DNS HOWTO : A simple domain. : But first some dry theory
Previous: A simple domain.
Next: Our own domain

5.1. But first some dry theory

First of all: you read all the stuff before here right? You have to.

Before we really start this section I'm going to serve you some theory on and an example of how DNS works. And you're going to read it because it's good for you. If you don't want to you should at least skim it very quickly. Stop skimming when you get to what should go in your named.conf file.

DNS is a hierarchical, tree structured, system. The top is written `.' and pronounced `root', as is usual for tree data-structures. Under . there are a number of Top Level Domains (TLDs); the best known ones are ORG, COM, EDU and NET, but there are many more. Just like a tree it has a root and it branches out. If you have any computer science background you will recognize DNS as a search tree, and you will be able to find nodes, leaf nodes and edges. The dots are nodes, the edges are on the names.

When looking for a machine the query proceeds recursively into the hierarchy starting at the root. If you want to find the address of prep.ai.mit.edu., your nameserver has to start asking somewhere. It starts by looking it its cache. If it knows the answer, having cached it before, it will answer right away as we saw in the last section. If it does not know it will remove parts from the name starting at the left, checking if it knows anything about ai.mit.edu., then mit.edu., then edu. and if not that it does know about . because that was in the hints file. It will then ask a . server about prep.ai.mit.edu. This . server will not know the answer, but it will help your server on its way by giving a referral, telling it where to look instead. These referrals will eventually lead your server to a nameserver that knows the answer. I will illustrate that now. +norec means that dig is asking non-recursive questions so that we get to do the recursion ourselves. The other options are to reduce the amount of dig produces so this won't go on for too many pages:

$ dig +norec +noH +noques +nostats +nocmd prep.ai.mit.edu.
;; res options: init defnam dnsrch
;; got answer:
; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 13
;; AUTHORITY SECTION:
.                       5d23h48m47s IN NS  I.ROOT-SERVERS.NET.
.                       5d23h48m47s IN NS  E.ROOT-SERVERS.NET.
.                       5d23h48m47s IN NS  D.ROOT-SERVERS.NET.
.                       5d23h48m47s IN NS  A.ROOT-SERVERS.NET.
.                       5d23h48m47s IN NS  H.ROOT-SERVERS.NET.
.                       5d23h48m47s IN NS  C.ROOT-SERVERS.NET.
.                       5d23h48m47s IN NS  G.ROOT-SERVERS.NET.
.                       5d23h48m47s IN NS  F.ROOT-SERVERS.NET.
.                       5d23h48m47s IN NS  B.ROOT-SERVERS.NET.
.                       5d23h48m47s IN NS  J.ROOT-SERVERS.NET.
.                       5d23h48m47s IN NS  K.ROOT-SERVERS.NET.
.                       5d23h48m47s IN NS  L.ROOT-SERVERS.NET.
.                       5d23h48m47s IN NS  M.ROOT-SERVERS.NET.

;; ADDITIONAL SECTION:
I.ROOT-SERVERS.NET.     6d23h48m47s IN A  192.36.148.17
E.ROOT-SERVERS.NET.     6d23h48m47s IN A  192.203.230.10
D.ROOT-SERVERS.NET.     6d23h48m47s IN A  128.8.10.90
A.ROOT-SERVERS.NET.     6d23h48m47s IN A  198.41.0.4
H.ROOT-SERVERS.NET.     6d23h48m47s IN A  128.63.2.53
C.ROOT-SERVERS.NET.     6d23h48m47s IN A  192.33.4.12
G.ROOT-SERVERS.NET.     6d23h48m47s IN A  192.112.36.4
F.ROOT-SERVERS.NET.     6d23h48m47s IN A  192.5.5.241
B.ROOT-SERVERS.NET.     6d23h48m47s IN A  128.9.0.107
J.ROOT-SERVERS.NET.     6d23h48m47s IN A  198.41.0.10
K.ROOT-SERVERS.NET.     6d23h48m47s IN A  193.0.14.129
L.ROOT-SERVERS.NET.     6d23h48m47s IN A  198.32.64.12
M.ROOT-SERVERS.NET.     6d23h48m47s IN A  202.12.27.33

