Coaching

DNS Summary

March 15, 2018

The Domain Name System (DNS) is a hierarchical, distributed database that maps logical hostnames to IP addresses. With DNS, users reference computers using logical hostnames, and those hostnames are translated to IP addresses using DNS. A DNS server performs this service on a TCP/IP network. You should know the following facts about DNS:

  • A DNS server holds a database of hostnames and their corresponding IP addresses. Clients query the DNS server to get the IP address of a given host.
  • The DNS hierarchy is made up of the following components:
    • . (dot) domain (also called the root domain)
    • Top Level Domains (TLDs) (.com, .edu, .gov)
    • Second-level and additional domains
    • Hosts
  • A fully qualified domain name (FQDN) includes the hostname and the name of all domains back to root.
  • DNS is a distributed database; no one server holds all of the DNS information. Instead, multiple servers hold portions of the data.
    • Each division of the database is held in a zone database file.
    • Zones typically contain one or more domains, although additional servers might hold information for child domains.

Be familiar with the following DNS terms:

Term Definition
Forward lookup A forward lookup uses the hostname (or the FQDN) to find the IP address.
Reverse lookup A reverse lookup uses the IP address to find the host name (or FQDN).
Authoritative server An authoritative server is a DNS server that has a full, complete copy of all the records for a particular zone.
Referral Referral is the process by which DNS servers use one another to resolve requests from their specific clients. Because each DNS server is responsible for a small piece of the DNS namespace, the servers contact one another when they cannot resolve queries from their own clients. For example, a root DNS server refers DNS servers to .com, .edu, or .gov DNS servers.
Recursion Recursion is the process by which a DNS server or host uses root name servers and subsequent servers to perform name resolution. Most client computers do not perform recursion, rather, they submit a DNS request to the DNS server and wait for a complete response. Many DNS servers will perform recursion.
Iterative Iterative is the process by which a DNS server requests information from other DNS servers and maintains responsibility for resolution.
Delegation Delegation is the process by which a DNS server hands responsibility for the request to another DNS server.

You should be familiar with the DNS name resolution process that occurs on the client and on the server:

Location Process
Client The process for DNS name resolution on the client is:

  1. Entries in the Hosts file are preloaded into the cache.
    • The Hosts file is located in the c:\windows\system 32\drives\etc folder.
    • All changes to the Hosts file are made manually. To change the Hosts file, open the file in Notepad with elevated privilege and make the changes.
    • You should use the Hosts file only when you want to direct the DNS client to a host different than the host listed on the DNS server.
    • If you cannot remove an entry from DNS cache, check the Hosts file.
  2. The client examines its local DNS cache for the IP address. The cache holds in memory hostnames that the client has resolved in the past. Entries stay in memory only a short time so that hostnames in the cache are periodically re-resolved.
  3. If the IP address is not in the cache, the client sends the request to the DNS server.
Server The process for DNS name resolution on the server is:

  1. A DNS name resolution request is forwarded to a DNS server.
  2. The DNS server examines its local DNS cache for the IP address. To clear DNS server cache, use the DNScmd /clearcache command.

    The DNS server cache is not the same as the client cache. Windows 2008 Server and later has a DNS client cache, but this cache is not used to respond to client requests.

  3. If the name is not resolved using the local DNS cache and the DNS server is authoritative, the DNS server responds using information in the zone hosted on the server. If the DNS server is not authoritative, but is configured for forwarding or conditional forwarding, the DNS server forwards the request.
  4. If the DNS server cannot forward the request, or if forwarding fails, the DNS server uses its Root Hints file (also known as Cache.dns). The Root Hints file lists the known root DNS servers.

    www.Root-Servers.org lists the root servers and displays a map of where they are located.

  5. The root DNS server responds with the address of a com, edu, net, or other DNS server (depending on the request).
  6. The DNS server forwards the request to the high-level DNS server, which can respond with a variety of IP addresses.

Keep in mind the following facts regarding root hints and the root zone.

  • The root zone is at the top of the DNS hierarchy, and is named . (dot).
  • The root servers delegate portions of the DNS database to servers below them. Delegation continues downward until the IP address of the host is found.
  • If you have a root zone configured on a DNS server, the server will act as a root zone server.
  • A DNS server configured as a root zone server will never use the root hints. It considers itself authoritative. Consequently, the server won’t access the Internet to forward DNS queries.
  • If you want the DNS server to access the Internet, delete the root zone in the DNS console.
  • You can configure root hints through the properties of a DNS server.
Coaching
© Data Coincide, LLC 2010-2019