Home | Articles | About | Contact | Forum |
Saturday, October 01, 2016



Lunarpages.com Web Hosting

Mailing List

E-mail:
By Joining the mailing list you will be notified of site updates.


Show Your Support For
This Site By Donating:











Audience: Self Learners - System Administrators
Last Updated: 3/21/2011 8:11:21 PM
Original Creation Date: 10/21/2006 12:21:46 PM
**All times are EST**





DNS - Resolving Domains to IP addresses

By Erik Rodriguez

This article provides an overview of DNS. If you have no idea how DNS works or what it is, you should keep reading. Also see RDNS - Reverse DNS Pointer Records.



What is DNS?

DNS is short for Domain Name System. DNS was created so we could use web address (domain names) instead of IP addresses. Remember that every device on the Internet has an IP address. For instance, skullbox.net has the IP address 74.52.121.151. DNS allows you to simply visit this site by using it's domain name. If DNS was not in place, every visitor would have to type http://74.52.121.151. Therefore, because DNS is in place, it does the work of associating the IP address with domain name making our lives much easier ;) Think of DNS like a phone book. You can look up a person or business and find a telephone number to contact them. DNS is nothing more than a directory services that must be queried to return results.

How Does DNS Work?

While the basic idea of DNS is fairly simple, the operation and design of the technology is very complex. Managing DNS records and mitigation in an enterprise network can be full time job. The diagram below illustrates how DNS works to associate domains names to IP addresses.



As you can see, the user requests a hostname (skullbox.net for example). That request is forwarded to the DNS servers of his/her ISP. DNS servers maintained by ISPs contain a cached table of DNS entries. These tables are refresed at a certain interval specified by the ISP. In the event you request a hostname that isn't in the local cache of the ISP's DNS server, the request is then forwared to the root DNS servers. The root DNS servers in turn replies with the requested hostname's IP addresss. This information is then relayed back through the ISP's DNS server and is cached for the next time it is requested. The root DNS servers are maintained by various governmental, educational, and research orgainzations around the world. These servers represent the top level of the internet, and without them, the internet would cease to function properly.

Local DNS

You can setup local DNS to run inside your LAN just as DNS runs globally. There are several ways to do this depending on the size of your LAN. The easiest way to do this on small networks is to edit the host file of each machine on your LAN. Remember that hosts added to these files will take prefrence over any "real" DNS requests. Here are to locations of these files:

Microsoft Windows:

C:\WINDOWS\system32\drivers\etc\hosts

Redhat Linux:

/etc/hosts

Here is my sample hosts file from my Windows workstation: (C:\WINDOWS\system32\drivers\etc\hosts)


# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

127.0.0.1		localhost
192.168.0.15	roswell.skullboxnetworks.net
192.168.0.55	neptune.skullboxnetworks.net
192.168.0.20	saturn.skullboxnetworks.net
192.168.0.200	thorin.skullboxnetworks.net
192.168.0.210	mars.skullboxnetworks.net
192.168.0.1	router.skullboxnetworks.net
192.168.0.100	moon.skullboxnetworks.net
192.168.0.90	jupiter.skullboxnetworks.net

A sample file from a Redhat Linux server on the same LAN: (/etc/hosts)

192.168.0.1     router.skullboxnetworks.net     router
192.168.0.200   thorin.skullboxnetworks.net     thorin
192.168.0.100   moon.skullboxnetworks.net       moon
192.168.0.15    roswell.skullboxnetworks.net    roswell
192.168.0.20    saturn.skullboxnetworks.net     saturn
192.168.0.55    neptune.skullboxnetworks.net    neptune
127.0.0.1       mars.skullboxnetworks.net       localhost mars



You will notice the syntax between the two is a little different, but for the most part the same.

Global DNS

From a shell, you can use a few different commands to reveal DNS information about the various hosts and domain located within these files. For example, from a shell, you can use the dig command to query DNS information about a host or domain. Let's query the TLD, skullbox.net: (Items marked in green represent user entered commands)


[weaponx@roswell weaponx]$ dig skullbox.net

; <<>> DiG 9.2.4 <<>> skullbox.net
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57191
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;skullbox.net.                  IN      A

;; ANSWER SECTION:
skullbox.net.           14400   IN      A       74.52.121.151

;; AUTHORITY SECTION:
skullbox.net.           36001   IN      NS      ns2.orlandotechworks.net.
skullbox.net.           36001   IN      NS      ns1.orlandotechworks.net.

;; ADDITIONAL SECTION:
ns1.orlandotechworks.net. 46051 IN      A       74.52.23.163
ns2.orlandotechworks.net. 20853 IN      A       74.52.23.164

;; Query time: 62 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Sat Oct 21 12:13:31 2006
;; MSG SIZE  rcvd: 131

[weaponx@roswell weaponx]$


As you can see, 74.52.121.151 is the A record for skullbox.net's hostname. Meaning, if you resolve skullbox.net to an IP address, 74.52.121.151 is what you will end up with. The authoritive section shows the name servers used by skullbox.net. As you can see skullbox.net is pointed to Orlando Tech Works' name servers. The IP's for those name servers are listed in the additional section.

Putting It All Together

Remember the diagram above? If we trace our steps, it would go form the web user (say me) --> ISP DNS servers --> Root DNS Servers --> Orlandotechworks Name Servers --> Skullbox.Net Web Server. The concept of DNS is fairly easy. However, it can get hairy in large networks with multiple DNS servers. Remember that without DNS, the internet would be MUCH different. You may also want to see the reverse side of this: RDNS - Reverse DNS Pointer Records.

TCP vs. UDP
Juniper SRX anti-spam filtering config
Windows Server 2008 Clustering Configuration
Windows 2008 R2 Network Load Balancing (NLB)
Extreme Networks: Downloading new software image
Juniper SRX save config to USB drive
Juniper SRX logout sessions
Extreme Networks Syslog Configuration
Command line drive mapping
Neoscale vs. Decru
Data Security vs. Data Protection
Juniper SRX Cluster Configuration
HOWTO - Create VLAN on Extreme Switch
Using a Non-local Colocation Facility
Linux Server Administration
IT Chop Shops
Flow Viewers: SFLOW, NetFLOW, and JFLOW
Exchange 2007 Back Pressure
IPtables open port for specific IP
Politics in IT Departments
HOWTO - Block Dropbox
Cisco IOS Cheat Sheet
Subnet Cheat Sheet
Design a DMZ Network
How DNS works
Firewall Configuration
Juniper SSG Firewalls
Server Management
Configuring VLANs
Runlevels in Linux
Server Clustering
SONET Networks
The Red Hat Network
Server Colocation
Complicated Linux Servers
Dark Fiber
Data Center Network Design
Firewall Types
Colocation Bandwidth




Copyright © 2002-2016 Skullbox.Net All Rights Reserved.
A division of Orlando Tech Works, LLC
By using this site you agree to its Terms and Conditions.
Contact Erik Rodriguez