In the network, devices are labeled with numeric numbers called IP addresses to send and receive data over networks. Domain names were created to change the numeric address into a simple, recognizable name. The DNS is short for Domain Name System (or Service or Server). It is a large database which resides on various computers and it contains the names and IP addresses of different hosts on the internet and different domains. It is the Internet’s equivalent of a phone book.
The domain name service is an important service because, domain names are easy for people to remember and access a computer, servers, and websites based on IP addresses. The domain name, such as http://fschub.com, are much easier for the humans to remember that its IP address 220.127.116.11. In case of changing the IP address of http://fschub.com, it is clear to the user because the domain name remains the same. The new address will be simply linked to the existing domain name. The DNS defines an automatic service that matches resource names with the required numeric IP address including queries format, responses, and data. The DNS protocol uses a single format called a message for all types of client queries and server responses, error messages, and the transfer of resource record information bet]. ween servers.
The domain name system is its own complete network. If one DNS server doesn’t know how to translate a particular domain name, it asks another DNS, and so on, until the correct IP address is returned. The Figure below illustrates the steps involved in DNS resolution.
DNS Message Format
The DNS server has two types of messages: query and response. The query message contains a header and question records and the response message contains a header, question records, answer records, authoritative records, and additional records.
The DNS server stores names, addresses and some other records to resolve the names. Some types of records are following:
- A – The IPv4 address of An end device
- AAA – The IPv6 address record of an end devices
- NS – An authoritative name server
- PTR – Record contains the name of a node in the DNS namespace.
- SRC – Record contains information about a server
- TXT – Record contains arbitrary text
- MX – A mail exchange record
Whenever a host sends a query for name resolving, the DNS process, first of all, checks its own stored records to resolve the name. If the record is not found in its own stored records, then it forwards the query to other servers to resolve the name. Once a name resolved and returned to the requesting server, the server for the time being stores the IP address in the event that the same name is requested again. The figure above illustrates that process.
The DNS Client service on Windows PCs also stores subsequently resolved names in memory. The ipconfig /displaydns command displays all subsequently resolved entries that cached in the memory. DNS uses the below message format for all types of client queries and response, error messages and for resource record sharing between DNS servers.
The DNS has two types of messages, query, and response. Both have the same format. The query message consists of a header and the question records and the response message contents of a header, question records, answer records, authoritative records, and additional records as shown in the figure.
Header -The header is an important element for any message because header contains important control fields. In DNS messages, the header section carries several key control flags and is also where we find out which of the additional sections are even being used in the message. The header also states whether the message is a query or a response. The header for both query and response are the same as shown in the figure. The length of the header is 12 bytes.
Questions-The question section contains fields that describe a question to a name server and the question may be query or response. If the message contains a query then this section contains the question expressing the query. If the message is a contain response than this section contains the question sent in the query to which this is the response.
Answers– The answer section contains resource records that answer the question. If the message contains a non-error response then this section contains the resource record(s) which match the query to which this is the response.
Authority-The authority section contains one or more resource records that point toward an authoritative name server. If the message is an error response then this section may contain resource record(s) identifying DNS servers which can be queried instead.
Additional– the additional records section contains Resource records which relate to the query but are not strictly answers for the question. If the message is a non-error response then this section may contain resource records, which do not match the query but are related to it.
Fully Qualified Domain Name (FQDN)
For understanding the DNS hierarchy It is essential to know about Fully Qualified Domain Name (FQDN). A fully qualified domain name (FQDN) consists of the hostname and domain name. The hostname are not case sensitive and can also contain alphabetic and numeric letters. An FQDN is the domain name that specifies its accurate site in the DNS hierarchy. It specifies all domain levels including root and top-level domains. The example of FQDN is “mail.fschub.com” where “mail” is the hostname and the “fschub.com” is the domain name.
The DNS uses a hierarchical system database for resolving name address. DNS uses domain names to form the hierarchy. The DNS hierarchy is comprised of the following five elements:
1) Root Level
2) Top Level Domains
3) Second Level Domains
The DNS root zone is the uppermost level in the DNS hierarchy tree. The root name server is server for the root zone. Thes servers contain the information that makes up the root zone, which is the global list of top-level domains. The root name servers are very important as they are the first step in resolving a domain name. The root name server are the authoritative servers which serve the DNS root zone. These servers contain the global list of the top-level domains. The root servers are operated by 12 different organizations:
- University of Maryland
- VeriSign Global Registry Services
- Cogent Communications
- University of Southern California, Information Sciences Institute
- Internet Systems Consortium, Inc.
- NASA Ames Research Center
- VeriSign Global Registry Services
- US Army Research Lab
- US DoD Network Information Center
- WIDE Project
- RIPE NCC
Top Level Domains (TLDs)
TLDs are the next level in the DNS hierarchy. There are many TLDs that serve at the moment. As we have seen the TLDs are classified into two subcategories. The different top-level domains represent either the type of organization or the country of origin. Examples of top-level domains are:
- .com – A business or industry
- .org – A non-profit organization
- .edu – Educational Institutions
- .gov – Government Intuitions
- .mil – Military Groups
- .net – Major network Support Centers
- .org – Nonprofit Organization and others
- .int – International Organization
- .au – Australia
- .pk – Pakistan
- .us – United States
Second Level Domains
Second Level Domain is come after TLDs in the DNS hierarchy. These domain are directly below the TLDs. Second Level domain are an important part of the DNS. There are no limits of second level domain like the TLDs. If the domain is available anyone can purchase it.
The sub-domain is the last level in the DNS servers. It is the part of the main domain. the only domain that is not only a subdomain is the root domain. For example, alfa.example.com and bravo.example.com are subdomains of the example.com domain, which in turn is a sub domain of the com top-level domain (TLD).
This is the DNS hierarchy and elements of the DNS hierarchy. The DNS hierarchy is just like an inverted tree. The figure below illustrates the hierarchy of DNS.
The nslookup Command
The domain name server addresses are important for network device configuration. Generally, the ISPs provide the IP addresses to use for the DNS servers. The host usually requests to connect to a remote device by name; the requesting client queries the name server to resolve the name to IP address.
The operating systems also have a utility called nslookup that give the opportunity to manually query the nameservers to resolve a given host name. The nslookup can also be used to troubleshoot name resolution issues and to verify the current status of the name servers.