DNS (Domain Name System) is one of the most important technologies/services on the internet, as without it the Internet would be very difficult to use.
DNS provides a name to number (IP address) mapping or translation, allowing internet users to use, easy to remember names, and not numbers to access resources on a network and the Internet.
In this tutorial we will cover the basics of DNS starting with why it was developed, what problems it was designed to solve.
DNS Basics – Understanding Why we Need it
All devices (computers etc) that are connected to the Internet, your own network, or company network are identified by an IP address; which is a number.
IP addresses are easy for computers to process but they are not so easy for people to remember.
To make it easy for people to remember names (host names) are used to identify individual computers on a network.
On early computer networks a simple text file called a hosts file was created that mapped host names to IP addresses.
This enabled people to refer to other computers by the name, and their computer translated that name to an IP address when it needed to communicate with it.
Here is the host file taken from my PC. It comes with all Windows machines
The location for the hosts file is normally C\windows\system32\drivers\etc
As network sizes increased the hosts file approach became impractical due to the fact that:
- It needed to be stored on each computer
- The text file could take a along time to process due to the fact that it was unstructured.
- Updates were difficult to manage as all of the computers would need to be given an updated file.
To overcome these (and other) limitations the DNS system was developed.
The DNS system essentially provides for:
- A way to organize the names- Domain name structure
- Protocols ,services and methods for storing,updating, and retrieving IP addresses for hosts computers.- DNS System
From the perspective of an end user you can consider the DNS system as a structured hosts file.
Domain Name Structure
The hosts file is simply a list of names and IP addresses with no structure making it difficult to scale to a large number of machines.
The solution is to place the machines into administrative areas known as domains, and arrange the domains in a hierarchy.
This takes the form of a tree like structure that resembles the file system structure found on computers. See Understanding The Domain Name Structure
The DNS system consists of many Domain Name servers that together provide the name to IP address mapping for registered devices (usually servers) on the Internet.
The main DNS severs (root servers) are owned and managed by a variety of different organizations, and are located mainly in the USA.
Here is a list http://www.iana.org/domains/root/servers.
Other companies including ISPs have their own DNS servers which are linked to the root servers in a hierarchical fashion providing a distributed system.
The following video explain both the host file and its problems, and the basics of how DNS works.
Fortunately you don’t need to manage a DNS server or create DNS records to use the Internet.
However you need to have access to a DNS server.
To access a DNS server you will need the IP address of the DNS server.
This is usually supplied to you by your ISP (Internet Service Provider).
Most client computers/devices will be configured to obtain an IP and a DNS server address automatically. (see below)
You can Check what IP address and what DNS address you have been assigned by typing ipconfig/all at the command line.
If DNS isn’t working properly then you will be unable to connect to other computers on the Internet using their name, but you can still connect using their IP address if you know it.
DNS Services- Open DNS and Google DNS
Most Home users will use the DNS severs provided by their ISP via their home router.
However you can use alternative DNS servers like OpenDNS and Google Public DNS.
This does mean that you will need to manually add these server addresses to your DNS settings.
Why Use Alternative DNS Services?
The standard DNS server doesn’t provide any form of protection from malicious sites.
Because DNS is the gateway to the Internet there are many companies that provide security related services based on the public DNS service.
They do this by filtering DNS requests. Most will detect phishing and spam sites, and many will provide protection from adult related sites.
Most security internet product suites will use some form of filtered DNS.
Open DNS was one of the first companies to do this and they offer family protection for free.
DNS server addresses are: 220.127.116.11 and 18.104.22.168
Google also provide a public DNS service. This doesn’t provide filtering, but may provide a faster DNS service than your ISP.
If your ISP blocks access to an address for some reason using an alternative DNS server like Google Public DNS may avoid the ISP blocks.
IP addresses are : 22.214.171.124 and 126.96.36.199
Basic DNS Concepts
There are many terms that you will see when reading about DNS.
Terms like zones, zone files, caching server etc.
This video is a good introduction to understanding those basic terms.
DNS Name Resolution
To resolve a host name to an IP address using DNS you will need to have s DNS client on your machine, and the client must know the IP address of a DNS server.
The DNS client queries it’s DNS server which then follows through a process to get an answer- See DNS lookups explained.
Host Name Resolution
DNS and Host are two name resolution methods but they are not the only ones.
A Windows client will use DNS,Hosts and other methods to resolve a host name or computer name to an IP address. See Understanding Host name resolution methods.
Internal IP addresses are normally are non static as they are usually assigned by a DHCP server.
In large corporate networks that use their own internal DNS and DHCP servers a need to keep the DNS servers up to date was required.
DDNS (Dynamic DNS updates) was introduced to solve this problem- Wiki
The basic procedure is:
- The Machine gets IP address from DHCP
- The Machine or the DHCP server contacts the DNS server and updates the DNS record with the IP address and DNS name.
Home and small business networks don’t use their own DNS servers because they don’t have so many servers/machines,and they don’t really need DDNS either because all their machines are in the same broadcast domain.
Because they are in the same broadcast domain windows networking will resolve the names and IP addresses, even if the IP addresses change.
However small business/home network may need DDNS if they want to provide access to internal resources from across the internet. See Dynamic DNS and Services Guide
If you have problems connecting to resources on the Internet then DNS is one of the first things to check.
The main troubleshooting tool is nslookup and it is available on all of the main operating systems. See using nslookup .
The DNS system provides a domain name to IP address mapping for devices connected to the Internet, and it is crucial to the working of the Internet.
Usually you don’t need to worry about it as your are automatically assigned the address of the DNS server by your ISP and Home router.
If you are concerned about security then consider using a filtered DNS service like Open DNS.
Related Tutorials and Resources: