ITKnowledge Exchange member "xevier" had a question about how DNS really works and fellow techies jumped in on the conversation and helped out. Here is a portion of the conversation. Read the rest of the thread.
Want to join in on a similar conversation? Register for ITKnowledge Exchange and fill out your profile so you can ask specific sets of people your IT questions and also help out your fellow geeks.
ITKnowledge Exchange member "xevier" asked:
Can you tell me how DNS works? I know the theoretical aspects of it -- that it is a large database distributed on a number of servers and so on -- but I don't know how it is implemented. What software is used to implement it and how can I access it? I have heard of BIND; can anyone throw some light on that technology? What else is there besides BIND?
|
"BOBKBERG" WRITES:
The simplest answer is that there is a server (arbitrarily chosen by the appropriate admins), which is THE authority for example.com and its associated address range 168.192.in-addr.arpa (which covers all of 192.168.x.y). Note the reversing of the byte ordering for the address range. Other servers can get to know the data by one of two (or three) basic methods.
Assume that example.com is known by the TLD (Top Level Domain) name servers (.com in this case) as being the SOA (Start Of Authority) for example.com. If nobody has any data for example.com, then their query will go all the way up to the root name servers for the Internet.
So, let's imagine a query for www.example.com. Nobody's name server originally has the data for that value; it's just been created. But the root name servers DO know who's responsible for all information about example.com, so they query it. It comes back and says that the IP address for www.example.com is 192.168.1.1.
At that point, every name server along the original query route now gets that answer and caches it for some period of time (minutes, hours, days, it depends on how it was set up -- not important for the moment).
Now when the next query comes up for example.com, there are a number of name servers that have that data cached and can answer. There is the proviso that it's non-authoritative, which means that the answer to the query was retrieved using cached data. It's non-authoritative because during the lapsed time, the real answer COULD have changed. It probably didn't, but it could have.
So, if you're running example.com, and it's getting popular, you might want to have some other name servers keep copies of your data -- and keep it current.
Now you're getting into defining other servers as being authoritative for your domain, or zone. Bear in mind: A zone is an arbitrary division. It can be an entire domain or just a chunk of it. It's up to the administrators exactly how they have divided it.
If xyz.com agrees to become authoritative for example.com, it can do so (at example.com's request). Similarly, other servers (if allowed by example.com) can also carry copies of the entire zone (or domain, if it's set up that way). Now example.com is "populating" a number of servers.
Commonly, there are caching-only servers that simply keep copies of frequently queried values (www.google.com, www.yahoo.com, www.espn.com and so on) for fast reference, since most people don't need authoritative data.
I also recommend the book DNS and BIND by Paul Albitz and Cricket Liu. They go into much more detail than I want to type.
itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke
"DUDUSPACE" WRITES:
DNS is one of the backbone services without which the Internet would not work. I will try to give you what I consider to be a roadmap towards approaching the service.
You can start with any study material on Network+ (e.g., Sybex, Coriolis and so on) (any good book will definitely have a chapter covering the basics of DNS). You can from there learn more about Windows 2000 DNS (which comes with virtually all Windows Servers I know) by picking up any study material covering Windows network infrastructure implementation and administration. Any of these sources will definitely have one or more chapters on the Windows DNS service. I used Windows 2000, but you might want to consider Windows 2003 to be current.
There are other advanced study guides dealing with DNS as a topic. Any Linux +/RHCE study guide should also discuss BIND, though I have not really followed that route. Basically DNS is a name resolving service that transparently converts names like www.hotmail.com to IP addresses.
itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke
"DWIEBESICK " WRITES:
Try some of these training links:
If you are thinking of hosting or developing a DNS that is exposed to the public Internet, DON'T. You do not have the knowledge, experience and skills required. This information is for setting up a DNS for an internal (intranet) network.
itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke*itke
"DRMIKEC" WRITES:
There was good advice in the previous reply: If you don't know exactly what you're doing, you can get in over your head really quickly. Buy the O'Reilly book and study it. There really are no shortcuts.
There have been pointers in this thread for you on how to do DNS on Windows. If you're considering Linux, check out this link: DNS HOWTO, which describes implementing BIND (named), which is the defacto standard for the Internet.
