Skip to main content

networking - How do DNS servers work?


I know that a domain name is resolved by a DNS server to an IP address, which is then used to reach the requested server. I'm slightly embarrassed that I don't know some of the details of how this works.




  • In order for my computer to ask the DNS service to resolve a domain, the DNS server must be known by my computer. I never explicitly told my computer about any DNS servers, so how does it know which DNS server it should use? Is it the ISP that pushes this information to my computer somehow?




  • For that matter, where are these DNS servers located? Does my ISP have some DNS servers running somewhere which are used by all it's (the ISP's) customers?




  • The DNS server my computer uses must know all domains in order to be able to resolve them, how are it's records updated/maintained?




  • Is there some central entity/registry/... that feeds a DNS server changes that have occurred?




  • If I order a domain name somewhere, the seller has to establish a connection between an IP address and the domain name it sold to me. How are all DNS servers updated to know about this link? So in other words, what actions does the seller take to inform 'the internet' where this domain now points to?




I know this seems like a bunch of questions but I think they're just different aspects of the same story. Can somebody tell me how this all works together?



Answer



Your computer has a list of DNS servers that it can query for further information. On a unix or linux system, this is stored in /etc/resolv.conf. In Windows, it's configurable in your network settings. Often, your DNS server will be supplied by your DHCP server, possibly along with other settings like default domain, proxy servers, etc.


The location of the DNS server you use doesn't matter much. As long as your computer has an IP address and a working default route (i.e. you can ping the DNS server), you should be able to make DNS queries.


DNS servers don't have to know "all" domains. They only need to know who is "authoritative", which it learns from a set of "root" servers. Each DNS server has a list of "root" servers, and this list changes infrequently. On one of my DNS servers, there are 18 root servers configured, and this configuration came when I installed the DNS server two years ago, and if the list of root servers has changed since then, enough of them are accessible that I haven't noticed it.


My DNS server, when asked to resolve a domain it doesn't know, makes a query to a root server to find out what other DNS server is authoritative for the domain. The response it gets may contain additional "NS" records and be marked non-authoritative, in which case my DNS server knows that it has to "follow the chain" and make a new query to a new server. Eventually, it finds a DNS server that provides authoritative information, and queries can be made that are not just NS records. A (address) and MX (mail exchange) are of course the two most common.


Each TLD (top-level domain) like COM, NET, ORG, CA, UK, etc maintains its own registry of subdomains. (A "subdomain" is any domain within another domain, so "example.com" is a subdomain within "com", and "com" is even a subdomain within ".", the "root".) The rules for each registry apply only to the TLD it administers -- that is, there's a completely different set of criteria for each country-code TLD, and the "generic" TLDs are administered by different organizations with different policies. But they all maintain DNS servers for their TLD, which, from a command line, you can see using basic DNS query tools:


[ghoti@pc ~]$ host -t ns ca.
ca name server c.ca-servers.ca.
ca name server e.ca-servers.ca.
ca name server z.ca-servers.ca.
ca name server a.ca-servers.ca.
ca name server f.ca-servers.ca.
ca name server sns-pb.isc.org.
ca name server j.ca-servers.ca.
ca name server k.ca-servers.ca.
ca name server tld.isc-sns.net.
ca name server l.ca-servers.ca.
[ghoti@pc ~]$ host -t ns info
info name server c0.info.afilias-nst.info.
info name server d0.info.afilias-nst.org.
info name server b2.info.afilias-nst.org.
info name server b0.info.afilias-nst.org.
info name server a2.info.afilias-nst.info.
info name server a0.info.afilias-nst.info.
[ghoti@pc ~]$

When you buy a domain from a registrar (of which there are many), that registrar submits information about the domain to the registry (of which there is just one per TLD). It is the responsibility of each registry to maintain the list of registered domains within their TLD, and maintain the DNS servers that provide this info to other servers.


Comments

Popular Posts

Use Google instead of Bing with Windows 10 search

I want to use Google Chrome and Google search instead of Bing when I search in Windows 10. Google Chrome is launched when I click on web, but it's Bing search. (My default search engine on Google and Edge is http://www.google.com ) I haven't found how to configure that. Someone can help me ? Answer There is no way to change the default in Cortana itself but you can redirect it in Chrome. You said that it opens the results in the Chrome browser but it used Bing search right? There's a Chrome extension now that will redirect Bing to Google, DuckDuckGo, or Yahoo , whichever you prefer. More information on that in the second link.

linux - Using an index to make grep faster?

I find myself grepping the same codebase over and over. While it works great, each command takes about 10 seconds, so I am thinking about ways to make it faster. So can grep use some sort of index? I understand an index probably won't help for complicated regexps, but I use mostly very simple patters. Does an indexer exist for this case? EDIT: I know about ctags and the like, but I would like to do full-text search. Answer what about cscope , does this match your shoes? Allows searching code for: all references to a symbol global definitions functions called by a function functions calling a function text string regular expression pattern a file files including a file

How do I transmit a single hexadecimal value serial data in PuTTY using an Alt code?

I am trying to sent a specific hexadecimal value across a serial COM port using PuTTY. Specifically, I want to send the hex codes 9C, B6, FC, and 8B. I have looked up the Alt codes for these and they are 156, 182, 252, and 139 respectively. However, whenever I input the Alt codes, a preceding hex value of C2 is sent before 9C, B6, and 8B so the values that are sent are C2 9C, C2 B6, and C2 8B. The value for FC is changed to C3 FC. Why are these values being placed before the hex value and why is FC being changed altogether? To me, it seems like there is a problem internally converting the Alt code to hex. Is there a way to directly input hex values without using Alt codes in PuTTY? Answer What you're seeing is just ordinary text character set conversion. As far as PuTTY is concerned, you are typing (and reading) text , not raw binary data, therefore it has to convert the text to bytes in whatever configured character set before sending it over the wire. In other words, when y...

linux - CentOs 7.1 - Install Tomcat 8

I am using this tutorial as a setup reference to getting a Tomcat 8 running on CentOs 7.1 , but after typing: [root@localhost tomcat]# sudo systemctl start tomcat I get the error: Job for tomcat.service failed. See 'systemctl status tomcat.service' and 'journalctl -xn' for details. systemctl status tomcat.service prints the following: [root@localhost tomcat]# systemctl status tomcat.service tomcat.service - Apache Tomcat Web Application Container Loaded: loaded (/etc/systemd/system/tomcat.service; disabled) Active: failed (Result: exit-code) since Wed 2015-11-25 16:54:33 CET; 1min 19s ago Process: 45873 ExecStart=/opt/tomcat/bin/startup.sh (code=exited, status=203/EXEC) Nov 25 16:54:33 localhost.localdomain systemd[1]: Starting Apache Tomcat Web Application Container... Nov 25 16:54:33 localhost.localdomain systemd[1]: tomcat.service: control process exited, code=exited status=203 Nov 25 16:54:33 localhost.localdomain systemd[1]: Failed to start Apache Tomcat Web App...