Domain Name Resolution Introduction

DNS RESOLUTION INTRODUCTION

DNS (Domain Name Service) is the process of resolving domain names, such as www.datayardworks.com to it’s IP address, An IP address is the numeric value that a computer connected to a network is assigned, which allows it to communicate with other systems, similar to a telephone number. DNS works as the “phone book” for the Internet by translating hostnames into IP addresses. Without DNS resolution, accessing content on the network would be much more difficult and require us to remember the IP address for many different systems and websites across a network.

What information can be obtained from a DNS lookup?

You can find name server information by running a ‘dig www.domain.tld’ command from a Linux terminal or using a browser based zone lookup.

; <<>> DiG 9.2.4 <<>> www.datayardworks.com

;; global options:  printcmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5193

;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:

;www.datayardworks.com.         IN      A

;; ANSWER SECTION:

www.datayardworks.com.  86400   IN      A       64.56.96.222

;; AUTHORITY SECTION:

datayardworks.com.      18320   IN      NS      dns2.donet.com.

datayardworks.com.      18320   IN      NS      dns1.donet.com.

;; ADDITIONAL SECTION:

dns1.donet.com.         3203    IN      A       64.56.119.67

dns2.donet.com.         668     IN      A       64.56.96.6

;; Query time: 1 msec

;; SERVER: 64.56.96.117#53(64.56.96.117)

;; WHEN: Tue Mar 25 12:55:38 2014

;; MSG SIZE  rcvd: 131

There are several record types associated with a domain. Some of the most common record types are A, MX, CNAME and TXT records. The majority of DNS records are A or MX records. These records are vital to successful domain name resolution as they each serve a different purpose but point the domain to its corresponding IP addresses.

ADDRESS Records (A) – Address records allow for you to point different sections of your domain to different IP addresses or servers. For example, this would be useful for having “www.datayarworks.com” point to your web server’s IP address and “mail.datayardworks.com” point to your mail server’s IP address. Each record includes a “Host Name” value, a corresponding IP Address and TTL (time to live) value which tells the system how long to cache the records before updating. You can find out the IP address that a domain name points to by running ‘nslookup www.domain.tld’ in command prompt.

Mail Exchanger (MX) – An important part of the email system are your domain’s “MX” records. MX records tell the world what server to send mail to for a particular domain name. These records include a “Host Name” value, a corresponding IP address and a TTL value. You can set priority on MX records to allow a server to serve as a backup in the case that your primary mail server is not responding.

Canonical name (CNAME) – These are usually referred to as alias records since they map an alias to its canonical name. When a name server looks up a name and finds a CNAME record, it replaces the name with the canonical name and looks up the new name. This allows you to point multiple DNS records to one IP without specifically assigning an A record to each host name. If your IP was ever to change you would only have to change one A record rather than many A records.

DNS queries are answered in a number of different ways. A client can answer a query locally using cached information obtained from a previous query. If the local system does not have cached information it may use an iterative query to find the needed information. An iterative name query is one in which a DNS client allows the server to return the best answer it can give based on its cache or zone data. If the queried DNS server does not have an exact match for the queried name, the best possible information it can return is a referral, which is a reference for another DNS server to check. The DNS client can then query the DNS server for which it obtained a referral. It continues this back and forth process until it locates a DNS server that is authoritative for the queried name, or a time out occurs. An authoritative name server provides actual answer to your DNS queries, this will come from the DNS server that hosts the records for the domain. You can find out the authoritative name servers for a domain by doing a WHOIS lookup on the domain, you can find out more information on WHOIS at http://whois.net/. A DNS server can also query or contact other DNS servers on behalf of the client to fully resolve the name, then send an answer back to the client. This process is known as recursion.

Domain Lookup Process

1. The web browser will check local cache on your computer to try and resolve the domain name. If it can get an answer directly, it proceeds no further. You can also override this lookup process by making changes to the hosts file on your local computer, this will allow your PC to override outside DNS information and look for the hostname at an IP address that you’ve specified.
2. If an answer cannot be obtained from your local cache your system will reach out to your ISP’s recursive DNS servers. You can find out your primary DNS servers by running ‘ipconfig /all’ from the command line and look for the IP address listed next to DNS servers.
3. These name servers will first search their own cache to see if this domain has been resolved recently or if the server is authoritative for the domain, if so it will return those results.
4. If this system does not have any cached information it will strip out the TLD (Top Level Domain) and will query a root name server, to find out what name server is responsible for that TLD. Once this information is obtained it will query authoritative server for that TLD for the IP for the domain you are trying to resolve.
5. The authoritative name server will tell you the absolute records for a domain name. It does not provide cached answers that were obtained from another name server, it does not query other servers it only returns answers to queries about domain names that are configured locally.
6. The authoritative name servers will respond with the IP address of the domain name you’ve looked up and will return this information to your system.

Breaking down a domain name

When a domain name needs to be resolved the DNS servers will first break the domain name down into pieces and start at the top level domain and follow a path to finding the authoritative name servers for the domain name that you are trying to resolve.

As you can see, the Domain Name System is essential in the use of the Internet. Without this complex system of servers working together you would not be able to simply type in names for websites, but would have to remember the numerical IP Addresses in order to get anywhere on the Internet.