Network Administration: DNS Operations
With the nslookup command in your trusty TCP/IP toolbox, take a little trip through the Internet’s maze of DNS servers to find out how DNS gets from www.disneyland.com to an IP address in just a matter of milliseconds.
DNS does its whole name resolution thing so fast, it’s easy to take it for granted. If you follow this little procedure, you’ll gain a deeper appreciation for what DNS does literally tens of thousands of times every second of every day.
At a command prompt, type nslookup without any parameters.
nslookup displays the name of the default name server and displays the > prompt.
C:>nslookup Default Server: ns1.orng.twtelecom.net Address: 220.127.116.11 >
Type root to switch to one of the Internet’s root servers.
nslookup switches to one of the Internet’s 13 root servers and then displays the > prompt.
> root Default Server: A.ROOT-SERVERS.NET Address: 18.104.22.168
nslookup sends a query to the root server to ask if it knows the IP address of www.disneyland.com. The root server answers with a referral, meaning that it doesn’t know about www.disneyland.com, but you should try one of these servers because they know all about the com domain.
> www.disneyland.com Server: A.ROOT-SERVERS.NET Address: 22.214.171.124 Name: www.disneyland.com Served by: - A.GTLD-SERVERS.NET 126.96.36.199 com - G.GTLD-SERVERS.NET 188.8.131.52 com - H.GTLD-SERVERS.NET 184.108.40.206 com - C.GTLD-SERVERS.NET 220.127.116.11 com - I.GTLD-SERVERS.NET 18.104.22.168 com - B.GTLD-SERVERS.NET 22.214.171.124 com - D.GTLD-SERVERS.NET 126.96.36.199 com - L.GTLD-SERVERS.NET 188.8.131.52 com - F.GTLD-SERVERS.NET 184.108.40.206 com - J.GTLD-SERVERS.NET 220.127.116.11 com >
Type server followed by the name or IP address of one of the com domain name servers.
It doesn’t really matter which one you pick. nslookup switches to that server. (The server may spit out some other information besides what’s shown here)
> server 18.104.22.168 Default Server: [22.214.171.124] Address: 126.96.36.199 >
Type www.disneyland.com again.
nslookup sends a query to the com server to ask whether it knows where the Magic Kingdom is. The com server’s reply indicates that it doesn’t know where www.disneyland.com is, but it does know which server is responsible for disneyland.com.
Server: [188.8.131.52] Address: 184.108.40.206 Name: www.disney.com Served by: - huey.disney.com 220.127.116.11 disney.com - huey11.disney.com 18.104.22.168 disney.com >
Doesn’t it figure that Disney’s name server is huey.disney.com? There’s probably also a dewey.disney.com and a louie.disney.com.
Type server followed by the name or IP address of the second-level domain name server.
nslookup switches to that server:
> server huey.disney.com Default Server: huey.disney.com Address: 22.214.171.124 >
Type www.disneyland.com again.
Once again, nslookup sends a query to the name server to find out whether it knows where the Magic Kingdom is. Of course, huey.disney.com does know, so it tells us the answer:
> www.disneyland.com Server: huey.disney.com Address: 126.96.36.199 Name: disneyland.com Address: 188.8.131.52 Aliases: www.disneyland.com >
Type Exit, and then shout like Tigger in amazement at how DNS queries work.
And be glad that your DNS resolver and primary name server do all this querying for you automatically.
Okay, maybe that wasn’t an E Ticket ride, but it never ceases to amaze me that the DNS system can look up any DNS name hosted anywhere in the world almost instantly.