The DNS is the default name resolution service used in UNIX (configurable option) and Windows servers.
However, when the Internet was very small, hostname resolution was done using /etc/hosts file under UNIX. The hosts file is a computer file used by an operating system to map hostnames to IP addresses. MS-Windows also support the hosts file and usaully locate at %SystemRoot%\system32\drivers\etc\ directory.
However, these days Domain Name System is the default name resolution service used in all operating systems including mobile phones such as Apple iPhone. DNS is part of the operating system and all TCP/IP network connections are, by default, configured with the IP address of at least two DNS server to perform name resolution on the network. In this tutorial, we’ll take a look at the DNS system.
Resolving Name With DNS
DNS is used to map a domain name to an IP address. For e.g. when you type a domain such as dnsknowledge.com into your browser the client needs to find the IP address where this website is located. This is done using DNS servers. However, keep in mind that over last few years the Internet grew into the tens of thousands (there may be billions of IP address active with hostnames), a more flexible more scalable solution was required. The DNS makes is possible to manage millions of hostnames and IP address efficiently. The DNS has become the main name resolution used on the Internet today.
There have been various implementation of DNS over the years. UNIX systems typically use BIND (Berkeley Internet Name Domain) or djbdns. Microsoft Windows Server operating systems typically use a non-Active Directory, or standard, Domain Name System solution. However, various implemntations use the same protocols for exchanging DNS information over the Internet.
How does DNS works?
- You type a domain name such as google.com into your browser using client computer operating system such as Windows or Apple OS (“client”).
- The client needs to find the IP address where google.com search engine is located on the earth (typically all websites are hosted in the Internet data center).
- Your browser will send this query to the operating system.
- Each operating system is configured to query certain dns servers. Typically your ISP or network administrator configures such dns servers called Resolving Name Server.
- The resolving name server does not aware of the location of the google.com, but it does know where the root servers are located.
- Next, the resolving name server find the location of the top-level domain name server to send query for google.com. Each domain on the Internet has authoritative name server.
- Finally, the authoritative name server will give you exact IP address of google.com. This information will come back to to the resolving name server, which caches the information and send backs an answer (answer to your query what is IP address of google.com) to the browser to the correct place. The end result you will see google search engine home page.
You can easily verify above sequence using your ISP’s dns server. If you are using UNIX or Mac OS X, open the terminal and type the following command:
dig +trace @126.96.36.199 google.com
dig +trace @your-isps.dns.server.ip google.com
; <<>> DiG 9.5.0-P2 <<>> +trace @188.8.131.52 google.com ; (1 server found) ;; global options: printcmd . 3600000 IN NS G.ROOT-SERVERS.NET. . 3600000 IN NS F.ROOT-SERVERS.NET. . 3600000 IN NS J.ROOT-SERVERS.NET. . 3600000 IN NS I.ROOT-SERVERS.NET. . 3600000 IN NS E.ROOT-SERVERS.NET. . 3600000 IN NS D.ROOT-SERVERS.NET. . 3600000 IN NS M.ROOT-SERVERS.NET. . 3600000 IN NS H.ROOT-SERVERS.NET. . 3600000 IN NS B.ROOT-SERVERS.NET. . 3600000 IN NS C.ROOT-SERVERS.NET. . 3600000 IN NS A.ROOT-SERVERS.NET. . 3600000 IN NS L.ROOT-SERVERS.NET. . 3600000 IN NS K.ROOT-SERVERS.NET. ;; Received 228 bytes from 184.108.40.206#53(220.127.116.11) in 363 ms com. 172800 IN NS C.GTLD-SERVERS.NET. com. 172800 IN NS I.GTLD-SERVERS.NET. com. 172800 IN NS F.GTLD-SERVERS.NET. com. 172800 IN NS G.GTLD-SERVERS.NET. com. 172800 IN NS E.GTLD-SERVERS.NET. com. 172800 IN NS M.GTLD-SERVERS.NET. com. 172800 IN NS A.GTLD-SERVERS.NET. com. 172800 IN NS D.GTLD-SERVERS.NET. com. 172800 IN NS J.GTLD-SERVERS.NET. com. 172800 IN NS H.GTLD-SERVERS.NET. com. 172800 IN NS K.GTLD-SERVERS.NET. com. 172800 IN NS B.GTLD-SERVERS.NET. com. 172800 IN NS L.GTLD-SERVERS.NET. ;; Received 488 bytes from 18.104.22.168#53(G.ROOT-SERVERS.NET) in 215 ms google.com. 172800 IN NS ns1.google.com. google.com. 172800 IN NS ns2.google.com. google.com. 172800 IN NS ns3.google.com. google.com. 172800 IN NS ns4.google.com. ;; Received 164 bytes from 22.214.171.124#53(L.GTLD-SERVERS.NET) in 439 ms google.com. 300 IN A 126.96.36.199 google.com. 300 IN A 188.8.131.52 google.com. 300 IN A 184.108.40.206 ;; Received 76 bytes from 220.127.116.11#53(ns3.google.com) in 303 ms
In above example:
- 18.104.22.168 is resolving name server.
- 22.214.171.124 queries root servers such as G.ROOT-SERVERS.NET. and others as it doesn’t aware of google.com’s IP address.
- G.ROOT-SERVERS.NET (one of root server) queries top level domain name server (.com server) to find out authoritative name server for google.com using L.GTLD-SERVERS.NET.
- L.GTLD-SERVERS.NET points back to ns3.google.com (one of name server of domain google.com) and its IP address.
- ns3.google.com returns actual IP address of google.com i.e. 126.96.36.199
- 188.8.131.52 caches result and returns actual IP address of google.com i.e. 184.108.40.206 to operating system.