This is a referral. It is giving us an "Authority section" only, no "Answer section". Our own nameserver refers us to a nameserver. Pick one at random:

$ dig +norec +noH +noques +nostats +nocmd prep.ai.mit.edu. @H.ROOT-SERVERS.NET.
; (1 server found)
;; res options: init defnam dnsrch
;; got answer:
; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 3, ADDITIONAL: 3
;; AUTHORITY SECTION:
MIT.EDU.                2D IN NS        BITSY.MIT.EDU.
MIT.EDU.                2D IN NS        STRAWB.MIT.EDU.
MIT.EDU.                2D IN NS        W20NS.MIT.EDU.

;; ADDITIONAL SECTION:
BITSY.MIT.EDU.          2D IN A         18.72.0.3
STRAWB.MIT.EDU.         2D IN A         18.71.0.151
W20NS.MIT.EDU.          2D IN A         18.70.0.160

It refers us to MIT.EDU servers at once. Again pick one at random:

$ dig +norec +noH +noques +nostats +nocmd prep.ai.mit.edu. @bitsy.mit.edu
; (1 server found)
;; res options: init defnam dnsrch
;; got answer:
; flags: qr ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4
;; ANSWER SECTION:
prep.ai.mit.edu.        3h50m7s IN A    198.186.203.18

;; AUTHORITY SECTION:
AI.MIT.EDU.             6H IN NS        FEDEX.AI.MIT.EDU.
AI.MIT.EDU.             6H IN NS        LIFE.AI.MIT.EDU.
AI.MIT.EDU.             6H IN NS        ALPHA-BITS.AI.MIT.EDU.
AI.MIT.EDU.             6H IN NS        BEET-CHEX.AI.MIT.EDU.

;; ADDITIONAL SECTION:
FEDEX.AI.MIT.EDU.       6H IN A         192.148.252.43
LIFE.AI.MIT.EDU.        6H IN A         128.52.32.80
ALPHA-BITS.AI.MIT.EDU.  6H IN A         128.52.32.5
BEET-CHEX.AI.MIT.EDU.   6H IN A         128.52.32.22

This time we got a "ANSWER SECTION", and an answer for our question. The "AUTHORITY SECTION" contains information about which servers to ask about ai.mit.edu the next time. So you can ask them directly the next time you wonder about ai.mit.edu names.

So starting at . we found the successive name servers for each level in the domain name by referral. If you had used your own DNS server instead of using all those other servers, your named would of-course cache all the information it found while digging this out for you, and it would not have to ask again for a while.

In the tree analogue each ``.'' in the name is a branching point. And each part between the ``.''s are the names of individual branches in the tree. One climbs the tree by taking the name we want (prep.ai.mit.edu) asking the root (.) or whatever servers father from the root toward prep.ai.mit.edu we have information about in the cache. Once the cache limits are reached the recursive resolver goes out asking servers, pursuing referrals (edges) further into the name.

A much less talked about, but just as important domain is in-addr.arpa. It too is nested like the `normal' domains. in-addr.arpa allows us to get the host's name when we have its address. A important thing to note here is that the IP addresses are written in reverse order in the in-addr.arpa domain. If you have the address of a machine: 192.148.52.43 named proceeds just like for the prep.ai.mit.edu example: find arpa. servers. Find in-addr.arpa. servers, find 192.in-addr.arpa. servers, find 148.192.in-addr.arpa. servers, find 52.148.192.in-addr.arpa. servers. Find needed records for 43.52.148.192.in-addr.arpa. Clever huh? (Say `yes'.) The reversion of the numbers can be confusing for years though.


DNS HOWTO : A simple domain. : But first some dry theory
Previous: A simple domain.
Next: Our own domain