DNS servers that are load sharing some of the IP addresses. Here is the list of the 13 roots servers, by hostname.
|DNS Server||IP Address|
While the DNS root servers establish the hierarchy, most of the name resolution process is delegated to other DNS servers. Just below the DNS root in the hierarchy are the top-level domain servers. These top-level DNS servers
handle top-level domains such as com, net, org, edu, gov, mil, etc. The top-level DNS servers delegate to thousands of second-level DNS servers. Second-level domain names are sold to companies and other organizations. The
second-level of this structure is comprised of millions of domain names. Second-level DNS servers can further delegate the zone, but most commonly store the individual host records for a domain name, such as the most common
host record 'www'. For example, the corp.com domain has a server that has a DNS alias called 'www' with the IP address of 192.168.0.1. Only the DNS server controlling the corp.com domain stores the
actual IP address for host record www.corp.com. No other DNS system that does not store the corp.com zone will have this information. The DNS system will provide the resolver (the client making the DNS request) with referrals
until the resolver reaches the DNS server that is hosting this zone. Once the DNS server hosting this zone receives the query from the resolver, it will send the resolver with an answer to the query.
The DNS namespace works in a manner similar to how your computer’s file system works. The DNS namespace is a hierarchy of DNS domains and individual host names organized into a tree-like structure. Each domain is similar to
a folder. Just like in the typical folder structure, a folder can contain folders or documents. In DNS, a domain can contain other domains or records.
At second-level DNS servers, you typically find resource records. Resource records map services and host names to IP addresses. For example, the most common resource record is the host (A) record. A host name simply
maps a name to an IP address. The most common host name is the 'www' record. In some cases, it is preferable to use an alias (CNAME) record to point another host record. For example, if a server has multiple names associated with
a server, you could create a host (A) record called server1 and map that to the IP address of the computer. Then create several alias (CNAME) records, such as www, ftp, mail, that map back to the same host name.
Here is a list of the most common DNS records used within a zone.
|Canonical Name||CNAME||Alias to host name|
|Host||A||Maps host name to IP address|
|Name Server||NS||Maps Name Server name to IP address|
|Mail Exchanger||MX||Maps Mail Exchange Server DNS Name|
|Start of Authority||SOA||Zone configuration|
Name Resolution Process
The name resolution process has not significantly changed since DNS was first designed. When a DNS resolver (DNS client) needs to resolve a host name to be able to access a resource, it must first contact a DNS server. The
DNS server that it contacts depends on its client TCP/IP configuration. Either the DNS client configuration is included in the DHCP configuration, or it must be manually configured in the client settings. For computers within
a private network, it is recommended that they be configured to point to internal DNS servers. For systems on the internet, they can be configured to point to their ISP's DNS servers, or one of the many public DNS servers
on the Internet, such as Google's public servers (184.108.40.206 and/or 220.127.116.11).
In the graphic shown above, the name resolution process depicts eight steps that need to be taken to resolve a host name from a DNS client. We can use this graphic to discuss a typical example in more details. Ine following example,
a DNS client is trying to access a web server on the Internet. Before the client can communicate with the web server, the web server's host name must be resolved to an IP address.
- Step 1: DNS client queries ISP DNS server to resolve the host name www.domain.com.
- Step 2: The ISP web server checks its DNS cache and local zones, if no match is found, the DNS server will query the root DNS server.
- Step 3: The root DNS server responds back to the ISP DNS server with a referral so that the request can be sent to the .COM DNS servers.
- Step 4: The ISP DNS server sends the query to the .COM DNS server.
- Step 5: The .COM DNS server responds back to the ISP DNS server with a referral so that the request can be sent to the DOMAIN.COM DNS servers.
- Step 6: The ISP DNS server sends the query to the DOMAIN.COM DNS server.
- Step 7: The DOMAIN.COM DNS server responds back to the ISP DNS server with the answer to the query for "www.domain.com".
- Step 8: The ISP DNS server caches the answer and sends the answer back to the resolver.
The resolver can now initiate direct communication with the web server since the resolver (DNS client) now has the IP address of the web server. You should also note that the DNS server will cache the
information it received during this process so that a future request for this host name could be resolved from its cache rather than performing the entire process from beginning to end, as long as the future request
is within the time-to-live (TTL) period of the cached record.
Recommended Books & Training Resources