Howstuffworks.com's "How Domain Name Servers Work"

Sponsored by

How Domain Name Servers Work

by Marshall Brain

Sponsored by

Verio Web Hosting Services hosts hundreds of thousands of sites and offers virtual hosting services, ecommerce services, domain name registration services, ecommerce services and high-end dedicated machines.

Related Articles! If you are interested in domain name servers, you may also be interested in the other articles in the How Stuff Works Internet Category. You can Click Here to see a complete list of articles in the category!

If you spend any time on the Internet sending email or browsing the web, then you use Domain Name Servers without even realizing it. Domain Name Servers, or DNS, are an incredibly important but completely hidden part of the Internet, and they are fascinating! The DNS system forms one of the largest and most active distributed databases on the planet, and without DNS the Internet would shut down very quickly.

In this edition of How Stuff Works we will take a look at the DNS system so that you can understand how it works and appreciate its amazing capabilities!

The Basic Idea
When you use the web or send an email message, you use a domain name to do it. For example, the following URL:

ï¿½ï¿½ï¿½9ï¿½netwï¿½ï¿½ï¿½ï¿½ï¿½9ï¿½ .comï¿½.|ï¿½kï¿½39ï¿½=/9ï¿½@Dï¿½ï¿½6Te=3&9ï¿½p'ï¿½ï¿½ï¿½ï¿½=049ï¿½p6ï¿½ ï¿½ï¿½ (orks9ï¿½pï¿½ï¿½ï¿½9Ô€(ï¿½ï¿½ï¿½~P;ï¿½ï¿½ï¿½ï¿½6Bj9Ö˜ï¿½ï¿½ï¿½ï¿½ï¿½kp6Bj9ï¿½(9Ô°9ï¿½=ï¿½ï¿½ï¿½T9ï¿½ï¿½6ï¿½ ï¿½ï¿½ï¿½ï¿½ï¿½9ï¿½ï¿½6ï¿½ ï¿½ï¿½ï¿½ï¿½.ï¿½6ï¿½ 6Bj9ï¿½,9ï¿½ï¿½ï¿½@ï¿½vTï¿½ï¿½

Contains the domain name howstuffworks.com. So does this email address:

[email protected]

Human-readable names like howstuffworks.com are easy for human beings to remember, but they don't do machines any good. All of the machines use names called IP Addresses to refer to one another. For example, the machine that humans refer to as www.howstuffworks.com has an IP address of 216.27.61.137. Every time you use a domain name, you use the Internet's domain name servers (DNS) to translate the human-readable domain name into the machine-readable IP address. During a day of browsing and emailing, you might access the domain name servers hundreds of times!

Domain name servers translate domain names to IP addresses. That sounds like a simple problem, and it would be except for five things:

There are billions of IP addresses currently in use, and most machines have a human readable name as well.
There are many billions of requests made from domain name servers every day. You yourself can easily make a hundred or more DNS requests a day, and there are hundreds of millions of people and machines using the Internet every day.
Domain names and IP addresses change daily.
New domain names get created daily.
Millions of people do the work to change and add domain names and IP addresses every day.

The DNS system is a database, and no other database on the planet gets this many requests. No other database on the planet has millions of people changing it every day either. That is what makes the DNS system so unique!

How IP Addresses Work
To keep all of the machines on the Internet straight, each machine is assigned a unique address called an IP Address. IP addresses are 32-bit numbers normally expressed as 4 "octets" in a "dotted decimal number". A typical IP address looks like this:

          216.27.61.137

The four numbers in an IP address are called octets because they can have values between 0 and 255 (2⁸ possibilities per octet).

Every machine on the Internet has a unique IP address. A server has a static IP address that does not change very often. A home machine that is dialing up through a modem often has an IP address that is assigned by the ISP when you dial in. That IP address is unique for your session but may be different the next time you dial in. In this way an ISP only needs one IP address for each modem it supports rather than for every customer.

