DNS Name Resolution
The designers of DNS wanted to avoid having to keep an up-to-date name resolution file on each computer. DNS instead places name resolution data on one or more special servers. The DNS servers provide name resolution services for the network (see Figure 11.2). If a computer on the network encounters a hostname where it is expecting an IP address, it sends a query to the server asking for the IP address associated with the hostname. If the DNS server has the address, it sends the address back to the requesting computer. The computer then invisibly substitutes the IP address for the hostname and executes the command. When a change occurs on the network (such as a new computer or a change to a hostname), the network administrator only has to change the DNS configuration once (on the DNS server). The new information will then be available to any computer that initiates a DNS query to the server. Also, the DNS server can be optimized for search speed and can support a larger database than would be possible with each computer searching separately through the cumbersome hosts file.
The DNS server shown in Figure 11.2 provides several advantages over hosts filename resolution. It offers a single DNS configuration point for a local network and provides more efficient use of network resources. However, the configuration shown in Figure 11.2 still does not solve the problem of providing decentralized management of a vast network infrastructure. Like the hosts file, the configuration in Figure 11.2 would not scale well to a huge network like the Internet. The name server in Figure 11.2 could not operate efficiently with a database that included a record for every host on the Internet. Even if it could, the logistics of maintaining an all-Internet database would be prohibitive. Whoever configured the server would have to know about every change to any Internet host anywhere in the world.
A better solution, reasoned the designers, was to let every office or institution configure a local name server to operate as shown in Figure 11.2 and then to provide a means for all the name servers to talk to each other (see Figure 11.3). In this scenario, when a DNS client sends a name resolution request to a name server, the name server does one of the following:
Figure 11.3. On large networks, DNS servers communicate with each other to provide name resolution services.
You might be wondering how the first name server knows which name server to contact when it begins the query process that will lead to the address.
Actually, this query process is closely associated with the design of the DNS namespace. Keep in mind that DNS is not working strictly with a hostname. As described earlier in this hour, DNS works with fully qualified domain names (FQDNs). An FQDN consists of both a hostname and a name specifying the domain.
The DNS namespace is a multitiered arrangement of domains (see Figure 11.4). A domain is a collection of computers under a single authority sharing a common portion of the namespace (that is, bearing the same domain name). At the top of the DNS tree is a single node known as root. Root is sometimes shown as a period (.), although the actual symbol for root is a null character. Beneath root is a group of domains known as top level domains (TLDs). Figure 11.4 shows some of the TLDs for the world's most famous DNS namespace: the Internet. Top level domains include the familiar .com, .org, and .edu domains, as well as domains for national governments, such as .us (United States), .uk (United Kingdom), .fr (France), and .jp (Japan).
By the Way
A new crop of top level domains was recently announced, including .biz, .coop, .info, and .museum.
Beneath each of these top level domains is another tier of domains that (in the case of the Internet) are operated by companies, institutions, or organizations. The institutional name is prefixed to the top level domain name. For instance, in Figure 11.5, DeSade College has the domain name DeSade.edu. The organization with authority over a domain can create one or more additional tiers of subdomains. At each level, the name of the local domain is prefixed to the parent domain name. For example, the department of recreational pyrotechnics at DeSade has the domain name flames.DeSade.edu (refer to Figure 11.5), and the department's popular lounge (which the students affectionately call "the dungeon") has the name dungeon.flames.DeSade.edu. In all, the DNS system supports up to 127 levels of domains, although a name of that length would evoke agony.
By the Way
If you've worked much with the Internet, you have probably noticed that extended domain names with several levels (such as the scenario shown in Figure 11.5) are relatively uncommon. Web sites, especially in the crowded .com TLD, are typically referenced as the institutional domain name with the www prefix: www.ibm.com. However, keep in mind that a Web site might be served from a single server or group of servers at a single location. Multitiered domain names are encountered more commonly by network admins accessing resources on a large corporate network that spans several locations. TLDs in the public sector (such .gov) tend to make more use of multitiered names.
The domain name shows the chain of domains from the top of the tree. The name server in the domain sams.com holds name resolution information for hosts located in sams.com. The authoritative name server for a domain can delegate name resolution for a subdomain to another server. For instance, the authoritative name server in sams.com can delegate authority for the subdomain edit.sams.com to another name server. The name resolution records for the subdomain edit.sams.com are then located on the name server that has been delegated authority for the subdomain. Authority for name resolution is thus delegated throughout the tree, and the administrators for a given domain can have control of name-to-address mappings for the hosts in that domain.
When a host on the network needs an IP address, it usually sends what is called a recursive query to a nearby name server. This query tells the name server, "either give me the IP address associated with this name or else tell me that you can't find it." If the name server cannot find the requested address among its own records, it initiates a process of querying other name servers to obtain the address. This process is shown in Figure 11.6. Name server A is using what is called an iterative query to find the address. An iterative query tells the next name server "either send me the IP address or give me a clue to where I might find it."
The process for DNS name resolution is as follows (refer to Figure 11.6):
This process occurs thousands (if not millions) of times a day on the Internet. This tidy scenario is complicated somewhat by some additional features of the modern network, including address caching, DHCP, and dynamic DNS. However, the functionality of most TCP/IP networks depends on this form of DNS name resolution.
It is also important to note that the network is not required to have a separate name server for each node on the domain tree. A single name server can handle multiple domains. It is also common for multiple name servers to serve a single domain.