≡ Menu

How DNS Works

The DNS is the default name resolution service used in UNIX (configurable option) and Windows servers.

However, when the Internet was very small, hostname resolution was done using /etc/hosts file under UNIX. The hosts file is a computer file used by an operating system to map hostnames to IP addresses. MS-Windows also support the hosts file and usaully locate at %SystemRoot%\system32\drivers\etc\ directory.

However, these days Domain Name System is the default name resolution service used in all operating systems including mobile phones such as Apple iPhone. DNS is part of the operating system and all TCP/IP network connections are, by default, configured with the IP address of at least two DNS server to perform name resolution on the network. In this tutorial, we’ll take a look at the DNS system.

Resolving Name With DNS

DNS is used to map a domain name to an IP address. For e.g. when you type a domain such as dnsknowledge.com into your browser the client needs to find the IP address where this website is located. This is done using DNS servers. However, keep in mind that over last few years the Internet grew into the tens of thousands (there may be billions of IP address active with hostnames), a more flexible more scalable solution was required. The DNS makes is possible to manage millions of hostnames and IP address efficiently. The DNS has become the main name resolution used on the Internet today.

DNS Implementations

There have been various implementation of DNS over the years. UNIX systems typically use BIND (Berkeley Internet Name Domain) or djbdns. Microsoft Windows Server operating systems typically use a non-Active Directory, or standard, Domain Name System solution. However, various implemntations use the same protocols for exchanging DNS information over the Internet.

How does DNS works?

  1. You type a domain name such as google.com into your browser using client computer operating system such as Windows or Apple OS (“client”).
  2. The client needs to find the IP address where google.com search engine is located on the earth (typically all websites are hosted in the Internet data center).
  3. Your browser will send this query to the operating system.
  4. Each operating system is configured to query certain dns servers. Typically your ISP or network administrator configures such dns servers called Resolving Name Server.
  5. The resolving name server does not aware of the location of the google.com, but it does know where the root servers are located.
  6. Next, the resolving name server find the location of the top-level domain name server to send query for google.com. Each domain on the Internet has authoritative name server.
  7. Finally, the authoritative name server will give you exact IP address of google.com. This information will come back to to the resolving name server, which caches the information and send backs an answer (answer to your query what is IP address of google.com) to the browser to the correct place. The end result you will see google search engine home page.

You can easily verify above sequence using your ISP’s dns server. If you are using UNIX or Mac OS X, open the terminal and type the following command:
dig +trace @4.2.2.1 google.com
OR
dig +trace @your-isps.dns.server.ip google.com
Sample Outputs:

