Back Lectures 

How a name is resolved.

Good description of resolution, see : 
    http://www.tcpipguide.com/free/t_TCPIPDomainNameSystemDNS.htm

User provides a symbolic DNS name to service of interest. 
(example www.wikipedia.org)

The application requests a name to IP translation from the local
  name resolver. Usually part of the systems OS.

The resolver checks to see if it recently resolved the name and,
If found
  It returns the ip to use.

Else (not found)
  The local machine then contact the listed local DNS server for lookup. 

  The local DNS server is maintained by the local domain's Internet Service
    Provider (ISP) and is assumed to be trustworthy. It is an important 
    responsibility of an ISP is to guard their DNS server(s).

  Some ISPs may have a single DNS server. A large ISP may implement several 
    parallel systems or a tiered system to distribute the work load.  

  If local DNS cannot resolve name
    DNS contacts top level of DNS system. These are the 'root' servers.
      There are 13 in the world and their IP@ are well known and static.

    * The local DNS server can attempt to contact an intermedary DNS 
      server but risks getting bad data. This is also one way DDOS,
      distributed denial of service, attacks are implemented.
  
     Check out  http://www.watchguard.com/infocenter/editorial/41649.asp

    As long as the local DNS server has not been hacked, by going to the top 
      of the DNS tree, user is fairly safe to get correct IP.

    The server at the root of the tree returns the IP of one of top level 
      DNS servers responsible for particular top level domain (example .org). 
      * This is done to limit the load on the root servers.
  
    The local DNS then contacts the top level domain server to get the IP of 
      a DNS that has more specialized knowledge of the name being resolved.

      It is possible this will lead to the DNS that can fully resolve the IP 
        or it may return another DNS system to query (fairly rare).    
        * 30 
      * dig +trace www.wikipedia.org
      * dig +trace www.microsoft.com
      * dig +trace +all www.math.niu.com

    Once a final ip is returned, if it exists, the session layer/protocol 
      now has source ip and port and destination ip and port.
   
    * The local DNS and the requesting system's resolver with both cache
      this information for a time to having to do this over.