Understanding DNS

Domain name resolution is classified into dynamic resolution and static resolution that complement each other. During domain name resolution, static resolution is preferentially used. If static resolution fails, dynamic resolution is used. Dynamic DNS resolution takes a period of time, and the cooperation of the DNS server is required. To improve the domain name resolution efficiency, you are advised to add commonly used domain names to a static domain name resolution table.

Static DNS

A static domain name resolution table is manually set up, describing the mappings between domain names and IP addresses. Some common domain names are added to the table. To obtain the IP address by resolving a domain name, the client searches the static domain name resolution table for the specified domain name. In this manner, the efficiency of domain name resolution is improved.

Dynamic DNS

User programs, such as ping and tracert, access the DNS server using the resolver of the DNS client.

Figure 1 shows the relationship between user programs, the resolver, the DNS server, and the cache on the resolver.

Figure 1 Dynamic DNS

The DNS client, consisting of the resolver and the cache, is used to accept and respond to the DNS queries from user programs. Generally, user programs (ping and tracert), the cache, and the resolver are on the same host; whereas the DNS server is on another host.

Working Process of the Dynamic DNS

When a user accesses some applications by domain name, the user program sends a request to the resolver on the DNS client.
After receiving the request, the resolver searches the local domain name cache.
- If the domain name matches an entry in the local cache, the resolver sends the corresponding IP address to the user program.
- If the domain name matches no entry in the local cache, the resolver sends a query message to the DNS server.
When receiving the query message, the DNS server first checks whether the domain name to be resolved is in an authorized sub-domain. Then, the DNS server sends a response packet according to the check result.
- If the domain name is in an authorized sub-domain, the DNS server searches for the corresponding IP address in the local database.
- If the domain name is out of authorized sub-domains, the DNS server sends a query message to a higher-level DNS server. This process continues until the DNS server finds the corresponding IP address or detects that the corresponding IP address of the domain name does not exist. Then the DNS server returns a result to the DNS client.
After receiving the response packet from the DNS server, the DNS client sends the resolution result to the user program.

Mappings between domain names and IP addresses are stored in the dynamic domain name cache. When resolving a domain name that is stored in the cache, the DNS client obtains the corresponding IP address from the cache directly and does not send a query message to the DNS server. Mappings stored in the cache will be deleted when the aging time expires to ensure that the latest mappings can be obtained from the DNS server. The aging time is set by the DNS server. The DNS client obtains the aging time from protocol packets.

Domain Name Suffix List

Dynamic domain name resolution supports the domain name suffix list. Users can preset domain name suffixes. Users only need to enter partial content of a domain name, and the system adds a suffix to the domain name for resolution. For example, a user has set the domain name suffix com in the suffix list. To visit huawei.com, the user only needs to enter huawei. The system adds the suffix com to the domain name.

When the domain name suffix list is used, the resolution modes vary according to domain names entered by users.

If a user enters a domain name without a dot (.), for example, huawei, the system identifies it as a host name and adds a suffix to the domain name for resolution. If the resolution fails, the system resolves the entered domain name.
If a user enters a domain name with a dot (.) in the middle, for example, www.huawei, the system resolves the domain name. If the resolution fails, the system adds a suffix to the domain name for resolution.
If a user enters a domain name with a dot (.) at the end, for example, huawei.com., the system resolves only the entered domain name directly and sends a response packet regardless of whether the domain name is resolved correctly. The system does not add a preset suffix to the entered domain name for resolution. Therefore, the dot (.) at the end of the domain name is called query terminator. A domain name with a query terminator is an absolute domain name or a full qualified domain name (FQDN).

Query Type

Class-A query is a common type of query, which is used to obtain the IP address corresponding to a specified domain name. For example, when you ping or tracert a domain name, the ping or tracert, as a user program, sends a query to the DNS client for the IP address corresponding to the domain name. If the corresponding IP address does not exist on the DNS client, the DNS client sends a Class-A query to the DNS server to obtain the corresponding IP address.