Down the Page

Introduction How DNS Works History How It Works Resolving Names to IP Addresses Multiple DNS Names for the Same IP Address Resource Records Most Commonly Used Resource Records Types of DNS Servers Choose the Appropriate Type of DNS Server Troubleshoot and Test DNS Services Summary References

Networks and Workstations Links

Domain Name System (DNS) Internet Connection Support Network Design and Planning Network Installation and Configuration Troubleshooting Utilities Workstations Return to: Networks and Workstations Home Tech Support Home

Domain Name System (DNS) Overview

Introduction

This discussion focuses on a general overview of Domain Name System (DNS). The reader is expected to have beginner's understanding of basic network administration tasks. This document should familiarize the reader with the role DNS plays on the Internet, how DNS works, and what it can provide for network administrators.

The Internet uses Internet Protocol (IP) packets for communication. These packets use a numeric address to deliver data between two hosts. IP is a standard addressing schema for computers on the Internet. It uses a 32-bit dotted decimal notation in the form of (0-255).(0-255).(0-255).(0-255), for example, 12.144.5.245. Most people cannot remember Internet addresses in numeric notation but can remember a common name format. It is much easier to use an Internet address like www.more.net, than an Internet address number like 198.209.253.70. DNS resolves a common Internet name to the Internet address. We will look at the DNS protocol and benefits from implementing this service into your network management strategy.

How DNS Works

DNS is referenced in RFCs (Requests For Comments) 1034,1035,1101 and 1183. RFCs are freely distributed technical documents used to introduce new technology or make changes to existing technological implementation. They are intended for implementers and usually are very technical. RFC 1183, for example, discusses the next generation of IP addressing, commonly referred to as IP version VI.

DNS consists of a server and client component. The term client refers to a host requesting information from another host or server that provides information. A server is a host that is running an application or service that provides information to requesting clients. The server contains a database that consists of a name and a corresponding IP address. These records are used to keep track of the different names assigned to an IP address. They are used during the process of name to number translation. This database is referred to as the Hosts table or hosts file. The client side of this component is called the resolver; it sends requests to the server for a name to number translation.

The Hosts file contains data for translating names to IP addresses in the form of records called resource records. There are accepted standard resource records and some extra-added options that further evolve the assigning and resolution of names to an IP address. Popular standards, different types of DNS servers, and which type you may want to implement on your network will be discussed. Most Network Operating Systems (NOS) support and provide a DNS server component, including UNIX, Novell, IBM, Apple and Microsoft.

Back to top

History

The first implementation of DNS server software was Jeeves, written by Paul Mockapetris. Kevin Dunlap later wrote an implementation for Berkeley University in California called BIND (Berkeley Internet Domain). BIND is the most widely used implementation of DNS.

DNS began to make remembering long IP addresses easier. Tying a common name to an IP address was a lot easier than remembering a numeric address, and so the hosts.txt file was born. The hosts.txt file (later changed to hosts file) contains an IP address and an associated name for that numerical address. This is the crudest form of how DNS works. When you request a site on the Internet using a common name in the form of hostname.subdomain.toplevel domain (for example, argus.more.net), your computer looks locally in its hosts file for IP address resolution. In the beginning ARPAnet (a U.S.-funded project that started the Internet) e-mailed Domain name changes and requests to one central point for administration of registering names: Stanford Research Institute's Network Information Center (dubbed the Inter-NIC). Once or twice a week network administrators would download the updated hosts.txt file for their network DNS servers.

As the Internet blossomed, managing the size of the hosts.txt file and the over saturating bandwidth from updates and DNS queries became too much for one organization to handle. Paul Mockapetris of USC Information Sciences Institute designed a new distributed database that would solve the problems and allow decentralized administration and a hierarchical design to simplify management, reduce bandwidth bottlenecks and reduce duplicate names issues. This distribution structure resembles a tree (See Figure 1.0).

