What is DNS and Why Do You Care?

DNS is a critical part of networking both online (the Internet) and within your own local networks. Quite a few of the networking problems we see in the field are caused by DNS issues and especially as firms start to move increasingly to "The Cloud" it's important to have at least a basic understanding of what DNS is and how it works.

O.K., Fine, What is DNS?

DNS stands for "Domain Name System" and put simply it's a big directory for your computer. It's not a directory that you as a user use (not directly, anyhow) but it's a directory that your computer uses all the time.

You see all devices on a network, whether on the Internet or down the hall, have addresses to indicate where they're located. And the most common kind of addresses these days are called IP (Internet Protocol) addresses. You've probably seen one or three of them in the past, perhaps inadvertenty. They're expressed in four octets of numerical values separated by periods like "232.76.188.4".  I am oversimplifying somewhat but for our purposes in this article it's sufficient.



IP Addresses
That particular address is what's called an IPv4 address and it's easily the most common kind of IP address in use today. The newer type of IP address is called an IPv6 address and it allows for a substantially larger address space. Those addresses look more like "3255:cacb:9633:2001:ccdd:3752:5525:bdaa".

IPv4 addresses are just fine for local area networks as IPv4 addresses allow about 4.3 billion unique addresses. Not likely that your local network is going to have even thousands of devices on it any time soon, much less billions. The Internet, on the other hand, is a different story. It's already starting to stretch the limits of an addressing system that only has 4.3 billion available addresses. That's why you sometimes hear people say "The Internet is running out of addresses!" There is an effort underway to convert the Internet to use IPv6 addresses instead, which would allow approximately 3.4 x10 to the 38th addresses...which is quite a lot. So far the effort to convert to IPv6 hasn't gained enough momentum.

For the purposes of this article we'll stick to talking about the still more common IPv4 addresses.

 

So...every network connected device has an address but while devices are perfectly happy to speak in IP addresses humans find those addresses somewhat unfriendly. Nobody wants to say "Hey, just 173.194.72.147 it!" So what DNS does is convert human-friendly addresses (like www.google.com) into the corresponding IP address (173.194.72.147).

When you send an email to your friend Alice at alice@herfirm.com Your email server looks at DNS to find out what the address of the mailserver at herfirm.com is so that it knows where to send that message.

DNS doesn't stop there though. It's also what converts that server in your closet ("Server1" perhaps or "Fileserver") to its corresponding IP address...which is often something like 192.168.1.2.

So you can see that DNS is pervasive throughout networking.

So Where Do I Get DNS?

You get DNS from, not surprisingly, DNS servers. Your network may have it's own DNS server and there are many DNS servers available on the Internet. The company that provides your Internet service undoubtedly has a few of their own, or perhaps they recommend one of the many publicly available ones.

My Own DNS Server?

Yes! Most servers, whether they are Windows, Mac or Linux have the ability to provide DNS service. When you think about it you pretty much HAVE to have your own DNS server in order to look up names on your internal network. Google isn't going to know what the IP address of the fileserver down the hall from you is - that's something your own server has to know. So most networks, if they include a file server, also have DNS services running internally.

Setting up a DNS server isn't difficult for an IT professional or anybody comfortable with basic networking services but it does need to be set up correctly. You can imagine the problems you'll have if you try to connect to your Fileserver at 192.168.0.3 but the DNS either doesn't know where it is or, worse, erroneously tells you that Fileserver is at 192.168.5.212.

In fact, bad or broken DNS can cripple your internal network by either not responding or by responding incorrectly. We see it more often than you'd think. Larger networks that have multiple servers in them may have multiple DNS servers as well, for redundancy and performance. That way if any of your DNS servers goes down your others can pick up the slack. If you have a network with multiple servers it might be worth asking your IT support if you have multiple DNS servers too and if not...why not?

When setting up your own DNS server another concept that is helpful to know about is forwarders. Obviously your DNS server sitting in the closet down the hall may know everything about your local network, but it can't know everything about every server on the Internet. So if your computer sends a request to your server to find www.onenote-tips.com for example, your server may just shrug and say it doesn't know. That's where forwarders come in. They tell your DNS server where to look if it doesn't know the address of a server. Typically forwarders are public DNS servers (see our next topic below) that you specify. So then when one of your users tries to reach www.onenote-tips.com your server can go to the public DNS server and find out that it's at 69.41.190.106 and then pass that information back to your user.

