How the Domain Name System Works
a leading provider of DNS & DNSSEC services and solutions. Lean more about their services here. | |
ICANNWiki Silver Sponsor |
The DNS (Domain Name System) is the system used to translate alphanumeric domain names into Internet Protocol numbers. Simply put, the DNS converts the names typed in the Web browser address bar into IP addresses. [1]
Overview[edit | edit source]
The DNS is made up of many servers and databases which, through a series of lookups in various caches, configure Domain Names into IP Addresses. The Domain Name System is a distributed database arranged hierarchically; its purpose is to provide a layer of abstraction between Internet services (web, email, etc.) and the numeric addresses (IP addresses) used to uniquely identify any given machine on the Internet. The DNS associates a variety of information with the domain names assigned and, most importantly, translates the domain names meaningful to humans into the numerical identifiers that locate the desired destination.
How Does It Work?[edit | edit source]
The DNS makes it possible to assign domain names in a meaningful way to Internet resources as well as to users, regardless of the entity's location. As a result, the WWW hyperlinks remain consistent, even for mobile devices. A domain name is an easy way to remember an address, but that needs to be converted to its numerical, IP format. [2]
Coordination across the Internet is maintained by means of a complex authoritative root system known as the Top Level Domain (TLD), as well as the DNS and other smaller name servers responsible for hosting individual domain information. For each domain, the DNS spreads the responsibility by mapping the domain names and assigning them into IP addresses, and vice-versa. This is accomplished through authoritative name servers which have been designated for each domain. Each authoritative name server is responsible for its own particular domain, but it has the authority to assign new authoritative name servers to any of its sub-domains. The DNS is able to store many types of information, even the mail server lists for a specific domain. The DNS is a core element which ensures the functionality of the Internet through its distributed keyword-based redirection service.
However, the DNS does not include security extensions, which was instead developed as DNSSEC.
The Structure of a DNS[edit | edit source]
The Domain Name System presents the following structure:
- Domain space name: represented by tree of domain names with nodes and leaves [3]
- Domain name syntax: rules include in standards like RFC 1035, RFC 1123, and RFC 2181
- Name server
- Domain names Internationalized
- DNS resolver: initiates the queries will finally lead to the complete translation (resolution) of the information.
DNS Services[edit | edit source]
These types of services include:
- Managing the DNS
- By means of powerful, secure and complete tools and DNS administration options such as Manage A records or MX records
- By means of controlling and managing the traffic
- Hosting the DNS
- Efficient DNS resolution
- Location DNS services: to ease visitors' work, increase visitors' satisfaction and strengthen the relationship with all visitors.[4]
Recent developments[edit | edit source]
In 2012, an IETF draft proposal, called "DNS Extension for Autonomous Internet (AIP)," was written by three Chinese technologists suggesting a method of operating alternate DNS root servers within national boundaries using gateways for translation. All DNS requests would carry an additional TLD, in order to designate that the requests were being sent to an alternate root.
Domain node “www.yahoo.com” in network B is expressed as “www.yahoo.com.B” for its external domain name.
The proposal would allow greater governmental control over the Internet.[5]
Chinese version of this page/本页中文版[edit | edit source]
DNS(域名系统)是用于将字母数字域名转化为互联网协议数字的系统。简单地说,DNS将输入在网络浏览器地址栏中的名称转化为IP地址。[6]
概述[edit | edit source]
DNS由许多服务器和数据库组成,通过在各种高速缓存存储器中进行一系列查找,将域名配置成IP地址。域名系统是一个分层排列的分布式数据库;其目的是在互联网服务(网络、电子邮件等)和用于唯一标识互联网上任何一台给定机器的数字地址(IP地址)之间提供一个抽象层。DNS各种信息与域名结合起来,最重要的是,将对于人类而言有意义的域名转化为可以定位指定目标的数字标识。
DNS的工作原理是什么?[edit | edit source]
DNS使人们能够将域名以有意义的方式分配给互联网资源以及用户,而与实体的位置无关。因此,即使是对于移动设备而言,“WWW”超链接也得以保持一致。人们通过域名更加容易记住一个地址,但是连接到互联网时,这个域名需要被转化为相应的数字形式,即IP格式。[7] 互联网中的协调由一个复杂的授权根系统,即顶级域 (TLD),以及DNS和其他负责托管单个域信息的小型名称服务器进行维护。对于每个域而言,DNS都通过映射域名并将之指定给IP地址来分担责任,反之亦然。这是通过已经指定给每个域的授权名称服务器来完成的。每个授权名称服务器负责其自身的特定域,但是它有权将新的授权名称服务器分配给它的子域。DNS能够存储各种类型的信息,甚至是某个特定域的电子邮件服务器列表。DNS作为能够确保互联网功能正常的核心元素,它的作用是通过其基于关键字的分布式重定向服务来实现的。 但是,DNS不包括安全扩展,而是被开发为域名系统安全扩展(DNSSEC)。
DNS的结构[edit | edit source]
域名系统的结构呈现为以下形式:
- 域名空间:由含有节点和分支的域名树状结构表示[8]
- 域名语法:比如包含在RFC 1035、RFC 1123和RFC 2181这些标准中的规则
- 名称服务器
- 域名国际化
- DNS解析器:发起查询最终将引起对信息的完整转换(解析)
DNS服务[edit | edit source]
服务类型包括:
- 管理DNS
- 借助于强大、安全而且完备的工具和DNS管理选项,比如管理A记录或邮件交换记录
- 通过控制和管理通信量
- DNS托管
- 有效的DNS解析
- 定位DNS服务:减轻访客的工作量,提升访客满意度并强化与所有访客的关系。[9]
近期发展[edit | edit source]
在2012年,三位中国技术人员起草了一份 IETF提案草案,被称为“自治互联网(AIP)的DNS扩展”,他们提出一种在国家边界内运作替代DNS根服务器,使用网关进行转化的方法。所有的DNS请求都将携带一个附加顶级域,用以指定将请求发送至一个替代根。
域节点”www.yahoo.com”在B网中的外部域名表达方式为”www.yahoo.com.B”。
该提案将有助于政府更大力度的管制互联网。[10]
Chinese translation of this page provided thanks to TLD Registry Ltd.