DNS (Domain Name System): –It performs name resolution, means conversion of name to IP address, such as in our mobile we have both names & phone numbers (IP address), name normally can be easier to learn & remember as compared to numbers(IP address),but technically communication is done on IP (phone number in case of cellular company), not on name.
History of internet: –The old name of internet was Arpanet, in those days there was no concept of DNS server & even internet was not a commercial at the beginning (early 1980s), means only used for specific tasks such as N.G.Os, hospitals, research groups etc. A company named INTERNIC had a host file (acts as a DNS server), which had websites names & IP addresses. And if someone wanted to make a member of Arpanet, 1st got a connection & downloaded a host file & this file come into his computer, this file loaded in RAM. But the issue was that if new websites launched then again one had to ping or download that host file for fetching new website’s IP address & we know that number of users were being increased, by this way host file was also being increased. Then Arpanet realized that no. of users, no. of websites & host file are expanded day by day then they replaced this method with DNS.
DNS was designed to solve issues that arose when there was an increase in; a) number of host on the internet b) traffic generated by the updated process c) size of the host file
A technology that translates internet address names into numerical addresses (IP addresses) so that the address can be found over the internet. For example, if we type www.microsoft.com into a web browser, the name is translated into a numerical address & that address is used to connect us to the Microsoft website.
Websites have both a “friendly” address called a Uniform Resource Locator (URL) & an IP address. People use URLs to find websites, but computers use IP addresses to websites. DNS translate URLs into IP addresses & vice versa. For example if we type http://www.microsoft.com into the address bar in our web browser, our computer sends a request to a DNS server. The DNS server translates URL into IP address so that our computer can find the Microsoft web server.
Net BIOS name resolution method: – Lmhost file, WINS & broadcast are used to resolve NetBIOS name.
Characteristic of DNS: – 1. Hierarchical 2. Distributed
Hierarchical means FQDN i.e. House No., St. No., Block No., Model town, Lahore, Pakistan. With the reference of internet name convention, there is no centralized body to handle all websites conversion of name to IP, it is impossible because internet size is too large to handle. If database will be on one place it disadvantage is single point of failure. That’s why distributed databases are much feasible as compare to centralized database because in this case databases are on multiple places. The benefit of distributed database is Dedicated Administration means every company (hotmail) is responsible for its own database (DNS server). If hotmail DNS server goes down, its own website will not be opened. There will be no affect on yahoo DNS server; yahoo will be in running condition because every company has its own DNS server. There is no DNS server in the world which has complete database (name & IP address) of all companies’ DNS servers. But in spite of this all websites are opened, even no DNS has complete database; the answer is that then all DNS servers are required to communicate with one another. There should be required a parallel system to make DNS servers to be communicated with one another.
DNS Queries: – 1. Recursive query 2. Iterative query
Recursive query: – It is operated from DNS client to DNS server & this query has complete answer means “IP or error”. It means when a client send query (recursive query) to DNS server for a website’s IP, then the DNS server will reply either with IP or error.
Iterative query: – It is operated from DNS server to DNS server & it has referral answer means not complete answer. In this referral answer DNS server is told to redirect to other DNS server & by this way it collects the complete answer. It is used to locate authoritative DNS server.
Inverse query: – In this query we send IP to DNS server to resolve name of website. In this case we’ve already an IP, no problem in communication because communication is done on the basis of IP. But here issue exist else rather than communication. Let’s assume if ORKUT site has been blocked & when user write IP(200.1.1.1) of ORKUT in browser, site should be opened but when request reach to Firewall(Microsoft ISA server), F/W will ask DNS server to resolve name against this IP. This query from ISA to DNS server is Inverse query. F/W will ask DNS server whether there isn’t any website (name) against this IP that is restricted, and then DNS server will tell F/W that ORKUT site has been restricted. It means that basically inverse query related to security not accessibility. Security is implemented on the basis of name rather than IP because IP can be changed & name can also do but in rare cases.
