Join Mike Meyers for an in-depth discussion in this video What is DNS?, part of CompTIA Network+ Exam Prep (N10-006) Part 4: Making TCP/IP Work.
- The great thing about using smartphones today is that when I actually want to contact somebody over the phone, I don't dial phone numbers anymore. I just go through my contact list, find the person I want to talk to, and give them a quick ring. In fact, contact lists have become so common on smartphones today that if I were to lose my contact list, I would have a lot of trouble because I don't remember anybody's cell phone numbers anymore and that could be a big issue. Okay, I've got a couple memorized, but for the most part I'd be in big trouble. You see, we're so used to using contact lists for phones we forget that I'm not actually calling Mike Myers' mobile, I'm actually calling a telephone number.
So for us, the whole idea of telephone numbers becomes obfuscated, it disappears into the haze because of contact lists. The exact same thing takes place in the computer world. Let's say I've got two computers, in this case it will be a web browser and this will be a web server. This web browser wants to talk to this web server, and the only thing associated with this web server is an IP address, so I could go into my little web browser and type in http: whack whack and then this guy's IP address and a web page will pull up, but that's a terrible way to do things because as human beings we're not really good at memorizing telephone numbers, I mean, IP addresses, so what we want to do instead is come up with a contact list system for every server on the internet.
Keep in mind the example I'm using right now is a web server, but this work equally well for an FTP server or a SSH server or a mail server or a world of tanks server, it really doesn't matter. If you have a server, there's an IP address associated with it and as human beings we're terrible at memorizing this so we need some kind of contact list. The contact list that I recommend to you is called the Domain Name System, or DNS. DNS is only one thing, it is a bazillions of computers all over the world whose only job is to, you ready, resolve IP addresses based off of fully qualified domain names.
A fully qualified domain name, we've seen them all. For example, www.totalsem.com or ftp.microsoft.com or system.fbi.gov. I mean, there's zillions of these computers out there and the DNS's job is to take these fully qualified domain names and then find out what the IP address for these individual devices are and then hand it to your computer so it can then work. Before I want to get into exactly how DNS works, let's take a moment and understand the structure of fully qualified domain names.
Let's start with one that's near and dear to me, www.totalsem.com. This is the web server for my company. If we take a look at this, and starting on your right, my left, you're going to see that there is a dot com. There are basically a number of fully qualified top level domain names, and you've seen these names, like .com, .edu, .gov, all of these have to be established if you want your computer to be part of the big internet DNS system.
That's your top level domain. If we go all the way to your left, you're going to have the individual host names. So for example in this example, I have www. WWW is the name of one individual computer within the totalsem.com domain. That's my web server. The reason we use www is really it's a matter of convention. People are used to going into their web browsers and typing www something when they want to get to a web server. I could just as easily call it timmy.totalsem.com, but I'm going to have a lot of trouble when people go up to their web browsers.
They're not going to type in timmy.totalsem.com, they're expecting www, so there's no magic to the word "www," it's just good etiquette. This may be for web browsers, but we do other things. For example, if I had an FTP server, we by convention use ftp.totalsem.com because people are expecting that for FTP servers. If this was a mail server, people would be expecting probably mail.totalsem.com because when people are configuring their web clients, they're expecting to type in something like that.
So the name of the host can be anything. There's a lot of flexibility here, but we do have conventions, so they're nothing more than etiquettes for a lot of the more common applications. So, we've got the host name and we've got the top level domain, let's talk about this guy in the middle, or our secondary domain. Underneath your top level domains are millions, and I mean millions, of these secondary domains, and there's all kinds of flexibility in here. For example, when you look at this entire fully qualified domain name, you'll see it has three pieces. The host, the secondary, and the top level domain.
There's nothing wrong with that, but keep in mind, you could have a lot more dots. If I wanted to, for example, I could have something like www.houston.texas .totalsem.com. You could have, I believe it's like 127 individual names, but the total length of a fully qualified domain name cannot be more than 256 characters. So you can have a lot of flexibility in here. However, keeping it simple for right now, for the most part, especially for things that are exposed to the internet, you're going to have these three pieces, the host, the secondary, and then the top level domain.
