Solved

How the internet DNS query works

Posted on 2010-09-04
22
350 Views
Last Modified: 2012-06-27
I have internet DNS servers by which i am managing my domains.
I do also have secondary DNS services from my ISP DNS servers.
My query is when a query for any dns resolution comes to my DNS servers it checks for cache. if present it will reply. If it does not have the cache which dns server will it query it further and how.
Will it query my secondary DNS service DNS servers or some other servers.
0
Comment
Question by:SrikantRajeev
  • 9
  • 8
  • 3
  • +2
22 Comments
 
LVL 1

Expert Comment

by:ManoranjanSinha
Comment Utility
Yes it will check from the secondary DNS servers and it will works.
0
 
LVL 1

Author Comment

by:SrikantRajeev
Comment Utility
u mean it will check with my ISP DNS servers whose servers
0
 
LVL 1

Author Comment

by:SrikantRajeev
Comment Utility
i thought it contacts the root server
0
 
LVL 3

Expert Comment

by:moonlight
Comment Utility
it all depends on how you have setup your dns. first of all, what dns server do you have, how do the configuration files look like. You can easily check if your dns server is a resolver or not, just issue the following from any computer, to query YOUR dns:

nslookup google.com <yourdnsserver>

if its a resolver you would get googles ips, if not, it would say domain not existent
0
 
LVL 1

Author Comment

by:SrikantRajeev
Comment Utility
it gives me query refused
0
 
LVL 3

Expert Comment

by:moonlight
Comment Utility
instead of google.com, use one of your own domains, what does it say then?
0
 
LVL 1

Author Comment

by:SrikantRajeev
Comment Utility
it resolves and gives the IP address
0
 
LVL 1

Author Comment

by:SrikantRajeev
Comment Utility
if my machine inside queires for yahoo.com & if my dns server does not have cache for it which futher dns server will it query
0
 
LVL 14

Expert Comment

by:theras2000
Comment Utility
Hi Srikant.  It all depends whether you have configured a forwarder or not.  If you configure a forwarder (e.g. your ISP's DNS) then it will look there.  Otherwise, you're correct it would go to the root servers.  Here's a neat little page with scenarios:
http://www.windowsnetworking.com/articles_tutorials/DNS_Conditional_Forwarding_in_Windows_Server_2003.html
0
 
LVL 3

Expert Comment

by:moonlight
Comment Utility
That's not how it works really, when your machine querys a name, it querys the resolver that either you have setup in your tcp/ip settings or the settings that your ISP has pushed to your computer when you got connected to the net. If the resolver have your domain in cache, it answers it, if it does not, it goes to the root server with your domain name, the root server says, please go to this address, then the resolver goes to that one and gives the same query, and so forth, until it comes to YOUR dns server. This means your dns server does not have to be a resolver. It only needs to provide authoriative answers for your domains.

If you are inside your server and you issue a query, you will probably not use your own dns server, you are using the datacenters resolvers. to see this just write nslookup. then you will see a line saying default server.

usually domain name servers are NOT used as resolvers. So the query refused message actually makes sense.
0
 
LVL 27

Expert Comment

by:davorin
Comment Utility
Just my 2 cents:
When you make a DNS query, first your computer will query DNS server specified in ipconfig. If that server can resolve that name you will get IP, otherwise:
a) if that server has specified DNS forwarder(s), the server will query that forwarders and if they have cached resolution you will get IP, otherwise look step b.
b) if you don't have specified forwarders or forwarders can not resolve domain name your computer will be directer to DNS root server, DNS root server will direct you to DNS server authoritative for the first level resolution of queried domain (.com, . ua, .fr,...). That server will direct you to DNS server authoritative for the second level of queried domain (eg. something.com). Normally that server will give you needed IP of queried domain www.something.com. Sometimes you will require more than two steps from root server.
You can go to http://www.dnswatch.info/ and enter a DNS lookup for certain domain name and you will see exactly which servers are queried. Your specified DNS servers in that query does not take part. The query begins in step b.
In other words theras2000 is right.
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 3

Expert Comment

by:moonlight
Comment Utility
'Just for clarification, I was referreing to OP's own comment, not theras2000. somehow he came in between...
0
 
LVL 14

Expert Comment

by:theras2000
Comment Utility
I thought that was a bit strange. ;>
0
 
LVL 1

Author Comment

by:SrikantRajeev
Comment Utility
how can i check if my DNS server is configured as forwarder or not
0
 
LVL 14

Expert Comment

by:theras2000
Comment Utility
There was a screenshot on my link showing you going to the server's Properties, in the DNS mgmt tool ... that's assuming it's Windows.  You haven't said what you're using.
0
 
LVL 3

Expert Comment

by:moonlight
Comment Utility
if you are using bind, check in named.conf
0
 
LVL 1

Author Comment

by:SrikantRajeev
Comment Utility
i have the bind config.
What exactly should i look for in it
0
 
LVL 3

Expert Comment

by:moonlight
Comment Utility
a forwarders statement. See link for description of different statements:
http://www.zytrax.com/books/dns/ch7/queries.html
0
 
LVL 1

Author Comment

by:SrikantRajeev
Comment Utility
can any DNS server can connect to root server or is there any hierarchy or only particular servers can connect to the root servers
0
 
LVL 3

Accepted Solution

by:
moonlight earned 500 total points
Comment Utility
all can, since you even can do it with a nslookup from your own computer. They only answer partially though and direct you to the next name server down the hierarchy, so there is no point in query them once you know the correct name server handling a domain.
0
 
LVL 3

Expert Comment

by:moonlight
Comment Utility
any issue left?
0
 
LVL 1

Author Closing Comment

by:SrikantRajeev
Comment Utility
Thanks
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

I will assume you are running a non-server version of some sort of Windows throughout this article. There are many flavors of Windows since Windows Server 2000 - 2008, XP Home & Pro, Vista Home & Pro, and Windows 7 Starter, Home, Pro, Ultimate, etc.…
I've written instructions for one router type, but this principle may be useful for others of the same brand and even other brands of router. Problem: I had an issue especially with mobile devices that refused to use DNS information supplied via…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now