If you are working on a Windows machine, you can view your current IP address with the command WINIPCFG.EXE. On a UNIX machine type nslookup along with a machine name (like www.howstuffworks.com -- e.g. "nslookup www.howstuffworks.com") to display the IP address of the machine (use the command hostname to learn the name of your machine). [For more information on IP addresses see IANA]

As far as the Internet's machines are concerned, an IP address is all that you need to talk to a server. For example, in your browser you can type the URL http://216.27.61.137 and you will arrive at the machine that contains the web server for How Stuff Works. Domain names are strictly a human convenience.

How Domain Names Work
If we had to remember the IP addresses of all of the web sites we visit every day, we would all go nuts. Human beings just are not that good at remembering strings of numbers. We are good at remembering words, however, and that is where domain names come in. You probably have hundreds of domain names stored in your head. For example:

www.howstuffworks.com -- a typical name
www.yahoo.com -- the world's best-known name
www.mit.edu -- a popular EDU name
encarta.msn.com -- a web server that does not start with www
www.bbc.co.uk -- a name using 4 parts rather than 3
ftp.microsoft.com -- an ftp server rather than a web server

The .COM, .EDU and .UK portions of these example domain names are called the top-level domain or first-level domain. There are several hundred top-level domain names, including COM, EDU, GOV, MIL, NET, ORG and INT, as well as unique two-letter combinations for every country.

Within every top-level domain there is a huge list of second-level domains. For example, in the COM first-level domain there is:

howstuffworks
yahoo
msn
microsoft
plus millions of others...

Every name in the COM top-level domain must be unique, but there can be duplication across domains. For example, howstuffworks.com and howstuffworks.org are completely different machines.

In the case of bbc.co.uk, it is a third-level domain. Up to 127 levels are possible, although more than four is rare.

The left-most word, like www or encarta, is the host name. It specifies the name of a specific machine (with a specific IP address) in a domain. A given domain can, potentially, contain millions of host names as long as they are all unique within that domain.

Distributing Domain Names
Because all of the names in a given domain need to be unique, there needs to be a single entity that controls the list and makes sure no duplicates arise. For example, the COM domain cannot contain any duplicate names, so a company called Network Solutions is in charge of maintaining this list. When you register a domain name, it goes through one of several dozen registrars who work with Network Solutions to add names to the list. Network Solutions, in turn, keeps a central database known as the whois database that contains information about the owner and name servers for each domain. If you go to the whois form you can find information about any domain currently in existence.

While it is important to have a central authority keeping track of the database of names in the COM (and other) top-level domain, you would not want to centralize the database of all of the information in the COM domain. For example, Microsoft has hundreds of thousands of IP addresses and host names. Microsoft wants to maintain its own domain name server for the microsoft.com domain. Similarly, Great Britain probably wants to administrate the uk top-level domain, Australia wants to administrate the au domain, and so on. For this reason, the DNS system is a distributed database. Microsoft is completely responsible for dealing with the name server for microsoft.com -- it maintains the machines that implement its part of the DNS system, and Microsoft can change the database for its domain whenever it wants to because Microsoft owns its domain name servers.

Every domain has a domain name server somewhere that handles its requests, and there is a person maintaining the records in that DNS. This is one of the most amazing parts of the DNS system -- it is completely distributed throughout the world on millions of machines administered by millions of people, yet it behaves like a single, integrated database!

How the Distributed System Works
Name servers do two things all day long:

They accept requests from programs to convert domain names into IP addresses
They accept requests from other name servers to convert domain names into IP addresses

When a request comes in, the name server can do one of four things with it:

It can answer the request with an IP address because it already knows the IP address for the domain.
It can contact another name server and try to find the IP address for the name requested. It may have to do this multiple times.
It can say, "I don't know the IP address for the domain you requested, but here's the IP address for a name server that knows more than I do."
It can return an error message because the requested domain name is invalid or does not exist.

