How the Domain Name System works

(This is taken from an article that originally appeared in PC Network Advisor. The first article in the series can be read here.)

IP addresses are easy for computers to work with, but hard for humans to remember. The Domain Name System (DNS) solves that problem by allowing us to refer to hosts by names like “mail.tech-pro.net” instead of “153.158.14.1". A computer called a name server lets Internet applications look up the IP address of any known host, and conversely get the hostname associated with a given IP address.

Domain names are organised hierarchically. At the right is the top-level domain, which may indicate a class of organisation such as .com or .gov, or a country, such as .au or .uk. The top-level domains are divided into second-level domains, such as .co.uk. Second-level domains can be further subdivided, and so on.

The organisations which manage the top-level domains maintain name server computer, called the root name servers, which know the IP addresses of the name servers for the all the second-level domains. The managers of the second-level domains must maintain servers which know the addresses of thethird-level name servers, and so on. A lower-level domain such as “ibm.com” or “tech-pro.net” can represent an entire network. The name servers at that level must supply the IP addresses of all the hosts within it.

In a fully-qualified domain name, the host name is the nameon the left. Thus, in order for “www.ibm.com” to take you to IBM’s Web site, IBM must name its Web server “www” and have an entry on its name servers linking this name with the server’s IP address.

Hosts file

When an application tries to contact a host by name, the TCP/IP stack runs a module called the resolver. First, this tries to look up the IP address locally. On a Windows PC, it looks in the file C:\WINDOWS\HOSTS, which is a text file containing a list of entries in the format <IP address> <host name>. This is the way all look-ups were done in the days before name servers were invented.

If the name isn’t found in the HOSTS file, the software contacts one of the local name servers whose IP address is in the TCP/IP configuration, to see if it knows the address. If the host you are after isn’t in the local zone it probably won’t, unless that host has been contacted recently and its address is cached. Name servers cache IP addresses so they don’t have to find out the addresses of popular hosts every time they are contacted.

If the local name server doesn’t know the address for the host you want, it contacts the root name server for that host’s top-level domain, whose address it does know. The root-level name server gives the local name server the address of the appropriate second-level server. The second-level server gives it the third-level server’s address and so on, until eventually a server is found that is able to resolve the host name into a unique IP address.