DNS

DNS is the name service provided by the Internet for Transmission Control Protocol/Internet Protocol (TCP/IP) networks. It was developed so that workstations on the network could be identified by common names instead of Internet addresses. DNS is a program that converts domain names to their IP addresses. Without it, users would have to remember numbers instead of words to get around the Internet. The process of finding a computer’s IP address by using its hostname as an index is referred to as name-to-address resolution, or mapping. DNS duplicates some of the information stored in the NIS+ tables, but DNS information is available to all hosts on the network.

The collection of networked systems that use DNS is referred to as the DNS namespace. The DNS namespace can be divided into a hierarchy of domains. A DNS domain is simply a group of systems. Two or more name servers support each domain: the primary, secondary, or cache-only server. Each domain must have one primary server and should have at least one secondary server to provide backup.

Configuring the DNS Client

On the client side, DNS is implemented through a set of dynamic library routines, collectively called the resolver. The resolver’s function is to resolve users’ queries. The resolver is neither a daemon nor a single program; instead, it is a set of dynamic library routines used by applications that need to know system names.

At the resolver level, it needs the file /etc/resolv.conf listing the addresses of the servers where it can obtain its information. The resolver reads this /etc/resolv.conf file to find the name of the local domain and the location of domain name servers. It sets the local domain name and instructs the resolver routines to query the listed name servers for information. Normally, each DNS client system on your network has a resolv.conf file in its /etc directory. (If a client does not have a resolv.conf file, it defaults to using a server at IP address 127.0.0.1.). Here’s an example of the /etc/resolv.conf file:

; Sample resolv.conf file for the machine server1 
domain example.com 
; try local name server 
nameserver 127.0.0.1 
; if local name server down, try these servers 
nameserver 123.45.6.1 
nameserver 111.22.3.5 
; sort the addresses returned by gethostbyname 
sortlist 
130.155.160.0/255.255.240.0 
130.155.0.0 

The first line of the /etc/resolv.conf file lists the domain name in this form:

domain <domainname> 

<domainname> is the name registered with the Internet governing bodies.

The second line identifies the loopback name server in the following form:

nameserver 127.0.0.1 

The remaining lines list the IP addresses of up to three DNS master, secondary, or cache-only name servers that the resolver should consult to resolve queries. (Do not list more than three primary or secondary servers.) Name server entries have this form:

nameserver <IP_address> 

<IP_address> is the IP address of a primary or secondary DNS name server. The resolver queries these name servers in the order they are listed until it obtains the information it needs.

The fifth line of the /etc/resolv.conf file lists the address sortlist in this form:

sortlist 
<addresslist> 

<addresslist> specifies the sort order of the addresses returned by gethostbyname. In this example, gethostbyname returns the netmask pair:

130.155.160.0/255.255.240.0 ahead of the IP address 130.155.0.0. 

Whenever the resolver must find the IP address of a host (or the hostname corresponding to an address), it builds a query package and sends it to the name servers listed in /etc/resolv.conf. The servers either answer the query locally or contact other servers known to them, ultimately returning the answer to the resolver.

After the resolver is configured, a system can request DNS service from a name server. If a system’s /etc/nsswitch.conf file specifies hosts: dns, the resolver libraries are automatically used. If the nsswitch.conf file specifies some other name service before DNS, such as NIS, that name service is consulted first for host information. Only if that name service does not find the host in question are the resolver libraries used.

For example, if the hosts line in the nsswitch.conf file specifies hosts: nis dns, the NIS name service is first searched for host information. If the information is not found in NIS, the DNS resolver is used. Because name services such as NIS and NIS+ contain only information about hosts in their own network, the effect of a hosts: nis dns line in a switch file is to specify the use of NIS for local host information and DNS for information on remote hosts on the Internet. If the resolver queries a name server, the server returns either the requested information or a referral to another server.

Name-to-address mapping occurs if a program running on your local system needs to contact a remote computer. The program most likely knows the hostname of the remote computer but might not know how to locate it, particularly if the remote system is in another company, miles from your site. To obtain the remote system’s address, the program requests assistance from the DNS software running on your local system, which is considered a DNS client.

The DNS client sends a request to a DNS name server, which maintains the distributed DNS database. Each server implements DNS by running a daemon called in.named. When run without arguments, in.named reads the default configuration file /etc/named.conf, reads any initial data, and listens for queries from the DNS clients.

The files in the DNS database bear little resemblance to the NIS+ host table or even to the local /etc/hosts file, although they maintain similar information: the hostnames, IP addresses, and other information about a particular group of computers. The name server uses the hostname that your system sent as part of its request to find or “resolve” the IP address of the remote system. It then returns this IP address to your local system if the hostname is in its DNS database.

If the hostname is not in that name server’s DNS database, this indicates that the system is outside its authority—or, to use DNS terminology, outside the local administrative domain.

Because maintaining a central list of domain name/IP address correspondences would be impractical, the lists of domain names and IP addresses are distributed throughout the Internet in a hierarchy of authority. A DNS server that maps the domain names in your Internet requests or forwards them to other servers in the Internet. It is probably within geographic proximity to your Internet access provider.