Figure 1. DNS Topology

Different organizations were assigned authoritative control of a top-level domain like "com" or "edu" (commercial or educational organizations) to split up the work. Seven top-level domains were delegated to administer each organizational unit's domain and the domains under it. The Internet now is worldwide and the number of top-level domains has grown beyond the original seven, so some Internet names may end in two character codes or country codes (for example, www.wallusoft.co.uk for commercial and United Kingdom).

Back to top

How It Works

To enter your favorite site, say www.more.net/support, open a Web browser, click enter the browser goes to work to find the requested page. All requests on the Internet require an IP address, so your browser must use an IP address to contact the site www.more.net. The browser strips the /support directory of the domain name www.more.net and sends the www.more.net off to a DNS server to get an IP address for the site (see figure 3).

Figure 3. DNS Resolver Diagram

Resolving Names to IP Addresses

1. Web address entered in to your Web browser from workstation (resolver)-www.more.net/support

2. DNS client (resolver) needs an IP address for this name and sends a request to its designated DNS server for a translation for the address www.more.net

3. DNS server receives the resolver's request and searches its database for a resource record for www.more.net, it finds 198.209.253.70.

• If DNS server fails resolution, it makes a request to its parent server asking for name resolution. This is request is sent to the next parent until it reaches the authoritative server for the requested domain, or the closest authoritative DNS server up the tree hierarchy. This hierarchical search continues until the originating DNS server receives an answer or Time to Live (TTL, a time limit set for an IP host requesting a response from another host) is reached. If TTL expires, the DNS server returns an error code to the requesting client and your browser issues a message similar to "connection could not be established."

• A successful resolution returns the IP information to the requesting client browser.

4. Once the DNS server receives resolution for the address www.more.net, it passes the information back to the requesting client (resolver): 198.209.253.70.

5. After the browser client receives an IP address resolution, it sends a request to the 198.209.253.70 address requesting a Web page for the directory /support.

6. The Web server (198.209.253.70) returns the Web page located at /support to the requesting Web browser client.

The more.net portion of the above address represents a domain name that must be unique to the Internet and controlled by one group or organization. The organization may add unique names to its domain name to remember computer addresses more easily (for example, argus.more.net or consulting.more.net, 150.199.1.11 and 207.160.134.189 respectively). Every time a name is used on the Internet to distinguish or contact a host computer (server), the name must be resolved to an IP address to work over the Internet. DNS performs this resolution task. The same name resolution request occurs every time you make a request for an Internet site.

Back to top

Multiple DNS Names for the Same IP Address

Different names can be assigned for the same IP address. This makes it simple for administrators who want to run multiple Internet services like FTP and HTTP on a server and easy for people to remember the address of each service. For example, http://www.more.net and ftp://ftp.more.net both resolve to the same IP address, 198.209.253.70. Its hostname or Internet name is vortex.more.net, yet an additional name or record is assigned to the FTP server. This information for name to number resolution is stored in a record called a resource record. If a network administrator wants to move the FTP server off the server at 198.209.253.70 (vortex.more.net) to a new server at 198.209.253.31 (download.more.net), the resource records that contain the IP address and DNS name translation information are changed to have ftp.more.net point to 198.209.253.31.

Resource Records

In the example above one IP address had two different names with information for the name to number translation stored in a resource record. Now look at some examples of querying for DNS names.

Use the application tool WS-PING for Windows to provide DNS name queries or lookups. Enter the addresses in the query box, put a check in the Verbose check box, and select the LOOKUP button for each of the following: 198.209.253.70, www.more.net, and ftp.more.net.

The results show:

1. 198.209.253.70 has an Official name of vortex.more.net known as an A-Name record or IP Address name.

2. www.more.net has an Official name of vortex.more.net and shows an alias of www.more.net. The Canonical name for vortex.more.net is known as a C-Name record or alias hosts name.

3. ftp.more.net also has an Official name of vortex.more.net but this time shows an alias of ftp.more.net. This also is a C-Name record.

Most Commonly Used Resource Records

Back to top

Types of DNS Servers

There are two common types of DNS servers: the Authoritative DNS Name Server and The Non-Authoritative DNS Name Caching Server. Either type can be implemented, depending on the size and topology of your network, and the services required for maintaining DNS names.

