- By Craig Zacker
- Objective 1.1: Compare the layers of the OSI and TCP/IP models
- Objective 1.2: Classify how applications, devices, and protocols relate to the OSI model layers
- Objective 1.3: Explain the purpose and properties of IP addressing
- Objective 1.4: Explain the purpose and properties of routing and switching
- Objective 1.5: Identify common TCP and UDP default ports
- Objective 1.6: Explain the function of common networking protocols
- Objective 1.7: Summarize DNS concepts and its components
- Objective 1.8: Given a scenario, implement the following network troubleshooting methodology
- Objective 1.9: Identify virtual network components
Objective 1.7: Summarize DNS concepts and its components
Computers are designed to work with numbers, whereas humans are more comfortable working with words. This fundamental dichotomy is the reason why the Domain Name System came to be. Very simply, the DNS is a database service that converts computer names to IP addresses and addresses back into names.
DNS servers are a ubiquitous part of most TCP/IP networks, even if users aren’t aware of them. TCP/IP communications are based solely on IP addresses. Before one system can communicate with another, it must know the other system’s IP address. Often, the user supplies to a client application a friendly name for a desired server. The application must then resolve that server name into an IP address before it can transmit a message to it. If the name resolution mechanism fails to function, no communication with the server is possible.
Exam need to know
Summarize the concept of DNS servers
For example: How many DNS servers contain the entire Internet domain namespace?
Summarize the concept of DNS records
For example: Which resource record type contains name-to-address mappings for IPv6 addresses?
Summarize the concept of Dynamic DNS
For example: What network service has made it necessary to develop a mechanism for dynamically updating DNS resource records?
If you connect to the Internet, you use a DNS server each time you enter a server name or URL into a web browser or other application to resolve the name of the system you specified into an IP address. When a standalone computer connects to an Internet Service Provider (ISP), the ISP’s server usually supplies the addresses of the DNS servers that the system will use. On a TCP/IP network, administrators configure clients with the addresses of the DNS servers they will use. This can be a manual process performed for each workstation or part of an automated DHCP configuration process.
DNS is a distributed database service; thousands of servers all over the Internet function as the authority for a small piece of the DNS namespace. By forwarding name resolution requests from server to server, it is possible to resolve any DNS name into its equivalent IP address, no matter where on the Internet the authoritative information for that name is stored.
In addition to resolving names into addresses, DNS servers can also resolve addresses into names, when necessary. This is called reverse name lookup. The DNS also plays an essential role in Active Directory Domain Services (AD DS), the Windows directory service.
True or false: Every DNS server contains a small piece of the DNS namespace.
Answer: False. Some DNS servers exist only to provide name resolution services to clients. They do not host any part of the DNS namespace. These are called caching-only servers.
True or false: A forwarder is a DNS server that accepts name resolution queries from other DNS servers.
Answer: False. All DNS servers accept name resolution queries from other DNS servers. A forwarder is a DNS server that accepts a certain type of query. When a server receives a recursive query, it is responsible for trying to resolve the requested name and for transmitting a reply back to the requester. If the server does not possess the required information, it must send its own queries to other DNS servers until it obtains the requested information. The resolvers in client systems nearly always send recursive queries to DNS servers.
When a server receives an iterative query, it can either respond with information from its own database or refer the requester to another DNS server. The recipient of the iterative query responds with the best answer it currently possesses, but it is not responsible for searching for the information, as with a recursive query. DNS servers processing a recursive query from a client typically use iterative queries to request information from other servers. A forwarder is a server that is configured to receive recursive queries from other servers.
DNS servers are essentially database servers that store information about the hosts and subdomains for which they are responsible in resource records (RRs). When you run your own DNS server, you create a resource record for the name of each host that you want the rest of the network to be able to access. There are several different types of resource records used by DNS servers, the most important of which are:
- A (32-bit Address) Provides a name-to-address mapping that supplies an IPv4 address for a specific DNS name. This record type performs the primary function of the DNS, converting names to addresses.
- AAAA (128-bit Address) Provides a name-to-address mapping that supplies an IPv6 address for a specific DNS name. This record type performs the primary function of the DNS, converting names to addresses.
- MX (Mail Exchanger) Identifies a system that will direct email traffic sent to an address in the domain to the individual recipient, a mail gateway, or another mail server.
- CNAME (Canonical Name) Creates an alias that points to the canonical name (that is, the “real” name) of a host identified by an A or AAAA record. Administrators use CNAME records to provide alternative names by which systems can be identified.
- PTR (Pointer) Provides an address-to-name mapping that supplies a DNS name for a specific address in the in-addr.arpa domain. This is the functional opposite of an A record, used for reverse lookups only.
In addition to functioning as the authority for a small section of the DNS namespace, servers process client name resolution requests by either consulting their own resource records or forwarding the requests to another DNS server on the network. The process of forwarding a request is called a referral, and this is how all of the DNS servers on the Internet work together to provide a unified information resource for the entire domain namespace.
True or false: An MX record identifies a mail server that is ready to accept messages sent to recipients in a particular domain.
Answer: True. When an SMTP server receives an outgoing message from an email client, it does a DNS MX lookup of the domain in the destination email address, and sends the message to the server specified in the MX record.
True or false: The standard name resolution process for an Internet web server consists of DNS queries requesting AAAA records from a DNS server.
Answer: False. Because the Internet still uses IPv4, the standard name resolution process for an Internet name requests an A record from the server.
True or false: It is possible for a single computer to have multiple names in the DNS.
Answer: True. To assign multiple names to a single computer, you can create multiple A or AAAA records, or you can create a single A or AAAA record and one or more CNAME records.
The process of adding resource records to a DNS server is called name registration. Administrators originally registered DNS names manually, by adding resource records to a text file. However, as networks grow larger and more complex, the biggest problem arising from manual name registration stems from the increasing use of DHCP servers to dynamically assign IP addresses to network workstations. Dynamic assignment of IP addresses means that workstations can have different addresses from one day to the next, and the original DNS standard has no way of keeping up with the changes.
To make the use of DNS practical for technologies that require regular updates to resource records, such as AD DS, the IETF published a document that defines a new DNS message type, called an Update, that systems like domain controllers and DHCP servers can generate and transmit to a DNS server. These Update messages can modify or delete existing resource records or create new ones, based on prerequisites specified by the administrator.
True or false: Dynamic updates enable DNS servers to connect to the systems in their resource records and query them for address changes.
Answer: False. Dynamic updates originate with DHCP servers and AD DS domain controllers, not with the systems specified in the resource records
Can you answer these questions?
Find the answers to these questions at the end of this chapter.
- Which DNS resource record type can administrators use to create aliases for computers on the network?
- A DNS client performing a reverse name resolution receives which type of resource record from the DNS server?
- Apart from name resolution, what other critical function does DNS perform on AD DS networks?
- In DNS terminology, what is a resolver?
- Which type of query does a DNS server typically use when querying other DNS servers?