Okay, understanding that, we could actually begin to resolve ourselves on the internet. Let's take a look down here. What I have here is a web browser over here and a web server over here. The IP address for this web server is 220.127.116.11. If I want my web browser to be able to see this web server, I need to get that IP address to my web browser so that he could open up that web page. To do that, we use DNS.
The secret to DNS are the DNS servers. First of all, I'm going to put a DNS server over here. This DNS server is what we call "an authoritative server for the dell.com domain." There are a bunch of listings inside this DNS server, and here's one of them. So www.dell.com is this IP address. If we can get something to query this DNS server, it has the information we need and it's ready to give it to us.
Your computer itself never directly queries a DNS server. Instead what we do is, we have our own DNS server. Keep in mind that DNS servers do two things, they respond to DNS queries and they create DNS queries, and one DNS server can often do both. But in this case I'm separating the functions. First of all, this DNS server, it might be a DNS server that's in your network, if you're connecting to an ISP, like with a cable modem. This is probably controlled by your internet service provider. I don't care where this DNS server is physically.
The important thing is, built into your computer right here are DNS server settings, and if you type ipconfig/all on this computer, you'll see it's DNS settings. These settings are provided to your computer. You can type them in statically. You can get them through DHCP. However you get them, I guarantee you that your computer has some association with this DNS server. When your computer wants to know the IP address for a particular location, what it's going to do is, it sends out a query over to its DNS server, and it asks the question, "What is the IP address "for www.dell.com?" The first thing your DNS server's going to do, he'll put you on hold.
You get one of these "one moment pleases," and a lot of times you can actually see this. If you look at the bottom of a web browser, for example, you'll see it says things like, "waiting for www.dell.com." That's because you're actually waiting for this DNS resolution process to take place. Your computer has built into it the DNS settings for your local DNS server. However, your DNS server has built into it what are called, "the root hints." The root hints, I haven't even gotten them all written down here.
There's a bunch of them, and they're built into most DNS servers that are designed to resolve stuff, and there are a number, it's like 13 different IP addresses that pretty much never change, and these are what are called your "root DNS servers." Your root DNS servers are all over the world. Depending on how your DNS server is set up, it will either randomly or round-robin or whatever pick one of these and it will go to one of these IP addresses to what are these root servers.
We identified the root servers as just a little dot, so I put it in quotation marks there so you can actually see the dot. The root server's job is not to get you to dell.com, but instead what it's going to do is, it's going to respond back and say, "I can get you to the closest .com server." Then we have many, many hundreds of all these different type of DNS servers. These DNS servers, they're job is to be the main DNS servers for anything associated with .com or .edu or .gov or .mil or .org, whatever it might be.
Then your DNS server, once he has this information, he then goes to the .com servers and he says, "Okay, what's the IP address for dell.com?" Because we're talking to the .com server, his job is to know anybody with the last name .com, and he responds back with, "Okay, "here it is right here," and he sends that over to your DNS server, so now your DNS server has the IP address for this guy right here.
He can then go over to this guy and say, "What's the IP address for www.dell.com?" and he has the answer, and he'll go ahead and respond back to your DNS server with that information. Your DNS server in turn will hand that to your computer. The cool part is, once your computer has that IP address, of course, he can go ahead and talk to that DNS server now, and he's going to do that, but more than that happens. For example, stored in your computer is a DNS cache.
He will keep that IP address and know that it's associated with www.dell.com for a while in case you might need it again. Also, pretty much any DNS server also caches that. So if we were to bring another computer in line and that computer wanted to talk to www.dell.com, we wouldn't have to go through all this DNS resolution simply because he would be handling it right there. Just make sure that this recursive process can take place. Our main job, more than anything else, is making sure our individual computers have DNS server addresses that they can get to, and that's a big issue.
DNS servers go up and down all the time. So one of the fun things we can do with our individual computers is that we can set up really, really popular DNS server names. One of the most famous is the Google DNS server, 18.104.22.168, it is a super powerful DNS server and it works for just about anybody. You can type that into your individual computer and it's often faster than your own ISP's DNS server or anything else. Keep in mind that this is very cool, but if you have your own in-house DNS server and you try to replace it with that Google one, your DNS server might be helping you resolve for local computers within your network and that would be what we call a bad thing.
We are now a CompTIA Content Publishing Partner. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.