An Authoritative DNS server is the authoritative source for all DNS requests made for a designated zone or domain. Authoritative servers can be a Primary or Secondary (slave) name server. The secondary server serves as a fault tolerance backup for the primary authoritative DNS server. It carries a copy of the primary server's DNS database. The secondary DNS server can respond to other authoritative requests with an authoritative response which allows for load balancing between the Primary and Secondary and provides system fault tolerance in case of critical failure. Authoritative servers also do caching of information learned during queries and responses. (Caching is where a client host requests information from a server that the server may not have. The server goes out and retrieves this information for the client and holds it in a temporary file called a cache, in case another host requests the same information.) This data has a Time To Live (TTL) period to keep data from getting outdated. This type of server becomes part of the tree seen in Figure 1.0, so it becomes a mission critical box for your domain if you choose to run one.

A Non-Authoritative or Caching Only DNS server is not the delegated server for its existing zone or domain. It cannot respond to requests in an authoritative manor such as authoritative queries from other authoritative servers. It is the easiest to set up, requires no dependence on other authoritative servers, and can save time and bandwidth with little effort. The nonauthoritative server first requests the data from an authoritative server and caches it for a period of time (standard=24 hours). An administrator can set the TTL, but too long may result in with stale data.

Choose the Appropriate Type of DNS Server

If you are a big organization like a university, college, large school district or if you are responsible for multiple domains and your service provider only supplies administration for one, you may want to consider running an authoritative DNS server. Remember, you will need to study up on all the resource records and formats not covered here and be prepared to spend some time administering your own domain names. There are several good resources for running your own authoritative DNS server. DNS & BIND by Paul Albitz and Cricket Liu is good for learning more about DNS and how to run an authoritative server.

If you do not have the time and resources to proceed, try running a non-authoritative or DNS caching only server instead. It is relatively easy to set up and administer. Check product documentation for instructions or refer to the reference section at the end of this document for helpful links.

Troubleshoot and Test DNS Services

Several tools are available to troubleshoot and query DNS servers: WSPing and Netlab for Windows, and nslookup (provided in the BIND version) and dig for UNIX. Dig is similar to nslookup, with the same functionality but a little different interface.

Commands used in nslookup for querying a DNS server on a UNIX server

Back to top

Summary

DNS servers are an integral part of the Internet. They allow us to assign a common name and/or multiple names to IP addresses and distribute those changes easily throughout the Internet. They improve administrative time in maintaining hostname files and hostname addresses. Authoritative DNS servers are system critical devices that require more effort and responsibility to implement then a non-authoritative caching only server. A local DNS server can reduce your network traffic by keeping DNS requests local to your network.

References

Department of Defense Network Information Center Services.
http://nic.ddn.mil/DNS/faqansw.html#domain

Webopedia definition
http://webopedia.internet.com/TERM/D/DNS.html

http://www.uar.navy.mil/faqstuff.html

http://dns.softaware.com/faq/s1q1.html

Albitz, Paul & Cricket Liu. DNS and BIND, O'Reily, September 1998.

Karanjit, Siyan. "Novell Guide to Creating Intranet Ware Intranets," 1997, Novell Inc.

RFC 1034 Domain Names - Concepts and Facilities

RFC 1035 Domain Names - Implementation and Specification

RFC 1101 DNS Encoding of Network Names and Other Types

RFC 1183 New DNS RR Definitions

Web Sites for RFCs:

• http://ds.internic.net/ds/dspg1intdoc.html
• Computer and Information Science, The Ohio State University. "Internet Requests for Comments (RFC)." Oct 25, 1999.
  http://www.cis.ohio-state.edu/hypertext/information/rfc.html

Other Useful Sites

List of current root-level DNS servers
ftp://ftp.rs.internic.net/domain/named.root

Bind 8 /configuration file guide
http://www.isc.org/bind8/config.html

BIND for UNIX
http://www.isc.org/ (source code)

Set up a DNS server
http://www.freebsd.org/ (Search on: setup DNS)
http://www.linux.org/ (Search on: DNS how to)

Back to top