DNS Resolution
Process
Introduction
This
section will help you understand how the DNS queries
work on the Internet and your home network. There
are two ways to use the domain name system in order
to resolve a host or domain name to an IP Address
and we're going to look at them here. There is also
a detailed example later on this page to help you
understand it better.
Queries and Resolution
As
mentioned in the introduction section, there are two
ways for a client to use the domain name system to
get an answer.
One of
these involves the client contacting the name
servers (this is also called a
non Recursive query)
one at a time until it finds the authority server
that contains the information it requires, while the
other way is to ask the name server system to
perform the complete translation (this is also
called a Recursive query),
in which case the client will send the query and get
a response that contains the IP Address of the
domain it's looking for.
It's really exciting to see how DNS queries work.
While analysing with you the packets that are sent
and received from the DNS server, I'm going to show
you how the client chooses the method by which it
wants its query to be resolved, so you will truly
understand how these cool features work ! The
DNS Query/Response Message
Format pages contain all this packet analysis
information, so let's continue and prepare for it !
Our Example DNS Resolution
We will
now look at what happens when your workstation
requests a domain to be resolved. The example that
follows will show you the whole procedure step by
step, so make sure you take your time to read it and
understand it !
When
someone wants to visit the Cisco website
(www.cisco.com), they go to their web browser and
type "http://www.cisco.com"
or just "www.cisco.com"
and, after a few seconds, the website is displayed.
But what happens in the background after they type
the address and hit enter is pretty much unknown to
most users. That's what we are going to find out now
!
The
picture below shows us what would happen in the
above example: (for simplicity we are not
illustrating both Primary and Secondary DNS servers,
only the Primary)
Explanation :
1. You
open your web browser and enter
www.cisco.com in the
address field. At that point, the computer doesn't
know the IP address for
www.cisco.com, so it sends a DNS query to
your ISP's DNS server
(It's querying the ISP's DNS because this has been
set through the dial-up properties; if you're on a
permanent connection then it's set through your
network card's TCP/IP properties).
2. Your
ISP's DNS server
doesn't know the IP for
www.cisco.com, so it will ask one of the
ROOT DNS servers.
3. The
ROOT DNS server checks
its database and finds that the
Primary DNS for Cisco.com
is 198.133.219.25. It
replies to your ISP's server with that answer.
4. Your
ISP's DNS server now knows where to contact
Cisco's DNS server and
find out if www.cisco.com
exists and its IP. Your ISP's
DNS server sends a recursive query to
Cisco.com's DNS server
and asks for an IP address for
www.cisco.com.
5.
Cisco's DNS server
checks its database and finds an entry for "www.cisco.com".
This entry has an IP address of
198.133.219.25. In
other words, the webserver is running on the same
physical server as the DNS ! If it wasn't running on
the same server, then it would have a different IP.
(Just a note, you can actually make it look like
it's on the same physical server, but actually run
the web server on a different box. This is achieved
by using some neat tricks like port forwarding)
6. Your
ISP's DNS server now
knows the IP address for
www.cisco.com and sends the result to your
computer.
7. Your
computer now knows who it needs to contact to get to
the website. So it sends an http request directly to
Cisco's webserver and downloads the webpage.
I hope
you didn't find it too hard to follow. Remember that
this query is the most common type. The other type
of query (non recursive)
follows the same procedure, the difference is that
the client does all the running around trying to
find the authoritative DNS server for the desired
domain, I like to think of it as "self service" :)
|
