Front | Back |
Domain Name System (DNS)
|
The Domain Name System (DNS) is a hierarchical naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names
assigned to each of the participants. Most importantly, it translates
domain names meaningful to humans into the numerical (binary)
identifiers associated with networking equipment for the purpose of
locating and addressing these devices worldwide. An often used analogy
to explain the Domain Name System is that it serves as the "phone book" for the Internet by translating human-friendly computer hostnames into IP addresses. For example, translates to 192.0.32.10.
|
HOSTS file -- in the old days and still alive and well today
|
Contained a list of ip addresses for every computer on the internet, matched to the corresponding system names. it's just a text file that you can open with any text editor. HOSTS files still have their place in today's world. Lots of people place shortcut names in a HOSTS file to avoid typing long names in some TCP/IP applications. Yet even though HOSTS still has some use, for the most part we use the vastly more powerful DNS. A HOSTS file uses a flat name space basically just one big undivided list containing all names with no grouping whatsoever. In a flat name space, all names must be absolutely unique - no two machines can ever share the same name under any circumstances. A flat name space works fine on a small, isolated network, but not so well for a large org with many interconnected networks. To avoid naming conflicts, all its admins would need to keep track of all the names used throughout the entire corp network.
|
DNS root servers
|
A naming system sesigned to facilitate delegation. The top-dog DNS server is actually a bunch of powerful computers dispersed around the world and working as a team, known collectively as the DNS root servers or simply7 at the DNS root. The internet name of this computer team is "." -- "dot". DNS root has the complete definitive name resolution table, but most name resolution work is delegated to other DNS servers. Just below the DNS root in the hierarchy is a set of DNS servers called the top-level domain servers that handle what are known as the top level domain names. These are the famous COM, ORG, NET, EDU, GOV, MIL, AND INT.
|
DNS hierarchical name space
|
Is an imaginary tree structure of all possible names that could be used within a single system. Works in a manner extremely similar to how your computer's file system works. The DNS name space is a hierarchy of DNS domains and indiv computer names organized into a tree like structure that we call a tree. Each domain is like a folder - a domain is not a single computer, but rather a holding space into which you can add computer names. At the top of a DNS tree is the root. The root is the holding area to which all domains connect, just as the root dir in your file sys is the holding area for all your folders. Indiv computer names more commonly called host names in the DNS naming convention fit into domains. In the pc you can place files directly into the root dir. The DNS world also enables us to add computer names to the root, but with the exception of a few special computers. Ea domain can have subdomains just as the folders on your pc file sys can have subfolders. You separate ea domain from its subdomains with a period. Characters for DNS domain names and host names are limited to uppercase and lowercase letters A-Z a-z, 0-9, and the hyphen (-). No other characters may be used.
|
Fully Qualified Domain Name FQDN
|
A complete DNS name, including the host name and all of its domains in order is called a FQDN and it's written out with the root on the far right, followed by the names of the domains in order added to the left of the root, and the host name on the far left.
|
Authoritative DNS Server
|
This single DNS server has a list of all the host names on the domain and their corresponding IP addresses. Also called Start of Authority or SOA.
|
Name Servers NS
|
Equally, a single DNS domain may have a single authoritative DNS server but a number of other DNS servers, known simply as name servers (NS) that are subordinate to the authoritative DNS server but all support the same domain. The SOA is a name server as well. Every DNS server, whether it's the SOA or just and NS, knows the name and address of the SOA as well as every other NS server in the domain. It's the SOA's job to make sure that all the other name servers are updated for changes.
Note that a DNS server does not have to be a member of a domain to be a name server for that domain. |
Cache-only DNS servers
|
Cache-only DNS servers do not store any FQDNs and are only used to talk to other DNS servers to resolve ip addresses for dns clients.
|
Forward lookup zones
|
The ip addresses and fqdns for the computers in a domain are stored in special storage area called forward lookup zones. Forward lookup zones are the most important part of any dns server. Every DNS forward lookup zone will have one SOA and at least one NS record. Forward lookup zone will have some number of A records. But there are a number of other records you may or may not see in your standard DNS Server.
Two common types: Primary Zone are created on DNS srvr that will act as the SOA for that zone. Secondary Zone are created on other DNS servers to act as backups for the primary zone. It's standard practice to have at least two DNS servers for any forward lookup zone...one primary and one secondary. |
NS records
|
Are all of the dns servers for [totalhome] -- note that totalhome has 2 dns servers.
|
Canonical name (CNAME)
|
Record acts like an alias.
|
MX records
|
Used exclusively by SMTP servers to determine where to send mail.
|
A record
|
The A records in the folder are the ip addresses and names of all the systems on the x domain.
|
Reverse lookup zones
|
Enables a sys to determine an FQDN by knowing the ip address; that is, it does the exact reverse of what DNS normally does! Reverse lookup zones take a network ID, reverse it, and add the term in-addr-arpa to create the zone. A few low-level functions (like mail) and some security programs use reverse lookup zones, so DNS servers provide them. In most cases the DNS server will ask you if you want to make a reverse lookup zone when you make a new forward lookup zone. When in doubt, make one. If you don't need it, it won't cause any trouble.
|
Active Directory-integrated zone
|
Win 2000 Server and beyond Windows only type of forward lookup zone. DNS works beautifully for any tcp/ip app that needs an ip address of another pc, but it has one glaring weakness: you need to add A records to the DNS server manually. This can be a problem. Interestingly, it was a throwback to an old MS Win protocol that fixed this and a few other problems all at the same time. Even though tcp/ip was available, back in the 80s MS popularized another networking protocol called NetBIOS /NetBEUI. It was simplistic compared to tcp/ip. It had a very simple naming convention (netbios part) that used broadcasts. When a pc booted up it just told the world its name. Netbios / netbeui was suitable only for small networks. It provided no logical addressing like ip addresses; you just had to remember the netbios name and mac address. Netbios /Netbeui as almost exclusively used to share folders and printers. Instead of dumping Netbeui protocol kept it running on top of ip. In essence MS created its own name resolution protocol that had nothing to do with DNS! Technically NetBIOS no longer exists, but the overlying protocol that used it to share folders and printers is still very much alive.
|