When you type a URL into your browser, the browser's first step is to convert the domain name and host name into an IP address so that the browser can go request a web page from the machine at that IP address (see How Web Servers Work for details on the whole process). To do this conversion, the browser has a conversation with a name server.

When you set up your machine on the Internet, you (or the software that you installed to connect to your ISP) had to tell your machine what name server it should use for converting domain names to IP addresses. On some systems the DNS is dynamically fed to the machine when you connect to the ISP, and on other machines it is hard wired. If you are working on a Windows machine, you can view your current name server with the command WINIPCFG.EXE. On a UNIX machine type nslookup along with your machine name. Any program on your machine that needs to talk to a name server to resolve a domain name knows what name server to go talk to because it can get the IP address of your machine's name server from the operating system.

The browser therefore contacts its name server and says, "I need for you to convert a domain name to an IP address for me." For example, if you typed www.howstuffworks.com into your browser, the browser needs to convert that URL into an IP address. The browser will hand www.howstuffworks.com to its default name server and ask it to convert it.

The name server may already know the IP address for www.howstuffworks.com. That would be the case if another request to resolve www.howstuffworks.com came in recently (name servers cache IP addresses to speed things up). In that case, the name server can return the IP address immediately. Let's assume, however, that the name server has to start from scratch.

A name server would start its search for an IP address by contacting one of the root name servers. The root servers know the IP address for all of the name servers that handle the top-level domains. Your name server would ask the root for www.howstuffworks.com, and the root would say (assuming no caching), "I don't know the IP address for www.howstuffworks.com, but here's the IP address for the COM name server." Obviously these root servers are vital to this whole process, so:

There are many of them scattered all over the planet.
Every name server has a list of all of the known root servers. It contacts the first root server in the list, and if that doesn't work it contacts the next one in the list, and so on.

Here is a typical list of root servers held by a typical name server.

;       This file holds the information on root name servers needed to
;       initialize cache of Internet domain name servers
;       (e.g. reference this file in the "cache  .  "
;       configuration file of BIND domain name servers).
;
;       This file is made available by InterNIC registration services
;       under anonymous FTP as
;           file                /domain/named.root
;           on server           FTP.RS.INTERNIC.NET
;       -OR- under Gopher at    RS.INTERNIC.NET
;           under menu          InterNIC Registration Services (NSI)
;              submenu          InterNIC Registration Archives
;           file                named.root
;
;       last update:    Aug 22, 1997
;       related version of root zone:   1997082200
;
;
; formerly NS.INTERNIC.NET
;
.                        3600000  IN  NS    A.ROOT-SERVERS.NET.
A.ROOT-SERVERS.NET.      3600000      A     198.41.0.4
;
; formerly NS1.ISI.EDU
;
.                        3600000      NS    B.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET.      3600000      A     128.9.0.107
;
; formerly C.PSI.NET
;
.                        3600000      NS    C.ROOT-SERVERS.NET.
C.ROOT-SERVERS.NET.      3600000      A     192.33.4.12
;
; formerly TERP.UMD.EDU
;
.                        3600000      NS    D.ROOT-SERVERS.NET.
D.ROOT-SERVERS.NET.      3600000      A     128.8.10.90
;
; formerly NS.NASA.GOV
;
.                        3600000      NS    E.ROOT-SERVERS.NET.
E.ROOT-SERVERS.NET.      3600000      A     192.203.230.10
;
; formerly NS.ISC.ORG
;
.                        3600000      NS    F.ROOT-SERVERS.NET.
F.ROOT-SERVERS.NET.      3600000      A     192.5.5.241
;
; formerly NS.NIC.DDN.MIL
;
.                        3600000      NS    G.ROOT-SERVERS.NET.
G.ROOT-SERVERS.NET.      3600000      A     192.112.36.4
;
; formerly AOS.ARL.ARMY.MIL
;
.                        3600000      NS    H.ROOT-SERVERS.NET.
H.ROOT-SERVERS.NET.      3600000      A     128.63.2.53
;
; formerly NIC.NORDU.NET
;
.                        3600000      NS    I.ROOT-SERVERS.NET.
I.ROOT-SERVERS.NET.      3600000      A     192.36.148.17
;
; temporarily housed at NSI (InterNIC)
;
.                        3600000      NS    J.ROOT-SERVERS.NET.
J.ROOT-SERVERS.NET.      3600000      A     198.41.0.10
;
; housed in LINX, operated by RIPE NCC
;
.                        3600000      NS    K.ROOT-SERVERS.NET.
K.ROOT-SERVERS.NET.      3600000      A     193.0.14.129 
;
; temporarily housed at ISI (IANA)
;
.                        3600000      NS    L.ROOT-SERVERS.NET.
L.ROOT-SERVERS.NET.      3600000      A     198.32.64.12
;
; housed in Japan, operated by WIDE
;
.                        3600000      NS    M.ROOT-SERVERS.NET.
M.ROOT-SERVERS.NET.      3600000      A     202.12.27.33
; End of File

