simple DNS question

[Chip Old]

On Sat, 17 Mar 2001, Ali Ghodsi wrote:

> would my DNS server, if it cant resolve some name, ask the root
> directly? or where in the hierarchy would it start. You have
> forwarders configured in your name servers, would it be step by step
> worked up the hierarchy, or would it directly go to the root.

Depends on what is already in your name server's cache.  If it already
knows about some level of the hierarchy, it will start there.  If not, it
will start at a root NS.

Let's assume for example that a client has asked your name server to
resolve www.mydomain.com.  Let's also assume your NS's cache is absolutely
empty (unlikely except right after startup).  Also assume a pretty normal
plain-jane named.conf.

o Your NS looks in its cache and sees that it doesn't know what NS's
  are authoritative for the mydomain.com domain, and it doesn't even
  know what NS's are authoritative for the .com TLD.  However it does
  know (from its hints zone file) where the root NS's are.
o Your NS queries a root NS (let's say a.root-servers.net).
o a.root-servers.net refers your NS to the NS's authoritative for
  the .com TLD.
o Your NS queries one of those TLD servers (let's say a.gtld-servers.net).
o a.gtld-servers.net refers your NS to the NS's authoritative for
  mydomain.com.
o Your NS queries one of those NS's (let's say ns1.mydomain.com).
o ns1.mydomain.com returns the IP address of www.mydomain.com.
o Your NS returns that IP address to the client.

Now, on a normally-configured NS that has been running for more than a few
minutes the cache won't be empty.  Most likely our NS will have already
had to resolve several .com domains, so the locations of the .com TLD
servers will be in cache.  If so, your NS will not have to query a root
server for that information. It can go directly to one of the .com TLD
servers, so the sequence is shortened to this:

o Your NS looks in it's cache and sees that it doesn't know what NS's
  are authoritative for mydomain.com, but it does know what NS's are
  authoritative for the .com TLD.
o Your NS queries one of those TLD servers (let's say a.gtld-servers.net).
o a.gtld-servers.net refers your NS to the NS's authoritative for
  mydomain.com.
o Your NS queries one of those NS's (let's say ns1.mydomain.com).
o ns1.mydomain.com returns the IP address of www.mydomain.com.
o Your NS returns that IP address to the client.

Having gone through that, your NS now knows (it's in the cache) what NS's
are authoritative for mydomain.com.  Now suppose a client asks your NS to
resolve smtp.mydomain.com.  The sequence is shortened to this:

o Your NS looks in its cache and sees that it already knows what NS's
  are authoritative for the mydomain.com domain.
o Your NS queries one of those NS's (let's say ns1.mydomain.com).
o ns1.mydomain.com returns the IP address of smtp.mydomain.com.
o Your NS returns that IP address to the client.

Or to shorten it even more, let's assume a client asks for
www.mydomain.com after your NS has already looked up that address for
another client.

o Your NS looks in its cache and sees that it already knows the IP
  address for www.mydomain.com.
o Your NS returns that IP address to the client.

So, where in the hierarchy your NS starts looking depends on how much of
the hierarch it has already queried and cached.

-- 
Chip Old (Francis E. Old)               E-Mail:  fold at bcpl.net
Manager, BCPL Network Services          Voice:   410-887-6180
Manager, BCPL.NET Internet Services     FAX:     410-887-2091
320 York Road
Towson, Maryland 21204 U.S.A.