Ever find yourself wondering how DNS really works? How is it that you can type a DNS name like www.disneyland.com into a Web browser and you're almost instantly transported to the Magic Kingdom? Is it really magic?
After you have the nslookup command in your trusty TCP/IP toolbox, take a little trip through the Internet's maze of DNS servers to find out how DNS gets from www.disneyland.com to an IP address in just a matter of milliseconds.
DNS does its whole name resolution thing so fast, it's easy to take it for granted. If you follow this little procedure, you'll gain a deeper appreciation for what DNS does literally tens of thousands of times every second of every day.
- At a command prompt, type nslookup without any parameters.
nslookup displays the name of the default name server and displays the > prompt.
C:\>nslookup Default Server: ns1.orng.twtelecom.net Address: 188.8.131.52 >
- Type root to switch to one of the Internet's root servers.
nslookup switches to one of the Internet's 13 root servers and then displays the > prompt.
> root Default Server: A.ROOT-SERVERS.NET Address: 184.108.40.206
- Type www.disneyland.com.
nslookup sends a query to the root server to ask if it knows the IP address of www.disneyland.com. The root server answers with a referral, meaning that it doesn't know about www.disneyland.com, but you should try one of these servers because they know all about the com domain.
> www.disneyland.com Server: A.ROOT-SERVERS.NET Address: 220.127.116.11 Name: www.disneyland.com Served by: - A.GTLD-SERVERS.NET 18.104.22.168 com - G.GTLD-SERVERS.NET 22.214.171.124 com - H.GTLD-SERVERS.NET 126.96.36.199 com - C.GTLD-SERVERS.NET 188.8.131.52 com - I.GTLD-SERVERS.NET 184.108.40.206 com - B.GTLD-SERVERS.NET 220.127.116.11 com - D.GTLD-SERVERS.NET 18.104.22.168 com - L.GTLD-SERVERS.NET 22.214.171.124 com - F.GTLD-SERVERS.NET 126.96.36.199 com - J.GTLD-SERVERS.NET 188.8.131.52 com >
- Type server followed by the name or IP address of one of the com
domain name servers.
It doesn't really matter which one you pick. nslookup switches to thatc server.
> server 184.108.40.206 Default Server: [220.127.116.11] Address: 18.104.22.168 >
- Type www.disneyland.com again.
nslookup sends a query to the com server to ask whether it knows where the Magic Kingdom is. The com server's reply indicates that it doesn't know where www.disneyland.com is, but it does know which server is responsible for disneyland.com.
Server: [22.214.171.124] Address: 126.96.36.199 Name: www.disney.com Served by: - huey.disney.com 188.8.131.52 disney.com - huey11.disney.com 184.108.40.206 disney.com >
- Type server followed by the name or IP address of the second-level domain name server.
nslookup switches to that server: > server huey.disney.com Default Server: huey.disney.com Address: 220.127.116.11 >
- Type www.disneyland.com again.
Once again, nslookup sends a query to the name server to find out whether it knows where the Magic Kingdom is. Of course, huey. disney.com does know, so it tells us the answer:
> www.disneyland.com Server: huey.disney.com Address: 18.104.22.168 Name: disneyland.com Address: 22.214.171.124 Aliases: www.disneyland.com >
- Type Exit, and then shout like Tigger in amazement at how DNS queries work.
And be glad that your DNS resolver and primary name server do all this querying for you automatically.
Okay, maybe that wasn't an E Ticket ride, but it never ceases to amaze me that the DNS system can look up any DNS name hosted anywhere in the world almost instantly.
In this tutorial:
- TCP/IP Tools and Commands
- Using the arp Command
- Using the hostname Command
- Renewing an IP lease
- Using the nbtstat Command
- Using the netdiag Utility
- Using the netstat Command
- Using the nslookup Command
- Displaying DNS records
- Using the pathping Command
- Using the ping Command
- Using the route Command
- Using the tracert Command