So internal DNS is simple, but it also needs to be done correctly because it's really important.

Public DNS Servers?

Yes! The Internet runs on DNS and that means that all public services register with DNS and then users (like you and me) use that DNS to look up the addresses of those public services. Here's the 60-second (slightly oversimplified) explanation of how that works.

When you look at an address like www.officeforlawyers.com you're actually looking at it backwards. The first thing your COMPUTER looks at is the end... the .com. It then reaches out to a set of known servers out on the Internet and asks "Where are the nameservers for .COM?" It gets back one or more addresses for servers that hold the directory information for the top level domain (TLD) .COM.



Top Level Domains (TLD)
The Internet is made up of a number of TLDs, many of which you have seen before. Obviously you're familiar with .com (Commercial) which was originally set aside for businesses on the Internet. You may also have seen .edu (Education) or .gov (Government). The .net TLD was originally intended for organizations involved in networking (providing the connections of the Internet) but at this point that's just a pretense and any organization can get a .net TLD if they want one.

The Internet is international however, which means there are international TLDs.  .uk is the TLD for the United Kingdom. .jp for Japan, .ru for Russia, .ca for Canada, etc. and so on. Each country gets to run its own TLD and some, like Tuvalu (.tv) make quite a good living issuing domain names to companies who want their unique TLD.

There are many more TLDs and more coming online all the time. Recent additions (or proposals) include .xxx (for porn sites) .law (for lawyers), .news, .hotel, .guide....and many many more.

So once your computer has found a server responsible for the .com TLD it asks that server "What's the nameserver responsible for the "officeforlawyers" domain under .com? From that it gets back another address of a server responsible for officeforlawyers.com.

Then it asks THAT server "where is the www. server in the officeforlawyers.com domain. It gets back an address for that and finally it connects to that server. All of this happens, if all is working well, in less than a second or two. usually. That's why you can type "www.officeforlawyers.com" into your web browser and almost immediately your machine knows to connect to 69.41.190.106 and open the pages of wisdom found there.

So how does your computer know which DNS servers to look at? Usually those settings are given to it by a DHCP (Dynamic Host Configuration Protocol) server within your network. We'll talk soon about DHCP (another critical network service) in a separate article. For a few folks though your DNS servers may be statically assigned in the properties of your network adapter. That dialog box looks like this:
Internet Protocol Properties
What you can see there is that rather than accepting an IP address automatically from DHCP I've statically assigned this machine an address that will never change (unless I change it). More importantly to this article though I have statically assigned two DNS servers (4.2.2.3 and 4.2.2.4). Those are public DNS servers owned by Level 3 and they are among the faster and more reliable DNS servers on the Internet.

Other well-known public DNS servers are:

Google: 8.8.8.8 and 8.8.4.4
OpenDNS: 208.67.222.222 and 208.67.220.220

Additionally your ISP (CenturyLink, Comcast, Verizon, SuddenLink, etc.) probably has DNS servers of their own and for many users when they set up your router/modem they configured it to use their own DNS servers.

TIP: Don't use the same provider for ALL of your DNS servers (even though I realize I did it for the same screen shot I created above). Better to use a DNS server from provider A and a DNS server from provider B. Why? Because if one provider happens to have an outage (happens to everybody sooner or later) and you're entirely dependent on their DNS servers you're going to be down too. If you have 4.2.2.3 and 8.8.4.4 set as your DNS servers then if Level 3 goes down your system will use Google's DNS server and if Google's DNS server happens to be down Level 3's will probably still be responding. Better living through redundancy.

Which DNS servers are best for you to use depends on a few different factors, including where you are geographically. In the Resources section below I have a link to a site that offers some free tools you can use to figure out which DNS servers are best for you. Or you could just use Google's servers and be done with it too.

So that's how you use DNS as a consumer of the Internet. Let's talk for a moment how you use DNS as a business that has a website (and probably email and maybe other things too).

