What is Domain Name Resolution
Introduction
When using the Internet most people connect to web sites, ftp
servers or other Internet servers by connecting to a domain name, as in www.bleepingcomputer.com.
Internet applications, though, do not communicate via domain names, but rather
using IP addresses, such as 192.168.1.1. Therefore when you type a domain
name in your program that you wish to connect to, your application must first
convert it to an IP address that it will use to connect to.
The way these hostnames are resolved to their mapped IP address
is called Domain Name Resolution. On almost all operating systems whether
they be Apple, Linux, Unix, Netware, or Windows the majority of resolutions
from domain names to IP addresses are done through a procedure called DNS.
Domain Name Resolutions
As discussed above, Domain Name Resolution is the task of converting
domain names to their corresponding IP address. This is all done behind the
scenes and is rarely noticed by the user. When you enter a domain name in
an application that uses the Internet, the application will issue a command
to have the operating system convert the domain name into its IP address,
and then connect to that IP address to perform whatever operation it is trying
to do.
The way the operating system resolves the domain name is based
upon its configuration. For almost all operating systems the default order
for Domain Name resolution is as follows:
-
Hosts
File - There is a file called the HOSTS file that you can use
to convert domain names to IP addresses. Entries in the HOSTS file override
any mappings that would be resolved via a DNS server.
-
Domain
Name System - This is the system used on the Internet for converting
domain names to their corresponding IP addresses. Your operating system
will connect to the DNS server configured on your computer and have that
server return to you the IP address for the domain name you queried it with.
-
Netbios - This only applies to Windows
machines and will only be used to map names to IP addresses if all previous
methods failed. This method will attempt to map the netbios name you are
trying to connect to with an IP address.
It is possible though to change the order that your operating
system uses when doing Domain Name Resolution. We will discuss these methods
for the Windows and Unix/Linux operating systems below.
Domain Name Resolution on Windows
Windows by default uses the above order for Domain Name Resolution.
This can be changed though by changing certain registry keys. There registry
keys are:
| Registry Key |
Description |
| DnsPriority |
Which corresponds to using the Domain Name System |
| LocalPriority |
This refers to the local name of the computer |
| HostsPriority |
This is the HOSTS file |
| NetbtPriority |
This is using Netbios name mapping |
You assign to these keys a priority based upon values ranging
between -32768 and 32767. The lower the number you assign to the entry, the
higher the priority for that particular resolution provider.
For example, examine the priorities assigned to the values below:
DnsPriority = 30
LocalPriority = 200
HostsPriority = 75
NetbtPriority = 100
What this will do is change the Domain Name Resolution order
to the following sequence:
-
Domain Name System
- Hosts file
- Netbios Mappings
- The Local Computer Name
As you can see I have changed the default order of how Windows will do domain
name resolution and the value that had the lowest number had the highest priority
when doing domain name resolution.
The location for the above registry subkey's can be found under these registry
keys:
| Windows 95/98/ME |
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSTCP\ServiceProvider |
| Windows NT, 2000, XP |
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\ServiceProvider |
NOTE: For Windows 95/98/ME if the key does not exist, you must create
it. In order for these keys to work with NT 4.0, you need to install Service
Pack 4.
Domain Name Resolution on Linux and Unix
Unix and Linux have a similar default Domain Name Resolution
order as Windows. The operating system will first check its /etc/hosts file
and if it does not find an entry for the queried domain, it will then query
its configured DNS servers.
The order in which server resolves domain names can be changed
by editing the /etc/host.conf file. This file determines the order that the
operating system uses to resolve domain names. The line that we are concerned
with is the one that looks like:
order hosts, bind
This tells the operating system to first check the hosts file,
and if that fails, to use DNS, otherwise known as bind which is the name of
the software used to make DNS requests.
You can change the order the operating system uses, by changing
the order line. For example if we wanted to make it so it queried DNS first
and the hosts file second we would change the line to read:
order bind, hosts
Currently the valid values you can place after order is hosts,
bind, or nis. NIS stands for the Network Information Service and will not
be covered by this article.
Conclusion
As you can see it is not always wise to think that your operating
system will always use the default resolution order. Due to it being possible
to change the order in which the operating system does Domain Name Resolution,
you must keep this in mind when trying to debug problems with resolving domain
names.
As always if you have any comments, questions or suggestions
about this tutorial please do not hesitate to tell us in the computer help forums.
Have a problem and would like to ask us for help? To learn how to ask your question Click Here!
Do you have popups or other malware infecting your computer? If so, Start Here!
Are you having trouble using this site? Then you should visit the New User Orientation Center!
BleepingComputer.com -> Tutorials -> Intermediate Internet Concepts -> What is Domain Name Resolution
