Networking Basics: Part 2 – DNS Server

 

The content of this article discusses the operation of DNS servers (domain name system).

This is also the final part of how computers in a network segment share a common IP address range. Invite you to follow along.

What is DNS Server?

 

As we all know, when a computer needs to access information on a computer on a different network or network segment, it needs the help of the router. The router transfers the necessary data packets from one network to another (such as the Internet). If you’ve read the second part, as you probably remember, we gave an example that makes a reference to the IP address associated with a website. To be able to access this website, your Web browser must know the website’s IP address. Then the browser provides an address to the router, the router will determine the path to another network and request data packets to the appropriate destination host. Every website has an IP address, but you can visit these websites every day, regardless of its sequence number. In this article we’ll show you why this is possible.

 

An IP address is like a home address. It includes the network location (which is the numbering of the network segment in which the computer is active), similar to the street name; and device location (identifying a specific computer in the network), similar to a house number. Knowing an IP address is essential for TCP / IP basic communication between two computers.

 

When you open a Web browser and enter the website name (known as the domain name or URL (Universal Resource Locator)), the browser will go directly to the website without having to go through the website. by entering the IP address. You can imagine the process of opening the website is like the process of delivering mail to the address indicated on the envelope at the post office. The IP address in network communications acts like the address on the envelope. Mail can’t get to the right place if you just write the recipient’s name and “forget” their address. It is the same with coming and opening a website. Your computer cannot contact the website unless it knows the website’s IP address.

 

But you do not need to type in the IP address and the browser can still open the correct website you want when entering the domain name. So where is the IP address? The process of “translating” a domain name to an IP address is the job of a DNS server (the domain name system server).

 

The DNS server is the server that holds the database of public IP addresses and hostnames associated with them . In most cases, the DNS server resolves or translates domain names into IP addresses as required. DNS servers run special software and communicate with each other using special protocols. To put it in a simpler way: DNS server on the Internet is a device that translates the tridevcomputer.com URL you enter in the browser’s address bar into the IP address 213.190.6.89

 

Note: Other names for the DNS server include name server / nameserver and domain name system server (domain name system server).

In the previous two articles we have covered some of the concepts of a computer’s TCP / IP configuration, such as the IP address, the subnet mask and the default gateway. See Figure A below for another configuration option called “Preferred DNS server” (the reference domain name system server).

Figure A : The Preferred DNS Server option is defined as part of the TCP / IP configuration on the computer.

As you can see in the figure, the option ” Preferred DNS server ” is defined as part of the TCP / IP configuration. This means that the computer will always know the IP address of the DNS server. This is very important because the computer cannot communicate with another computer using the TCP / IP protocol if it does not know the IP address of the other computer .

Why do I need a DNS server?

 

When you enter tridevcomputer.com into your web browser , all you need to remember is the URL https://tridevcomputer.com/. The same is true for any other website like Google.com, Amazon.com, etc. We are human, so we remember the words in the URL much more easily than the numbers in the IP address. . Other computers and network equipment will be responsible for understanding the IP address. Therefore, the DNS server has the role of helping users to use a memorable name to access the website, and also helping the computer to use the IP address to access that website. The DNS server is the “interpreter” between the hostname and the IP address.

 

Now we will look at what happens when you try to visit a website. The process begins with you opening a Web browser and entering a URL. Then, the browser knows that it cannot locate the website based on the URL alone. Thus it queries the DNS server’s IP address information from the computer’s TCP / IP configuration and submits the URL path to the DNS server server. The DNS server will then look up the URL path on the table with the website’s IP address list . It then returns the IP address for the Web browser and the browser can contact the requested website.

 

Actually this explanation might be a bit simpler. Domain name resolution in DNS can only work if the DNS server contains a record that corresponds to the requested website. If you visit a random website, the DNS server will have no record of this website. The reason is because the Internet is too big. Millions of new websites and websites are created every day. There is no way a single DNS server can keep up with every website and respond to all requests from anyone with an Internet connection.

 

Now suppose a single DNS server can store records for every website that exists. If the capacity of the server is not an issue, then the server will also be overflowed by name resolution requests received from Internet users everywhere. A centralized DNS server is often a very popular target for attacks.

 

Consequently, DNS servers are often distributed across multiple sites, avoiding a single DNS server having to provide name resolution for the entire Internet. In the world today, there is an organization in charge of the allocation and registration of Internet domain names is Internet Corporation for Assigned Names and Numbers (or ICANN). Since managing the domain name for the entire network is such a huge undertaking, ICANN allocates many parts of the domain name response to different firms. For example, Network Solutions is in charge of the domain “.com”. But that doesn’t mean that Network Solutions maintains a list of the IP addresses associated with all .com domains. In most cases, the Network Solution’s DNS server contains records that point to the DNS servers that are considered official for each domain.

 

To see how it all works, imagine that you want to go to website www.geprimang.com. When entering the request into a browser, the browser sends the URL address to the DNS server specified by your computer’s TCP / IP configuration. The DNS server server does not know the address of this website. Therefore, it sends the request to the ICANN DNS server. ICANN’s DNS server also does not know the IP address of the website you are trying to access, but only knows the IP address of the DNS server that is responsible for the domain name with the .COM extension. It will return this address to the browser and in the process of returning it also sends the request to that particular DNS server.