The formatting is a little odd, but basically it shows you that the list contains the actual IP addresses of 14 different root servers.

The root server knows the IP addresses of the name servers handling the several hundred top-level domains. It returns to your name server the IP address for a name server for the COM domain. Your name server then sends a query to the COM name server asking it if it knows the IP address for www.howstuffworks.com. The name server for the COM domain knows the IP addresses for the name servers handling the HOWSTUFFWORKS.COM domain, so it returns those. Your name server then contacts the name server for HOWSTUFFWORKS.COM and asks if it knows the IP address for www.howstuffworks.com. It actually does, so it returns the IP address to your name server, which returns it to the browser, which can then contact the server for www.howstuffworks.com to get a web page.

One of the keys to making this work is redundancy. There are multiple name servers at every level, so that if one fails there are others to handle the requests. There are, for example, three different machines running name servers for HOWSTUFFWORKS.COM requests. All three would have to fail for there to be a problem.

The other key is caching. Once a name server resolves a request, it caches all of the IP addresses it receives. Once it has made a request to a root server for any COM domain, it knows the IP address for a name server handling the COM domain, so it doesn't have to bug the root servers again for that information. Name servers can do this for every request, and this caching helps to keep things from bogging down.

Name servers do not cache forever, however. The caching has a component called the Time To Live (TTL) that controls how long a server will cache a piece of information. When the server receives an IP address it also receives the TTL with it. The name server will cache the IP address for that period of time (ranging from minutes to days) and then discard it. The TTL allows changes in name servers to propagate. Not all name servers respect the TTL they receive, however. When How Stuff Works recently moved its machines over to new servers, it took three weeks for the transition to propagate throughout the web. We put a little tag that said "new server" in the upper left corner of the home page so people could tell whether they were seeing the new or the old server during the transition.

Creating a New Domain Name
When someone wants to create a new domain, he or she has to do two things:

Find a name server for the domain name to live on
Register the domain name

Technically there does not need to be any machines in the domain -- there just needs to be a name server that can handle the requests for the domain name.

There are two ways to get a name server for a domain:

You can create and administer it yourself
You can pay an ISP or hosting company to handle it for you

Most larger companies have their own domain name servers. Most smaller companies pay someone.

The history of How Stuff Works is typical. When howstuffworks.com was first created, it began as a parked domain. Look at ../www.howstuffworks.net for an example of a parked domain. This domain currently lives with a company called www.webhosting.com. Webhosting.com maintains the name server and also maintains a machine that creates the single "under construction" page for the domain.

To create a domain you fill out a form with a company that does domain name registration (examples: register.com , tabnet.com, networksolutions.com). They create an "under construction page", create an entry in their name server, and submit the form's data into the whois database. Twice a day, the COM, ORG, NET, etc. name servers get updates with the newest IP address information. At that point a domain exists and people can go see the "under construction" page.