Your Domain Name

O.K., so you're going to set up a website for your firm and you were lucky enough to reserve the domain name of yourfirm.com. Congrats! From the moment you reserve that domain name DNS records are created in the nameservers (see above) to explain to other people how they can reach your website, your email, etc.

In honesty your web developer or ISP will generally do all of this for you but it's helpful for you to understand the basics of how it works. So...when you set up your domain name (Yourfirm.com) the TLD (.com) servers are notified that there are now nameservers that are "authoritative" for the yourfirm.com domain. In other words, when Bob types www.yourfirm.com into his web browser he should get pointed at these name servers for further directions.

At those name servers - which are generally provided by the company you registered your domain with - there are one or more records containing the addresses of the servers in your domain.

First off...your website. There will be a record called an "A record" which points users to your website. It's about as simple as can be. It lists the site ("www" generally) followed by an IP address ("69.41.190.106" for example).

You can create A records for all sorts of server names - if you want to set up a subsite called "probate.yourfirm.com" which is actually a DIFFERENT website from your general firm website all you have to do is create a "probate" A record in the yourfirm.com nameserver that points at the IP address of a different website that you've created.

In fact, if you ever look at the DNS records for your domain you may find several different A records listed there. It's common to find A records for "www" and "mail" and perhaps even "ftp" or some others. Just as with the internal DNS we talked about earlier it's not hard to set up these DNS records but it's CRITICAL that they be correct. If the A record for your website or your email server points at the wrong IP address...your website (or your email) is effectively down. Period.

DNS failure is not the most common cause of websites going down that we see, but it's not unheard of either - especially if you know somebody is making changes to your online services.

Next you'll want to set up your email...and to do that you'll need to have a Mail Exchanger (MX) record in your DNS. The MX record tells mail servers what mail server(s) accepts email for this domain. Generally it's just lists the friendly name of the mail server ("mail.yourfirm.com") and you would then have an A record that corresponds to that name (mail.yourfirm.com 205.8.41.236). Just like with the A records it's critical to have that record right otherwise you're not going to get any email.



Multiple Servers
You may want to have multiple servers - i.e. a primary and a secondary. In fact it's not uncommon to see setups where there is are multiple A records (or an MX records) so that if the first one is down for some reason the second one can be used. The way that's done is with a Priority indicator and you can see that as one of the fields in the DNS setup. Sometimes this field is called "Cost" but it's the same thing.

Counter-intuitively the lowest priority (or cost) always wins. So you might see one MX record (mail.yourfirm.com) with a cost of "5" and a second MX record (mail2.yourfirm.com) with a cost of "10". In that instance when somebody sends you email their server will try the one with the lower cost (mail.yourfirm.com) first and if it doesn't respond within a specified time period (measured in seconds or faster generally) the other server will fall back to the second record listed (mail2) and try to send the mail there instead.

 Other Kinds of Records

A records and MX records aren't the only kind of records you'll see but they're the ones you should usually be the most concerned with. Here are a couple of others you might see:

  • CNAME - A CName (Canonical Name) record basically redirects one friendly name to another. We see these on every Office 365 account, for example, when we have to redirect the AutoDiscover record that helps set up Outlook. You'll see a CNAME record that redirects "autodiscover.yourfirm.com" to "autodiscover.outlook.com". If you're having trouble getting Outlook (or a mobile device) to set up
  • TXT - Text (TXT) records are often used to convey comments or other information in a text format that can be just about anything. Microsoft uses TXT records to have users confirm they own a domain by asking them to add a harmless TXT record to their DNS. The idea being that if you can add that specific (but non-functional) TXT record to the DNS then you obviously control that domain. Another common use for TXT records is to create SPF (Sender Policy Framework) records that many servers use to help reduce email spoofing and spam.

Summary

DNS is basically a big directory for converting friendly names (www.google.com) into the IP addresses that computers commonly use for finding each other. If your network has a server in it you probably have your own internal DNS server for finding devices (such as your server) within your local network and everybody who connects to the Internet uses public DNS servers out in the world to find websites, email servers and other Internet resources.

Correctly configuring DNS is important in the smooth and reliable operation of your network.

Resources

 

 

HOME