Networking Basics: Part 3 – DNS Servers

This article continues the Networking for Beginners series by talking about how DNS servers work.

In the last part of this article series, I talked about how all of the computers on a network segment share a common IP address range. I also explained that when a computer needs to access information from a computer on another network or network segment, it’s a router’s job to move the necessary packets of data from the local network to another network (such as the Internet).

If you read that article, you probably noticed that in one of my examples, I made a reference to the IP address that’s associated with my Web site. To be able to access a Web site, your Web browser has to know the Web site’s IP address. Only then can it give that address to the router, which in turn routes the outbound request packets to the appropriate destination. Even though every Web site has an IP address, you probably visit Web sites every day without ever having to know an IP address. In this article, I will show you why this is possible.

I have already explained that IP addresses are similar to street addresses. The network portion of the address defines which network segment the computer exists on, and the computer portion of the address designates a specific computer on that network. Knowing an IP address is a requirement for TCP/IP based communications between two computers.

When you open a Web browser and enter the name of a Web site (which is known as the site’s domain name, URL, or Universal Resource Locator), the Web browser goes straight to the Web site without you ever having to enter an IP address. With that in mind, consider my comparison of IP addresses to postal addresses. You can’t just write someone’s name on an envelope, drop the envelope in the mail, and expect it to be delivered. The post office can’t deliver the letter unless it has an address. The same basic concept applies to visiting Web sites. Your computer cannot communicate with a Web site unless it knows the site’s IP address.

So if your computer needs to know a Web site’s IP address before it can access the site, and you aren’t entering the IP address, where does the IP address come from? Translating domain names into IP addresses is the job of a DNS server.

In the two articles leading up to this one, I talked about several aspects of a computer’s TCP/IP configuration, such as the IP address, subnet mask, and default gateway. If you look at Figure A, you will notice that there is one more configuration option that has been filled in; the Preferred DNS server.


Figure A: The Preferred DNS Server is defined as a part of a computer’s TCP/IP configuration

As you can see in the figure, the preferred DNS server is defined as a part of a computer’s TCP/IP configuration. What this means is that the computer will always know the IP address of a DNS server. This is important because a computer cannot communicate with another computer using the TCP/IP protocol unless an IP address is known.

With that in mind, let’s take a look at what happens when you attempt to visit a Web site. The process begins when you open a Web browser and enter a URL. When you do, the Web browser knows that it can not locate the Web site based on the URL alone. It therefore retrieves the DNS server’s IP address from the computer’s TCP/IP configuration and passes the URL on to the DNS server. The DNS server then looks up the URL on a table which also lists the site’s IP address. The DNS server then returns the IP address to the Web browser, and the browser is then able to communicate with the requested Web site.

Actually, that explanation is a little bit over simplified. DNS name resolution can only work in the way that I just described if the DNS server contains a record that corresponds to the site that’s being requested. If you were to visit a random Web site, there is a really good chance that your DNS server does not contain a record for the site. The reason for this is because the Internet is so big. There are millions of Web sites, and new sites are created every day. There is no way that a single DNS server could possibly keep up with all of those sites and service requests from everyone who is connected to the Internet.

Let’s pretend for a moment that it was possible for a single DNS server to store records for every Web site in existence. Even if the server’s capacity were not an issue, the server would be overwhelmed by the sheer volume of name resolution requests that it would receive from people using the Internet. A centralized DNS server would also be a very popular target for attacks.

Instead, DNS servers are distributed so that a single DNS server does not have to provide name resolutions for the entire Internet. There is an organization named the Internet Corporation for Assigned Names and Numbers, or ICANN for short, that is responsible for all of the registered domain names on the Internet. Because managing all of those domain names is such a huge job, ICANN delegates portions of the domain naming responsibility to various other firms. For example, Network Solutions is responsible for all of the .com domain names. Even so, Network Solutions does not maintain a list of the IP addresses associated with all of the .com domains. In most cases, Network Solution’s DNS servers contain records that point to the DNS server that is considered to be authoritative for each domain.

To see how all this works, imagine that you wanted to visit the www.brienposey.com website. When you enter the request into your Web browser, your Web browser forwards the URL to the DNS server specified by your computer’s TCP/IP configuration. More than likely, your DNS server is not going to know the IP address of this website. Therefore, it will send the request to the ICANN DNS server. The ICANN DNS server wouldn’t know the IP address for the website that you are trying to visit. It would however know the IP address of the DNS server that is responsible for domain names ending in .COM. It would return this address to your Web browser, which in return would submit the request to the specified DNS server.

The top level DNS server for domains ending in .COM would not know the IP address of the requested Web site either, but it would know the IP address of a DNS server that is authoritative for the brienposey.com domain. It would send this address back to the machine that made the request. The Web browser would then send the DNS query to the DNS server that is authoritative for the requested domain. That DNS server would then return the websites IP address, thus allowing the machine to communicate with the requested website.

As you can see, there are a lot of steps that must be completed in order for a computer to find the IP address of a website. To help reduce the number of DNS queries that must be made, the results of DNS queries are usually cached for either a few hours or a few days, depending on how the machine is configured. Caching IP addresses greatly improves performance and minimizes the amount of bandwidth consumed by DNS queries. Imagine how inefficient Web browsing would be if your computer had to do a full set of DNS queries every time you visit a new page.