What Is DNS?
TCP/IP uses IP addresses to connect to devices. However, memorizing the IP addresses of devices is difficult for users. As such, a host naming mechanism is used to match IP addresses with host names in the string format. DNS provides a translation and query mechanism between IP addresses and host names.
Why Do We Need DNS?
On the Internet, a computer uniquely identifies itself when communicating with other computers by using an IP address, which is similar to a phone number. However, these all-digit identifiers are difficult to remember, and there are many of them on the Internet. For example, there are nearly 4.3 billion IPv4 addresses, each of which is a 32-bit binary number or a dotted decimal number (such as 192.168.1.1). The function of DNS is to translate human-memorable names into machine-recognizable IP addresses so that computers can connect to each other. The working principle of DNS is similar to that of a phonebook — both of them manage mappings between names and numbers. When making phone calls, we usually search for people by name rather than entering phone numbers directly. Likewise, we enter the URL — for example, https://www.huawei.com — in the browser when we want to open a web page or view a video on the Internet. A URL is actually a computer name, which is typically called a domain name.
Composition of a Domain Name
Initially, the domain names of devices consisted of a sequence of characters. At that time, all of the domain names formed a non-hierarchical domain name structure, which not only led to name conflicts but also complex management and maintenance. To address this, DNS domain names in a hierarchical tree structure were designed in the TCP/IP protocol stack. Each country that applies to join the Internet must register a top-level domain name with the NIC. A top-level domain typically represents either an organization type or a geographical location. For example, "cn" and "us" represent China and the United States, respectively. The following table describes common top-level domains. The NIC authorizes management agencies to classify top-level domains into level-2 domains. The agencies in charge of this can authorize subordinate agencies to continue classifying the domains. As a result, the Internet has a hierarchical domain name structure.
Top-Level Domain |
Meaning |
|---|---|
com |
Commercial organizations |
edu |
Educational agencies |
gov |
Governmental agencies |
mil |
Military departments |
net |
Main network support centers |
int |
International organizations |
org |
Other organizations |
Country code |
Countries (classified geographically) |
In terms of syntax, each domain name consists of labels, which are separated by dots (.). Take the domain name www.huawei.com as an example. Each part from right to left is described as follows:
- com: top-level domain name, which represents a commercial organization.
- huawei: level-2 domain name, which belongs to a company.
- www: level-3 domain name, which represents a common web page.
DNS Server, Client, and Relay Agent
DNS-related device roles on a network are DNS server, client, and relay agent.
DNS Server
A DNS server maps a domain name to an IP address. The DNS server stores a table of domain names and corresponding IP addresses to resolve the domain names of messages. Because the Internet is a collection of globally connected resources, and a single DNS server cannot support all address translation operations, multiple DNS servers work together around the world.
Like the domain names forming a hierarchical structure, DNS servers also form a hierarchical structure. A user requests the top-level and authoritative DNS servers in sequence through the root DNS server to obtain the corresponding IP address. The result is saved on the local DNS server for the next DNS request. When re-initiating an access request to the same domain name, the user can directly obtain the result from the local DNS server without initiating a global recursive query again.
Category |
Function |
|---|---|
Root DNS server |
The root DNS server is the highest-level DNS server. It knows the domain names and IP addresses of all top-level DNS servers. If the local DNS server cannot resolve the domain name, a user sends a request to the root DNS server first. |
Top-level DNS server |
The top-level DNS server manages all level-2 domain names under it. When receiving a DNS query request, the top-level DNS server responds to the authoritative DNS server. |
Authoritative DNS server |
The authoritative DNS server manages DNS servers in a certain area. If a top-level DNS server cannot provide a final query response, it instructs the authoritative DNS server to provide such a response. |
Local DNS server |
When a host sends a DNS query request, the request is sent to the local DNS server. Each Internet service provider (ISP) can have a local DNS server. If the local DNS server does not respond, it requests the highest-level root DNS server. |
DNS Client
A DNS client receives DNS requests from user programs and responds to the requests. A device functioning as a DNS client has the following capabilities:
- Starting DNS resolution
To use the DNS client function, you need to enable DNS resolution on the device.
- Specifying the IP address of a server
To perform DNS domain name resolution, you need to specify the IP address of a DNS server on the device so that query requests can be sent to this server for resolution.
- Specifying the DNS domain suffix search list
The domain name suffixes of some servers or hosts accessed by a DNS client are typically the same. By predefining some domain name suffixes, you can enter only part of a domain name and the system then automatically adds a specific suffix to resolve the domain name. For example, if you configure "com" in the suffix list and enter "huawei" in a domain name query, the system automatically associates "huawei" with the suffix "com" and searches for "huawei.com."
DNS Relay Agent
If the IP address of a DNS server changes, the configuration of each DNS client on the user network needs to be updated accordingly. This is both time consuming and error prone. To resolve this issue, you can deploy a DNS relay agent. In such cases, configure the IP address of the DNS relay agent on a DNS client, and configure the IP address of the DNS server on the DNS relay agent. The DNS client then directly sends a DNS request packet to the DNS relay agent, which forwards the packet to the DNS server. In this way, if the DNS server's IP address changes, you need to change the configuration only on the DNS relay agent, thereby simplifying network management.
The following figure shows the working principle of the DNS relay agent.
Working principle of the DNS relay agent
- The DNS client sends to the DNS relay agent a DNS request packet in which the destination address is the IP address of the DNS relay agent.
- After receiving the request packet, the DNS relay agent forwards it to the DNS server for domain name resolution.
DNS Domain Name Resolution Process
The process of obtaining an IP address based on a domain name is called domain name resolution. DNS domain name resolution is classified into the following types:
- Static domain name resolution
Static domain name resolution requires a static domain name resolution table, which is manually created and holds mappings between commonly used domain names and IP addresses. A DNS client first searches the static domain name resolution table for a domain name to resolve it into an IP address. This improves the efficiency of domain name resolution.
- Dynamic domain name resolution
Dynamic domain name resolution requires a dedicated DNS server. This server runs the domain name resolution program, maps domain names to IP addresses, and receives DNS requests from clients.
To speed up DNS queries, static domain name resolution is first used to resolve a domain name. If the resolution fails, dynamic domain name resolution is used.
Implementation of dynamic domain name resolution
As shown in the preceding figure, DNS works as follows:
When a user program (such as ping or Telnet) uses a domain name to access the network, it sends a DNS request to the resolver of the DNS client.
-
After receiving the request, the resolver first checks the local cache.
- If the resolver finds the mapping entry for the domain name in the local cache, it directly returns the mapped IP address to the user program.
- If the resolver does not find such a mapping entry in the local cache, it sends a request to the DNS server.
-
The DNS server checks whether the requested domain name is within a sub-domain it manages and then responds to the DNS client accordingly.
- If the requested domain name is within a sub-domain it manages, the DNS server searches for the IP address corresponding to the domain name in its own database.
- If the requested domain name is not within a sub-domain it manages, the DNS server forwards the request to upper-level DNS servers. After completing the resolution, the corresponding upper-level DNS server returns the result to the DNS client.
The resolver receives and resolves the response sent by the DNS server, and returns the result to the user program.
Dynamically resolved mappings between domain names and IP addresses are stored in the cache. If a domain name is searched for again, the DNS client obtains the corresponding IP address from the cache directly instead of sending a request to the DNS server. Mappings stored in the cache will expire and be deleted after a period to ensure that the latest mappings can be obtained from the DNS server.
- Author: Dou Cuicui
- Updated on: 2024-02-27
- Views: 3145
- Average rating:
