This article gives a basic explanation of what the DNS is used for, how it works and how it could apply in the Enterprise environment.
What is DNS?
Whenever a Network Host needs to send IP packets to a domain or hostname (e.g., "ui.com"), it must provide an actual IP address in the Layer-3 Destination Address. The Domain Name System (DNS) allows administrators to cache domains & hostnames, which are mapped to IP addresses for query. In this way, a Network Host configured with a DNS server can look up the actual IP address belonging to the intended domain/hostname.
|An overview of DNS lookup, before sending Internet traffic to the web server hosting "ui.com".|
What are the DNS Servers?
DNS servers are generally classified as recursive or authoritative. Assuming no cache exists, a network host will typically query its gateway, which performs DNS forwarding to first query the recursive DNS server. If the recursive DNS server has no valid entry, it will contact the authoritative DNS server responsible, until the specific record for the domain is retrieved. For example:
- Network Host's DNS server configured as Local Gateway, "whois ui.com"?
- Local Gateway forwards DNS Query to Recursive Server, "whois ui.com"?
- Recursive Server contacts Authoritative Server(s), in following order:
- Root DNS Server (the master server containing hierarchical info about top-level domain servers)
- Top-Level Domain Server (the server responsible for ".com" top-level domain)
- Sub Domain Servers (the server responsible for "ui.com" domain)
DNS is frequently compared to a phonebook, where persons/businesses (i.e., hostnames, domains) have their phone number listed (i.e., the Destination IP address).
DNS in the Enterprise
Suppose an enterprise network wants to assign hostnames by geographic location to each of Router Sites (rather than recall their IP address). To access Router “California” via SSH or HTTPS, a Network Host queries the designated DNS server for the enterprise (ex. Linux server running BIND), asking whois “California”, receives the IP, then writes in the Destination IP Address to the SSH / HTTPS packets it needs to send.