Microsoft Windows 1002000 Professional E2 [Electronic resources]

نسخه متنی -صفحه : 156/ 47
نمايش فراداده

[Previous] [Next]

Lesson 2: Understanding Name Resolution

Name resolution is the process of resolving names to IP addresses. Name resolution is similar to looking up a name in a telephone book, where the name is associated with a telephone number. For example, when you connect to the Microsoft Web site, you use the name www.microsoft.com. DNS resolves www.microsoft.com to its associated IP address. The mapping of names to IP addresses is stored in the DNS distributed database.

DNS name servers resolve forward and reverse lookup queries. A forward lookup query resolves a name to an IP address. A reverse lookup query resolves an IP address to a name. A name server can resolve a query only for a zone for which it has authority. If a name server can't resolve the query, it passes the query to other name servers that can resolve the query. The name server caches the query results to reduce the DNS traffic on the network.

After this lesson, you will be able to

  • Explain the name resolution process.

Estimated lesson time: 5 minutes

Forward Lookup Query

The DNS Service uses a client/server model for name resolution. To resolve a forward lookup query, which resolves a name to an IP address, a client passes a query to a local name server. The local name server either resolves the query or queries another name server for resolution.

Figure 8.3 represents a client querying the name server for an IP address of www.microsoft.com. The numbers in the figure depict the following activities:

  1. The client passes a forward lookup query for www.microsoft.com to its local name server.

  2. The local name server checks its zone database file to determine whether it contains the name-to-IP address mapping for the client query. The local name server doesn't have authority for the microsoft.com domain, so it passes the query to one of the DNS root servers, requesting resolution of the host name. The root name server sends back a referral to the com name servers.

  3. The local name server sends a request to a com name server, which responds with a referral to the Microsoft name servers.

  4. The local name server sends a request to the Microsoft name server. The Microsoft name server receives the request. Because the Microsoft name server has authority for that portion of the domain name space, it returns the IP address for www.microsoft.com to the local name server.

  5. The name server sends the IP address for www.microsoft.com to the client.

  6. The name resolution is complete, and the client can access www.microsoft.com.

    7. Figure 8.3 Resolving a forward lookup query

Name Server Caching

When a name server is processing a query, it might be required to send out several queries to find the answer. With each query, the name server discovers other name servers that have authority for a portion of the domain name space. The name server caches these query results to reduce network traffic.

When a name server receives a query result, the following actions take place (see Figure 8.4):

  1. The name server caches the query result for a specified amount of time; this is referred to as Time to Live (TTL).

NOTE
The zone that provided the query results specifies the TTL. The default value is 60 minutes.

  1. Once the name server caches the query result, TTL starts counting down from its original value.

  2. When TTL expires, the name server deletes the query result from its cache.

Caching query results enables the name server to resolve other queries to the same portion of the domain name space quickly.

Figure 8.4 Caching query results

NOTE
Shorter TTL values help ensure that data about the domain name space is more current across the network. Shorter TTL values do increase the load on name servers, however. A longer TTL value decreases the time required to resolve information. However, if a change does occur, the client will not receive the updated information until the TTL expires and a new query to that portion of the domain name space is resolved.

Reverse Lookup Query

A reverse lookup query maps an IP address to a name. Troubleshooting tools, such as the nslookup command-line utility, use reverse lookup queries to report back host names. Additionally, certain applications implement security based on the ability to connect to names, not IP addresses.

Because the DNS distributed database is indexed by name and not by IP address, a reverse lookup query would require an exhaustive search of every domain name. To solve this problem, a special second-level domain called in-addr.arpa was created.

The in-addr.arpa domain follows the same hierarchical naming scheme as the rest of the domain name space; however, it is based on IP addresses, not domain names:

  • Subdomains are named after the numbers in the dotted-decimal representation of IP addresses.

  • The order of the IP address octets is reversed.

  • Companies administer subdomains of the in-addr.arpa domain based on their assigned IP addresses and subnet mask.

For example, Figure 8.5 shows a dotted-decimal representation of the IP address 169.254.16.200. A company that has an assigned IP address range of 169.254.16.0 to 169.254.16.255 with a subnet mask of 255.255.255.0 will have authority over the 16.254.169.in-addr.arpa domain.

Figure 8.5 The in-addr.arpa domain

Lesson Summary

In this lesson, you learned that name resolution is the process of resolving names to IP addresses and that the mapping of names to IP addresses is stored in the DNS distributed database. You learned that DNS name servers resolve forward lookup queries and what happens when a client queries the name server for an IP address. You also learned about name server caching and that the name server caches the query results to reduce the DNS traffic on the network.

You also learned that in addition to forward lookup queries, DNS name servers resolve reverse lookup queries. A reverse lookup query resolves an IP address to a name. Because the DNS distributed database is indexed by name and not by IP address, a special second-level domain called in-addr.arpa was created. The in-addr.arpa domain follows the same hierarchical naming scheme as the rest of the domain name space; however, it is based on IP addresses instead of domain names.