DNS (Domain Name System) is a network protocol that we use to find the IP addresses of hostnames. Computers use IP addresses but for us humans, it’s more convenient to use domain names and hostnames instead of IP addresses. If you want, you could visit networklessons.com by going directly to IP address 95.85.36.216, but typing in the domain name networklessons.com is probably easier.
DNS is distributed and hierarchical, there are thousands of DNS servers, but none of them has a complete database with all hostnames / domain names and IP addresses. A DNS server might have information for certain domains but might have to query other DNS servers if it doesn’t have an answer.
There are 13 root name servers that have information for the generic top level domains like com, net, org, biz, edu or country specific domains like uk, nl, de, be, au, ca, and such. Take a look at the image below:
At the top of the DNS hierarchy are 13 root name servers that contain name server information for the top level domain extensions. For example, a name server for .com will have information on networklessons.com, but it won’t know anything about networklessons.org. It will have to query a name server that is responsible for the org domain extension to get an answer.
Below the top level domain extensions you will find the second level domains. Here’s where you find the domain names like networklessons, Cisco, Microsoft, etc.
Further down the tree, you can find hostnames or subdomains. For example, vps.networklessons.com is the hostname of the VPS (virtual private server) that runs this website. An example of a subdomain is tools.cisco.com where vps.tools.cisco.com could be the hostname of a server in that subdomain.
Between each DNS “record” we use a period character (.) and officially we also have to use a period character for the root, but almost nobody writes or prints it. Take a look at the two examples below:
- vps.networklessons.com.
- vps.networklessons.com
Take a close look at those examples above; the first one has a trailing period character that indicates the root of the DNS hierarchy. Writing down a hostname with its complete domain name like we did above is called an FQDN (Fully Qualified Domain Name).
Here’s a summary of what I just explained:
. | root of the DNS hierarchy |
com | the com. top level domain |
networklessons | the networklessons domain within .com |
vps | the VPS hostname within domain networklessons.com |
Now you have an idea what DNS is about. Let’s look at an actual example of a host that wants to find the IP address of a hostname. The host will send a DNS request and will receive a DNS reply from the server:
Hello Rene,
Awesome even though i knew how DNS works, seeing on wireshark is just to awesome.
Well Done.
Mauro.
Hi rene
the way of your teaching and explanation is awesome , and easy to understand everyone…
keep posted topics like this , looking for some security related stuffs as well…
Regards
Renjith P Mathew
Hi Renjith,
Good to hear you like it! What security topics are you looking for?
Rene
Hi rene
Looking for CCNA security level…
Hi Renjith,
I have many tutorials that describe the CCNA security topics but right now I don’t have a specific page with everything in order. Once I’m done with all the MPLS, multicast and QoS tutorials then I’ll make a complete course for it.
Rene