A website like www.hotmail.com. & actually at the end of every website there is a dot (.) but it is hidden & this dot (.) represents Root Domain. The order of website is something like that, dot represents root domain, com represents top level domain, hotmail represents 2nd level domain & www represents hostname. Root DNS is responsible of top level domain; top level domain is responsible of 2nd level domain & so on. It means that root domain (.) will tell IP of top level domain/com DNS server & so on. It should be kept in mind that there is only sever that knows about all DNS servers & that is ROOT Server.
Note: – The question is that how our local DNS (Brain net ISP) reach to root server. The answer is that IP of root server of internet are present in local DNS server’s properties which has 30 IPs of root servers. Root DNS servers are managed by Milnet & Espanet. DNS operates on application layer while TCP/UDP works on transport layer. DNS uses these both TCP/UDP with port number of 53 for both. DNS communication is mostly done on UDP.
Note: – www.hotmail.com. In this website last one dot represents Root domain & middle two dots represent Level separator.
Zone: – Partition of domain namespace represented by domain name OR DNS database file (name & IP mapping) is called Zone. And those DNS that have zone’s file is called Authoritative DNS server.
Types of Zone: – 1) Primary DNS Zone, 2) Secondary DNS Zone, 3) AD Integrated DNS Zone, 4) Stub DNS Zone….. In each type of zone there is a mapping of name &IP but difference exist in other things.
Primary DNS Zone: – When a zone that this DNS server hosts is a primary zone, the DNS server is the primary source for information about this zone, & it stores the master copy of zone data in a local file or in AD DS. It has writeable copy of zone, means we can modify the zone in case of primary zone. When the zone is stored in a file, by default the primary zone file is named zone_name.dns & it is located in the %windir%system32dns folder on the server. The basic level/standard zones are primary zone & secondary zone. These two zones can be possible on each & every DNS server in the world such as Microsoft DNS server, SUN, LINUX etc while AD Integrated & stub zones are Microsoft implementation. When we change something in primary zone, automatically secondary zone will adopt these changes. We can create one primary zone & multiple secondary zones. It has a single master structure, means we can change only in primary zone & these changes transfer to secondary zone automatically.
Secondary zone: – When a zone that this DNS server hosts is a secondary zone, this DNS server is the secondary source for information about this zone. The zone at this server must be obtained from another remote DNS server computer that also hosts the zone. This DNS server must have network access to the remote DNS server that supplies this server with updated information about the zone. Because the secondary zone is merely a copy of a primary zone that hosted on another server, it cannot be stored in AD DS. It has read-only copy of zone, means we cannot modify the zone in case of secondary zone.
AD Integrated zone: –If DNS server is also in Active Directory Domain Services (AD DS) domain controller, primary zones & stub zones can be stored in AD DS, means it is only available on Domain Controller. It is more secure than primary zone. It has multi-master structure, means that if we have three AD Integrated zone & these three zones have writeable copy of zone, anywhere we perform changes (on either AD Integrated zone), changes will be replicated to other zones too. Zone database will be replicated as a part of domain replication.
Stub zone: – Typically stub means single exit point. It has not a complete zone database, only three or four entries exist in stub zone that’s why it doesn’t perform name resolution. It is used to locate Authoritative DNS server. It means if a client request for an IP (192.168.0.1), local DNS server (stub zone) can’t tell about an IP because it has not a complete zone database. It will pass through router & locate other DNS server to fetch an IP then local DNS server stored this entry in its CATHE & if again others client request for this IP, then it will resolve from its own cache. It has read only copy of zone like secondary zone. It has only three kinds of records, NS (name server) record, SOA (Start of Authority) record & Glue A record.
Forward lookup zone: – name to IP mapping
Reverse lookup zone: – IP to name mapping
Dynamic update: – It is also called dynamic DNS (DDNS)