DNS Server
The Domain Name System, or DNS, is a method of resolving IP Addresses to English sounding names. Back in the days of NT4, DNS was really not all that important as far as your network went, as you had WINS to handle your name resolution requirements.
Today in modern networks, you must have DNS functioning in your environment. In fact, DNS is an integral part of Active Directory and is the foundation of your Windows Network.
DNS Names
A DNS Name really only consists of 2 parts. The leftmost part is the computer name and everything else to the right is the domain suffix.
So with a name like server01.winstructor.com, the server01 part is the computer name and winstructor.com is the domain suffix.
The DNS Structure
The DNS structure is a hierarchical structure that starts with a root domain, designated by a period, or a dot.
The root domain, is operated by a nonprofit group called the Internet Corporation for Assigned Names and Numbers, or ICANN.
Beneath the root domain are several other domains, .com, .net, org, .gov and so on. These are referred to as Top Level Domains, or TLD’s. The control of the domains at this level have been delegated to other companies to manage. For example. Network Solutions manage the .com domain.
So for us to own and operate our own domains, such as winstructor.com, we would have to get permission from Network Solutions. We would do this by jumping on their website, providing a few details about us and of course giving them some credit card details, and in return they give us the rights to operate the winstructor.com domain.
Now we don’t really own the domain, instead, you should consider it a lease arrangement. But as long as we are not infringing on any trademark with our choice of domain name, and of course, as long as we continue to pay for the right to use the domain, then you can effectively consider it ours.
Now, from this point onwards, we can create as many sub domains as we like. ICANN delegated the .com to Network Solutions. Network Solutions, delegated winstructor.com to us. So now, if we want to create another subdomain, such as mcse.winstructor.com, we don’t have to ask anyone permission. We can just create it ourselves because we are in control of the parent domain, winstructor.com.
How DNS Works
So, how does DNS really work?
Now lets consider a practical, yet simplified example of how DNS works. A user somewhere out there in the world decides to point their browser to www.winstructor.com. What happens, is their computer first asks their local DNS Server for the IP Address of the computer named www, in a domain named winstructor.com. At this point, their local DNS Server, needs to find the DNS Server at winstructor.com which will know the answer. The problem is, your DNS Server doesn’t know the IP Address of the DNS Server at winstructor.com either. So, what does it do?
We’ll, its quite simple. It asks the next person that should know. Which is Winstructor's parent, so it directs the request to the DNS Servers at the .COM domain. Oh, another problem. It doesn’t know the IP Address for the DNS Servers at the .COM domain level either. So it goes to the .Com domains parent, which is the root, designated by a period ( . ).
Now, you might see a problem here. The root domain is the end of the earth as far as the domain hierarchy goes. It cannot go to a higher power because there isn’t one. But that’s ok, because the Windows Server 2003 DNS Software comes with what’s known as a ‘root hints’ file. This file contains the names and IP Addresses of the 13 Servers that comprise the root domain. The root hints file is a simple text file and is located in your \windows\system32\dns directory. The file is called cache.dns, so go have a look and see what we are talking about.
So, our friend who is looking for www.winstructor.com is in luck because his DNS Server is now at least able to talk to the root domain.
So it asks the root domain for the IP Address of the DNS Servers at the .Com domain. A root server will respond with the details for the DNS Servers responsible for the .COM domain.
Now, it can ask the DNS Server at the .Com domain for the IP Address of the winstructor.com DNS Server. Now it has this information, it asks the winstructor.com DNS Server for the IP Address of the Computer named "www" in the winstructor.com domain. The DNS Server responds and our friends local DNS Server caches that name and IP Address and sends the information back to our friends computer.
Our friend now knows the IP Address of the www.winstructor.com server and contacts it directly.
Now that’s the process from scratch, but what if we need to create a subdomain called mcse.winstructor.com? And the Training department have their own IT Staff which want control over their own DNS Implementation?
Now we’re talking about Delegation.
In all honesty, what we have just discussed is also delegation. The root servers directed you to go to the Servers responsible for the .Com domain when you wanted to find a .COM address. That responsibility was DELEGATED from the Root Servers to the .COM Servers.
But you can also use DELEGATION within your OWN DNS ENVIRONMENT.
Now, we don’t want to give the Training Department complete control over our DNS Environment, so we are going to need 2 things to make this delegation work for our Training Department.
First, the mcse.winstructor.com domain, will need to have its own DNS Server.
Secondly, we need to create a Name Server Record, or NS Record on our DNS Server, which effectively says to incoming requests, if you want find a computer on the mcse.winstructor.com network, then go over to their DNS Server and ask them for what you want, dont ask me because I dont know about it, all I know is how to find their DNS Server.
So what happens is that the mcse.winstructor.com DNS server, becomes authoratitive for the mcse domain, just as our DNS Server for winstructor.com is authoratitive for our parent winstructor.com domain.
So if our User in Internet Land wants to access a host on the mcse.winstructor.com domain, they will first contact their own DNS Server.
Their DNS Server, will contact the DNS Server that is authoritative for the winstructor.com domain.
This server knows that it isn’t responsible for the mcse.winstructor.com domain. But it does know who is responsible, as it has an NS Record that tells it to forward all mcse.winstructor.com requests to the DNS Server listed in that record. So it sends back the IP Address of the DNS Server in the mcse.winstructor.com domain.
The Users DNS Server then contacts the DNS Server in the mcse.winstructor.com domain directly and requests the IP Address of the Host the User is trying to contact.
The mcse.winstructor.com DNS Server responds with the Hosts IP Address and the Users DNS Server Caches it locally, then forwards the IP Address to the Users Computer, which also caches a copy so it knows where to find the host later on.
The User can now contact the Host at the mcse.winstructor.com subdomain directly.
Become a Member
 Start learning about DNS right now!
Become a Member and begin downloading our DNS Videos Immediately!
These DNS Videos are from our Windows Server 2003 Product
|
