DNS – Basics
The Domain Name System (DNS) is a hierarchical, distributed database that maps logical host names to IP addresses. With DNS, users reference computers using logical hostnames, and those hostnames are translated to IP addresses using DNS. A DNS server is responsible for performing this service on a TCP/IP network. You should know the following facts about DNS:
- A DNS server holds a database of hostnames and their corresponding IP addresses. Clients query the DNS server to get the IP address of a given host.
- Prior to using DNS servers, name resolution used a static file, called the HOSTS file, saved on each host computer. The HOSTS file is still used, but is typically only used in the absence of a DNS server.
The DNS hierarchy is made up of the following components:
o . (dot) domain (also called the root domain)
o Top Level Domains (TLDs) (.com, .edu, .gov)
o Second-level and additional domains
A fully qualified domain name (FQDN) includes the host name and the name of all domains back to root.
DNS is a distributed database because no one server holds all of the DNS information. Instead, multiple servers hold portions of the data.
o Each division of the database is held in a zone database file.
o Zones typically contain one or more domains, although additional servers might hold information for child domains.
o DNS servers hold zone files and process name resolution requests from client systems.
A forward lookup uses the host name (or the FQDN) to find the IP address. A reverse lookup uses the IP address to find the host name (or FQDN).
Entries for hostnames, IP addresses, and other information in the zone database are stored in records.
o The A record maps a host name to an IP address and is used for forward lookups.
o The PTR record maps an IP address to a host name and is used for reverse lookups.
o The CNAME record provides an alternate name (an alias) for a host.
o The SRV record identifies a service, such as an Active Directory domain controller.
Records in the DNS database are created manually, or dynamically using Dynamic DNS (DDNS). With DDNS, hosts automatically register and update their corresponding records
with the DNS server.
When a client computer needs to find the IP address for a host name, the following process is used:
- The client examines its HOSTS file for the IP address.
- If the IP address is not in the HOSTS file, it examines its local DNS cache for the IP address.
- If the IP address is not in the cache, the client sends the request to a DNS server.
When a DNS server receives a name resolution request from a client, the following process is used:
- The DNS server examines its local DNS cache for the IP address. Note: The DNS server cache is not the same as the client cache. A Windows 2008 server has a DNS client cache, but this cache is not used to respond to client requests.
- If the IP address is not in the server cache, it checks its HOSTS file.
- If the information is not in the HOSTS file, the server checks any zones for which it is authoritative. An authoritative server is a DNS server that has a full, complete copy of all the records for a particular zone.
- If the server does not host the zones for the requested information, it uses one of the following processes:
- If configured for forwarding, the DNS server forwards the name resolution request to another DNS server. The DNS server waits for a response from the other DNS server.
- If configured for recursion (also called referral), the DNS server queries root domain servers, top-level domain servers, and other DNS servers in an iterative manner until it finds the DNS server that hosts the target domain. For example, to resolve the host name http://www.habib.com
- The server queries a root server for the .com server.
- It then queries the .com server for the habib.com server.
- It then queries the habib.com DNS server for the www host information.
- After the information is found or received from another server, the DNS server returns the result to the client, and places the information in its server cache.
- A caching-only DNS server has no zone information; it is not authoritative for any domains. It uses information in its server cache, or forwarding or recursion, to respond to client queries