Before you start
Objectives: learn what is DNS, how does DNS work, what is root DNS server, what is TLD DNS server, what are DNS zones, what are A and PTR records, what is forward lookup and what is reverse lookup.
Prerequisites: no prerequisites.
Key terms: dns, server, host, domain, ip, address, utilizewindows, computer, root, www, information
What is Domain Name System (DNS)
The domain name system (DNS) is a hierarchical, distributed database that the computers use to take a known host name and convert it to an IP address. It maps logical host names to IP addresses. For example, when we type in www.saadz26.sg-host.com, the computer uses DNS to find the IP address for that name. Computers go to DNS to find the IP address when they are given a name that they don’t recognize. DNS is a hierarchical naming system. At the top of the hierarchy is what’s called the root, and it is represented by a period. Below the root are Top Level Domains (TLDs) like “com”, “org”, etc.
Root and some TLDs
Below each of the top level domains are additional domains. In our case, we have registered the “utilizewindows” additional domain with the “com” top level domain.
Sub Domains
The DNS name space is distributed which means that each portion of the name space is delegated to another organization or some individual who has registered a domain name. One DNS server can’t hold all of the DNS information. Instead, multiple servers hold portions of the data. So the person or organization who registered “utilizewindows” is responsible for maintaining the the name space for its organization. Google is responsible for all of the names within its company, etc. The thing is, when we register some domain, we can have additional domains inside of our registered domain. For example, we can configure the domain mail.saadz26.sg-host.com, or www.saadz26.sg-host.com, or any other sub domain. Each of those divisions, like “mail”, “www”, “utilizewindows”, “org”, “com”, “google”, are referred to as domains.
Sub Domains 2
At the end of the domain hierarchy we have actual host names. For example, in our case we could have the host name “mailserver” on the mail.saadz26.sg-host.com domain. The “www” could also be a host name. 2, or for instance www. We often see “www” when we browse the Internet, and this is often the name of the computer, it’s a host name.
mailserver Host Name
Fully Qualified Domain Name
When we want to connect to some website and browse it, we have to connect to specific computer using a host name and the domain on which it resides. When referring to a specific computer we start with the host name then use all the domains in the hierarchy, up to the root. This is called the Fully Qualified Domain Name, or FQDN. In our example the fully qualified domain name of the “www” host on the “utilizewindows” domain would be www.saadz26.sg-host.com. Notice that we separate each domain from the host and other domains with a dot. FQDN ends with another dot, which represents the root, but in most cases we leave off the trailing dot. So the FQDN for the mailserver host is mailserver.mail.saadz26.sg-host.com. Again, in most cases we can leave off the dot in the end of the FQDN (but if we do leave it, it will resolve properly). So the the Fully Qualified Domain Name of some host includes the host portion of the name, followed by each domain up to the root.
Zones
When talking about DNS, we have to be aware of what’s called a zone. A zone is an area of the name space under the administrative control of one server (or that resides on a single server). In our case, “example.org” may have a single DNS server, so the “example” name space would be a single zone. On the picture this is marked with green color.
One Zone (Green)
We could also have more servers which maintain information about different parts of our domain. This means that additional servers might hold information for child domains. For example, for “utilizewindows” we have two servers which maintain two zones. One zone is marked with red, and another with blue color.
Two Zones (red and blue)
DNS Servers
So, DNS servers are servers that maintain a part of that name space. At every level of the DNS there are servers that maintain a portion of that database. So on the root level we have root DNS servers. Root servers are servers on the Internet that keep track of everything within the root domain. That includes the IP addresses of the servers at various levels. At the com domain there are servers that maintain information about sub domains within com domain. In the end, organizations set up their own DNS servers to maintain information about hosts within their own domain. So, “utilizewindows” has its own DNS server which is used to manage hosts on the “saadz26.sg-host.com” domain. So, the “zone” refers to the actual database that resides on a DNS server. The “domain” refers to the division within the name space. A zone might include multiple domains or it might include only one domain.