 

The highest DNS server level for .COM-end domain names will not know what IP address of the website is being requested, but it knows the IP address of the official DNS server for the domain brienposey.com. It sends the address back to the machine that made the request. The Web browser then sends the DNS query to the DNS server that has the authority for the requested domain. And this DNS server will return the website’s IP address, allowing the machine to communicate with the website it requests.

 

As you can see, there are many steps that must be completed for a computer to find out the IP address of a website. In order to reduce the number of DNS queries that must be made, the results of these queries are usually stored for several hours or days, depending on how the machine is configured. Caching IP addresses greatly enhances performance and minimizes the total amount of bandwidth consumed by DNS queries. You can imagine how bad Web browsing would be if your computer had to perform a full set of DNS queries any time you wanted to view a new Web page.

DNS server and malware

 

Running an antivirus program is very important. One reason is that malware can attack your computer by changing DNS server settings. And this is definitely something you don’t want to happen.

For example, your computer is using Google’s DNS servers 8.8.8.8 and 8.8.4.4 . In these DNS servers , visiting your bank’s website (with the bank’s URL) will correctly load the website and allow you to log in to your account.

 

However, if the malware changes your DNS server settings (which can happen without your knowledge) entering the same URL could take you to a completely different website or a similar one. not the website you need to visit. This fake banking website might look exactly like the real one but instead of letting you log in to your account, it records your username and password, giving the attacker all of it. Your bank account information .

 

Usually, however, malware that gets into your DNS server usually only redirects popular websites to ones full of advertisements or fake virus sites that make you think you have to buy a program to do it. Clean infected computer.

 

There are two things you should do to avoid becoming a victim this way. The first is to install an anti-virus program so that the malicious programs are removed, before they can do any damage. The second is to pay attention to what the website looks like. If it’s a little bit different than usual or you get an “invalid certificate” message in your browser, it could be a sign that you’re on a fake website.

More information about DNS server

 

In most cases, two DNS servers, primary server and secondary server, are configured automatically on your router and / or computer when connecting to the ISP via DHCP. You can configure two DNS servers in case one of them fails, then the device will use the secondary server.

 

While many DNS servers are operated by ISPs and intended to be used only by customers, a few public servers are also available. See the DNS server list for details and how to change DNS servers , if you need help making changes.

 

Some DNS servers may provide faster access times than others, but only depend on how long your device reaches the DNS server. For example, if the ISP’s DNS servers are closer to Google’s DNS servers, then you may find that addresses are resolved faster, using the default servers from your ISP, not the third-party servers. .

 

If you’re having a network problem that can’t load the web page, then there is a problem with the DNS server. If the DNS server cannot find the correct IP address associated with the hostname you entered, the web page will not load. Again, this is because the computer communicates via an IP address, not the hostname, so the computer doesn’t know what you’re trying to reach unless it can use the IP address.

 

The DNS server settings “closest” to the device are those that apply. For example, while your ISP might use one set of DNS servers, which applies to all routers connected to it, your router might use a different set of DNS server settings for all of them. the device is connected to that router. However, a computer connected to the router can use its own DNS server settings to override the settings of both the router and the ISP. Tablets, phones, etc. are the same thing.

 

The article explained above about how malicious programs can control your DNS server settings and override them with servers redirecting your website requests elsewhere. Sure, this is something scammers can do, but it’s also a feature found in some DNS services like OpenDNS , of course with good intentions. For example, OpenDNS can redirect adult websites, gambling sites, social networking sites and more, to the “Blocked” page , but you have full control over the redirects.

The nslookup command is used to query your DNS server.

Let’s start by opening the Command Prompt tool and then typing the following:

nslookup tridevcomputer.com

And the result will look like this:

Server: google-public-dns-a.google.com

Address: 8.8.8.8

 

Non-authoritative answer:

Name: quantrimang.com

Address: 123.30.180.60

In the example above, the nslookup command tells you the IP address (or some IP address in this case), which the address you entered into your browser’s search bar can translate.

DNS Root Server

 

There are a number of DNS servers that are part of the computer’s connection, which we call the Internet. Most importantly, the 13 DNS Root Servers store a complete database of domain names and their associated public IP addresses.

These top level DNS servers are named with the first 13 letters of the alphabet (A through M). Ten of these servers are located in the US, one in London, one in Stockholm and one in Japan.

Conclude 

 

In this article we have explained how a DNS server is used to resolve domain names for IP addresses. Although the process described seems quite simple, you should keep in mind that ICANN and high level DNS registrars like Network Solutions use load balancing technology to distribute requests across multiple DNS servers. other. This prevents servers from overflowing and eliminates the possibility of single point of failure.

See more:

• What Is A Router?
• What is FTP?
• What Is Hyper-V? Installation guide for Hyper-V.
• What Is XAMPP? How to Install XAMPP ?