The Domain Name System (DNS) was developed primarily to allow humans to use more easily remembered character strings in place of dotted decimal or, heaven forbid, hexadecimal numbers. You can enter a destination's numeric IP address into a browser or other application and get the results you would expect without any contribution by the DNS. Once the system was in place, however, it took on a number of supplemental roles that have stretched and contorted the system far beyond the original intentions of its architects. The DNS is an essential component of Internet based e-mail. It can serve as a repository for encryption keys and other security components. Currently, it is undergoing expansion that will integrate IP addresses with worldwide telephone numbering.


The DNS consists of three components. The first is a “Name Space” that establishes the syntactical rules for creating and structuring legal DNS names. The second is a “Globally Distributed Database” implemented on a network of “Name Servers”. The third is "Resolver" software, which understands how to formulate a DNS query and is built into practically every Internet-capable application.

(A) Name Space:

The DNS “Name Space” is the familiar inverted tree hierarchy with a null node named "" at the top. The child nodes of the root node are the Top Level Domains (TLDs)-.com, .net, .org, .gov, .mil-and the country code TLDs, including .jp, .uk, .us, .ca, and so forth. Node names, known as labels, can be as many as 63 characters long, with upper- and lower-case alphabetical letters, numerals, and the hyphen symbol constituting the complete list of legal characters. Labels cannot begin with a hyphen. Upper- and lower-case letters are treated equivalently. A label can appear in multiple places within the name space, but no two nodes with the same label can have the same parent node: A node name must be unique among its siblings.

(B) Name Servers:

The second key component of the DNS is a globally connected network of “name servers”. Each zone has a primary or master name server, which is the authoritative source for the zone's resource records. The primary name server is the only server that can be updated by means of local administrative activity. Secondary or slave name servers hold replicated copies of the primary server's data in order to provide redundancy and reduce the primary server's workload.

Furthermore, name servers generally cache data they have looked up, which can greatly speed up subsequent queries for the same data. Name servers also have a built-in agent mechanism that knows where to ask for data it lacks. If a name server can't find a domain within its zone, it sends the query a step closer to the root, which will resend it yet a step closer if it can't find the domain itself. The process repeats until it reaches a TLD, which ensures that the entire depth of the name space will be queried if necessary.

The combination of all the DNS name servers and the architecture of the system creates a remarkable database. There are more than 32 million domain names in the popular TLDs for which the whois utility works. Nominum, whose chief scientist, Paul Mockapetris, invented DNS, claims that there are more than 100 million domain names stored and that the system can easily handle 24,000 queries per second. The database is distributed-no single computer contains all the data. Nevertheless, data is maintained locally even though it's distributed globally, and any device connected to the IP network can perform lookups. The update serial number mechanism in each zone ensures a form of loose coherency on the network-if a record is out of date, the querier knows to check a more authoritative name server.

(C) Resolver:

The third component of the DNS is the “resolver”. The resolver is a piece of software that's implemented in the IP stack of every destination point, or "host" in IETF-speak. When a host is configured, manually or through DHCP, it's assigned at least one default name server along with its IP address and subnet mask. This name server is the first place that the host looks in order to resolve a domain name into an IP address. If the domain name is in the local zone, the default name server can handle the request. Otherwise, the default name server queries one of the root servers. The root server responds with a list of name servers that contain data for the TLD of the query. This response is known as a referral. The name server now queries the TLD name server and receives a list of name servers for the second-level domain name. The process repeats until the local name server receives the address for the domain name. The local server then caches the record and returns the address or other DNS data to the original querier.

(Posted By Alvin)

Read All Stories

Sign up for a News Letter Click here to sign up