With all the DNS Changer hubbub going on recently, I thought some of you might want to know what DNS is and how it works. I recently stumbled across a great article from the folks over at GFI Vipre that explains just that.
Here’s the original article:
Do you know how DNS (the Domain Name System) works? More importantly, do you know how it impacts you when it doesn’t work?
First, let me explain what DNS is. DNS is the mechanism by which the “friendly” names we type into our web browsers as URLs (Universal Resource Locators) are matched with the IP addresses computers use to locate and identify each other on the Internet.
Let’s look at a URL such as www.microsoft.com. When you point a web browser to that address, what you’re doing is asking it to access the “top” or “front” page of the website located on a server named “www” in a registered domain called “microsoft” in the top level domain called “.com.” There are a large number of top level domains that include the familiar .com, .net, .org, .gov, .mil, .edu and so forth, as well as country code domains such as .uk, .ca, .fr, .it, etc.
The top level domain (in this case, “.com”) is the one farthest to the right in the first section of a URL that follows the “http” or “https” and double slash mark. The next part to the left (in this case, “microsoft”) is the subdomain name that was registered by a company or individual with an official domain registrar (these are companies such as Network Solutions and GoDaddy that are authorized to accept registrations from the public). The “www” in the name is the host name of the web server on which a website is located.
DNS servers are computers that hold a database of records of the IP addresses and their corresponding domains. The system is hierarchical, with servers called root name servers at the top. The root domain contains all the top level domains. There are 13 of these root name servers and they are essential to the operation of the Internet. There have been attacks targeting them. In March, there were rumors that the“hacktivist” group Anonymous was going to “kill” the Internet with distributed denial of service (DDoS) attacks against the root servers, but that didn’t happen.
So the root name servers resolve (provide the IP address information for) the top level domains. Authoritative name servers resolve names for the registered domain names that have been configured on those servers. When a company or individual registers a domain name, they have to provide two name servers for the domain.
You may have experienced a problem where you had an Internet connection but your web browser didn’t work when you typed in a domain name-based address. But if you knew the IP address of the website and typed it into the address box, you could connect to the site. That’s what happens when you have a DNS problem.
In order for your computer to be able to use DNS, it needs to know the IP address(es) of one or more DNS servers. If you set a static IP address for your own computer, you have to enter the addresses of the DNS servers you want to use in the TCP/IP Properties settings. If your computer gets its IP address automatically from your ISP, it will get the DNS server information automatically too. ISPs run their own DNS servers that their customers can use. If your computer can’t connect to a DNS server, you’ll have the web browser problem described above.
This is a very simplified explanation of DNS, which is a complex topic. If you’re interested in delving more deeply into it, check out this TechNet article titled How DNS Works.
The original post can be found here.