How Stuff Works then started publishing content under the domain www.howstuffworks.com. We set up a hosting account with Tabnet and Tabnet ran the DNS for How Stuff Works as well as the machine that hosted How Stuff Works' web pages. This type of machine is called a virtual web hosting machine and is capable of hosting multiple domains simultaneously. 500 or so different domains all shared the same processor.

As How Stuff Works became more popular, it outgrew the virtual hosting machine and needed its own server. At that point we started maintaining our own machines dedicated to How Stuff Works, and began administrating our own DNS. We have a primary server and two secondaries:

NS3.ILAN.NET 216.27.2.37
NS4.ILAN.NET 216.27.2.38
OAK.HOWSTUFFWORKS.COM 216.27.22.162

Our primary DNS is oak. Any changes we make to it propagate automatically to the two secondaries, which are both maintained by our ISP.

All three of these machines run name server software called BIND. BIND knows about all of the machines in our domain through a text file on oak that looks like this:

        IN NS   ns3.ilan.net.
        IN NS   ns4.ilan.net.
        IN MX 10        oak
        IN A    216.27.61.137

oak     IN A    216.27.22.162
mail    IN CNAME        oak
pop     IN CNAME        oak
smtp    IN CNAME        oak

twin1   IN A    216.27.61.137
twin2   IN A    216.27.61.139
www     IN CNAME        @
ftp     IN CNAME        twin1

walnut  IN A    216.27.22.163
db      IN CNAME        walnut

test    IN A    216.27.61.214

Decoding this file from the top, you can see that:

The first two lines point to the secondary name servers.
The next line is called the MX record. When you send mail to anyone at howstuffworks.com, the piece of software sending the email contacts the name server to get the MX record so it knows where the SMTP server for How Stuff Works is (see How Email Works for details). Many larger systems have multiple machines handling incoming email, and therefore multiple MX records.
The next line points to the IP address that will handle a request to howstuffworks.com (no host name).
The next line points to the IP address that will handle a request to oak.howstuffworks.com
The next line points to the machine that will handle a request to mail.howstuffworks.com
and so onï¿½

You can see from this file that there are five physical machines at five separate IP addresses that make up How Stuff Works' server infrastructure: twin1, twin2, oak, walnut and test. Then there are aliases for hosts like mail, pop, smtp, www, ftp and db. There can be aliases for anything. For example, there could be an entry in this file for scoobydoo.howstuffworks.com and it could point to the physical machine called walnut. There could be an alias for yahoo.howstuffworks.com and it could point to yahoo. There really isn't any limit to it. We could also create multiple name severs and segment our domain.

The Beauty of DNS
As you can see from this description, DNS is a rather amazing distributed database. It handles billions of requests for billions of names every day through a network of millions of name servers administered by millions of people. Every time you send an email message or view a URL, you are making requests to multiple name servers scattered all over the globe. What's amazing is that the process is normally completely invisible and extremely reliable!

Links

RFC 1035 - Domain Names - Implementation and Specifications -- superseded RFC 883
RFC 1034 - Domain Names - Concepts and Facilities -- superseded RFC 882
BIND -- the software that implements most name servers
Domain name registries around the world

Click Here to see all of the articles in the HSW Internet category.

Click Here to see the How Stuff Works home page.

Sponsored links to help you with your website:

Hostindex.com Search the web's LARGEST hosting directory

Free Webmaster Tools E-Zine - Free weekly e-zine that presents high quality tools, tips, and news for webmasters and web designers. Subscribers have free access to the member area.

Make your own Screen Savers from your favorite images. Download trial version for FREE.

Download webROCKET today and increase your Internet connection speed up to 200%!

Animation Factory - Several thousand FREE Animations, web graphics and clip art items.

E-commerce and Internet Business Solutions - Complete internet business solution. Online STORES, storefront development systems, shopping carts, 24/7 order processing and credit card acceptance.

Monster Crawler - Meta Search Engine - Search all the major search engines with just one click!

Network Solutions - Everything You Need to Get Online.