Back  Next 

DNS - Domain Name server - converts symbolic name to ip number.  Usually one 
  local DNS running on a network.  The DNS service is structured as a 
  hierarchical tree with the local DNS at the lowest or leaf level.

Good description of resolution, see : 
    http://www.tcpipguide.com/free/t_TCPIPDomainNameSystemDNS.htm

When user specifies a name (URL) in a browser or putty session, the 
  application contacts the DNS resolver to see if matching ip is cached on 
  user's machine, 

  DNS resolver part of the OS and the TCP/IP implementation on the system.

  If it has cached the ip from previous query, 
    it returnt the IP.

  Else it contacts the local DNS server[s].
    Local DNS service is provided by the owner of the local domain.
    Its address is either "on file" with user's system. 
    Or the system requested it upon network activation.

    Some domains may have multiple DNS servers arrange in a hierachy, usually
    indicated by an ordered list. 

    Local DNS service checks to see if it tried to find same name recently
    If found, 
      it uses that data. 
      Data stored is eventually flushed to guarentee accuracy.
      * So far, servers contacted were assumed to be trustworthy.

    Else (not locally known)
      Contact the one of Root DNS servers (as in for the whole world).

    The local DNS service's resolver asks a "root name server" for an 
      appropriate "authoritative name server".
        wikipedia topic : Root name server

      Currently, 13 root server clusters spread around the world, data is
        redundent. 

      To simplify search, the Internet is broken up into non-overlapping 
        zones. Zones are not physical, but subject based. 
        20 general purpose such as com, edu, gov, org. 
        248 country codes such as  nl, to, tv, il, etc. 

      The local resolver sends dns query a root server which replys with 
        the appropriate ppropriate zone server's ip.

      The local resolver then contacts the zone server with url.
 
      The zone server should respond with the ip or of a DNS server of the 
        network of interest. Zone server get you to the right "neighborhood".
  
      * So, for faculty.cs.niu.edu, the Zone server returns the ip of the 
        primary DNS server for NIU.

      * Keep in mind that the resolver does cache discoveries, so it does not
        have to rediscover the ip of the zone server for .com everytime it is
        entered.

    The targeted DNS server then returns the ip of the system of interest.
      * NIU's DNS may return the ip of faculty.cs.niu.edu.

    In some cases, this server may be only able to indicate the next tier to
      query and the query is repeated until resolved. 
      * Or it may return the ip of the DNS for cs.niu.edu, which, when 
        contacted, returns the ip of the system faculty.cs.niu.edu.

    Because if trusted local fails to resolve a name, resolution comes from the 
     top down, it is more difficult to trick the DNS resolution scheme.

    It may be possible to hijack a DNS server within a local network. But only
      systems on that network will be affected.