; <<>> DiG 9.5.0-P2 <<>> +trace @4.2.2.1 google.com
; (1 server found)
;; global options:  printcmd
.			3600000	IN	NS	G.ROOT-SERVERS.NET.
.			3600000	IN	NS	F.ROOT-SERVERS.NET.
.			3600000	IN	NS	J.ROOT-SERVERS.NET.
.			3600000	IN	NS	I.ROOT-SERVERS.NET.
.			3600000	IN	NS	E.ROOT-SERVERS.NET.
.			3600000	IN	NS	D.ROOT-SERVERS.NET.
.			3600000	IN	NS	M.ROOT-SERVERS.NET.
.			3600000	IN	NS	H.ROOT-SERVERS.NET.
.			3600000	IN	NS	B.ROOT-SERVERS.NET.
.			3600000	IN	NS	C.ROOT-SERVERS.NET.
.			3600000	IN	NS	A.ROOT-SERVERS.NET.
.			3600000	IN	NS	L.ROOT-SERVERS.NET.
.			3600000	IN	NS	K.ROOT-SERVERS.NET.
;; Received 228 bytes from 4.2.2.1#53(4.2.2.1) in 363 ms
com.			172800	IN	NS	C.GTLD-SERVERS.NET.
com.			172800	IN	NS	I.GTLD-SERVERS.NET.
com.			172800	IN	NS	F.GTLD-SERVERS.NET.
com.			172800	IN	NS	G.GTLD-SERVERS.NET.
com.			172800	IN	NS	E.GTLD-SERVERS.NET.
com.			172800	IN	NS	M.GTLD-SERVERS.NET.
com.			172800	IN	NS	A.GTLD-SERVERS.NET.
com.			172800	IN	NS	D.GTLD-SERVERS.NET.
com.			172800	IN	NS	J.GTLD-SERVERS.NET.
com.			172800	IN	NS	H.GTLD-SERVERS.NET.
com.			172800	IN	NS	K.GTLD-SERVERS.NET.
com.			172800	IN	NS	B.GTLD-SERVERS.NET.
com.			172800	IN	NS	L.GTLD-SERVERS.NET.
;; Received 488 bytes from 192.112.36.4#53(G.ROOT-SERVERS.NET) in 215 ms
google.com.		172800	IN	NS	ns1.google.com.
google.com.		172800	IN	NS	ns2.google.com.
google.com.		172800	IN	NS	ns3.google.com.
google.com.		172800	IN	NS	ns4.google.com.
;; Received 164 bytes from 192.41.162.30#53(L.GTLD-SERVERS.NET) in 439 ms
google.com.		300	IN	A	74.125.67.100
google.com.		300	IN	A	74.125.45.100
google.com.		300	IN	A	74.125.127.100
;; Received 76 bytes from 216.239.36.10#53(ns3.google.com) in 303 ms

In above example:

  • 4.2.2.1 is resolving name server.
  • 4.2.2.1 queries root servers such as G.ROOT-SERVERS.NET. and others as it doesn’t aware of google.com’s IP address.
  • G.ROOT-SERVERS.NET (one of root server) queries top level domain name server (.com server) to find out authoritative name server for google.com using L.GTLD-SERVERS.NET.
  • L.GTLD-SERVERS.NET points back to ns3.google.com (one of name server of domain google.com) and its IP address.
  • ns3.google.com returns actual IP address of google.com i.e. 74.125.67.100
  • 4.2.2.1 caches result and returns actual IP address of google.com i.e. 74.125.67.100 to operating system.
{ 5 comments… add one }
  • Vishal Gupta January 6, 2012, 4:17 am

    Hi,

    I am newbie to DNS world. I have one powerful physical server on which using VM Ware latest i am running One Windows Server 2008 R2, plan to have one more, so that i have two DNS server atleast.
    I have recently registered one domain also let’s suppose “myname.in” in registrar website i am having option to change NameServer for that Domain & option to register nameserver under that domain for example xyz.myname.in & so on.
    Last important thing i am having 2 usable Static public IP also which is provided by my ISP.
    What is my plan to host my own array of Web Server & SQL server etc., So in future if someone wants to host a website with me then i will register his domain & provide my own nameserver. So that if any request came for that website then my DNS will redirect it to my local Web server IP where it could get resolved.
    If you had any proper Guide or tutorial, link, advice please let me know, tons of thanks in advance, please show me light i have already spend number of hours for that, but at some point of time i got stuck.

    Regards
    Vishal Gupta

  • abebaw mamuye May 1, 2013, 6:11 am

    I would like to certify on CISCO

  • Rommon2015 February 10, 2015, 12:29 pm

    Good article, I will be bookmarking this for reference! I noticed that you indicated G.ROOT-SERVERS.NET and L.GTLD-SERVERS.NET would help query the domain google.com, although C.GTLD-SERVERS.NET and ns1.google.com were highlighted in the dig output. Do the highlighted servers only query the domain, or does G.ROOT-SERVERS.NET and L.GTLD-SERVERS.NET perform the query?

    Thanks!

  • akshay May 3, 2015, 1:00 pm

    it is very helpful for me
    but it should contain some more information about working and procedure

  • ronnie December 7, 2015, 9:43 am

    I need help with error003 on Roku to my wifi with Comcast

Seurity: Are you a robot or human?

Leave a Comment