DNS Lookup Process
When we use a logical name to access some resource, our computer will initiate a DNS lookup process where it uses DNS to find the corresponding IP address. We will see how this works on one example. Let’s say that you are browsing the Internet and at one point you type into your browser the address: www.saadz26.sg-host.com. To connect to the server where this site is located, your computer needs to know the IP address of that server. One of the places that the computer will look is in thehost file (step 1). The host file is a text file on your computer that matches host names with IP addresses. Now, host files were originally used when DNS first started, but now they’re typically not used because it’s too hard to maintain (the hosts had to be entered manually). The host file still exists and it is used to try to resolve host names. If it does not find the IP address for thewww.saadz26.sg-host.com FQDN in the hosts file, the computer will take this name and submit it to aDNS server (step 2). This DNS server might be on your private network or it might be the DNS server at your ISP. When we configure networking parameters for our computer, we also supply the IP address of a DNS server that it should use for resolving host names. So, your computer asks the DNS server what’s the IP address of the www.saadz26.sg-host.com host name.
Hosts File
The DNS server also has a host file. It may look in its host file and respond with that information if it is there. Also, DNS server can look all of its zones (DNS database) that exists on the server and respond if it has the information about that host name. If it does not have appropriate information, then the server might do one of several things. One of the thing it might do is use a process of recursion. Recursion is a process that the DNS server uses to resolve the host name on the Internet. When using recursion, the DNS server starts backwards and works its way through the host name. Remember, it starts with a period which represents the root. So the DNS server will contact a root domain server on the Internet, and it will ask that server what is the IP address of a server for the “com” domain (step 3). DNS servers are configured with the IP address of the root domain servers, but they don’t know the DNS servers for every other domain on the Internet.
Local DNS
The root server looks in its database and returns an IP address of the “com” DNS server (step 4). Now the DNS server submits request to the “com” server and it will ask what is the IP address of a DNS server for saadz26.sg-host.com (step 5). The COM server returns an IP address for a DNS server in saadz26.sg-host.com (step 6).
Root DNS
Finally, the DNS server will submit a request to the Utilize Windows DNS server and it will ask what is the IP address of the www host within that domain (step 7). The Utilize Windows DNS server will respond with the answer in a form of some IP address. In the end DNS server returns that information to the host (step 9). At this point the host will take that IP address and contact the “www” server at saadz26.sg-host.com.
UtilizeWindows DNS
The computer will also put the IP address in a cache so that next time we go to the same website our computer can look in the cache to get the IP address, without going through the DNS lookup process again. The cache is valid as long as the computer is running, but it may even have an expiration. That means that certain entries in the cache are removed when a time period elapses. So, before the computer checks the hosts file, it will check the cache to see if it already has the IP address for the logical name. This step is actually the first one.
Now besides the recursion process to get the answer, DNS servers can also be configured to submit requests directly to another DNS server. In this case, when the host computer submits a request to the DNS server it will send that request directly to another DNS server. Another DNS server will then use the recursion process to resolve the name, return the address, which in turn gets returned back to the host.
The process of resolving a host name to an IP address is called a forward lookup. A forward lookup takes a known host name and returns an IP address. We can also perform a reverse lookup by giving an IP address to the DNS server to get the corresponding host name. An authoritative server is a DNS server that has a complete copy of all the records for a particular domain. Information about hosts on the DNS server are configured with records inside which reside inside of Zones. An A record is called a host record, and it identifies the host name and the corresponding IP address. A PTR record, or pointer record, identifies an IP address with a corresponding host name. We could use a HOSTS file to configure entries to provide limited name resolution services. However, we would have to copy the HOSTS file to each client. This is useful for testing purposes or to override information that might be received from a DNS server.
Remember
When we query the DNS server, it checks its database for records that have a matching host name or IP address. The record identifies the corresponding IP address or host name, depending on whether it’s a forward lookup or a reverse lookup.