Networking / Beginners

Hostname-to-Address Mapping

Converting between hostnames and IP addresses is the most common use for DNS. DNS can perform forward lookups or reverse lookups. A forward lookup converts a hostname to an IP address. A reverse lookup identifies the hostnames associated with an IP address.

Software Development

When programming, there are four main functions used to perform DNS resolutions. These are provided by the resolver library and perform the actual hostname lookups. The resolver library may access a local hosts file, such as C:\Windows\System32\ Drivers\Etc\Hosts or /etc/hosts, DNS, LDAP, NIS, or other name resolution system. The calling program has no option to specify the name resolution method.

sethostent: This function initializes the DNS library. In some implementations, this function takes a Boolean parameter to indicate whether TCP or UDP should be used for the connection. This is the case for Linux and BSD. Other operating systems do not require sethostent or simply ignore any passed parameters. In general, sethostent should be called before performing any hostname lookups.

gethostbyname: This function performs a forward lookup. Given a hostname, it returns the network address(es) associated with the hostname.

gethostbyaddr: This function performs a reverse lookup. Given a network address, it returns the hostname (and aliases) associated with the address.

endhostent: After performing a hostname lookup, this closes the library call. If sethostent specifies a TCP connection, then this function closes the connection. Also, if a host's file was used for the hostname lookup, then this call closes the file.

DNS (and other name resolution systems) provides a many-to-many mapping between hostnames and addresses. A single IP address may match a variety of hostnames, and a single hostname may map to a set of network addresses. The data structure returned by gethostbyname and gethostbyaddr provides a list of matches. In addition, hostname mapping may not be symmetrical. For example, the hostname chutney may resolve to 10.1.3.5, but a reverse lookup of 10.1.3.5 may not return chutney. This is common for servers that host many domain names.

[Previous] [Contents] [Next]

In this tutorial:

  1. Domain Name System (DNS)
  2. DNS Common Uses
  3. Hostname-to-Address Mapping
  4. Common Lookup Tools
  5. Naming Confusion Attack Vectors
  6. Dotted Names
  7. Name Formatting
  8. Exploited Anonymity
  9. Mail Servers
  10. Sender Policy Framework Overloading
  11. Domain Keys Overloading
  12. DNS Protocol
  13. Packet Information
  14. Simple DNS Server
  15. Distributed Architecture
  16. Top Level Domain Servers
  17. Generic Top Level Domain (gTLD)
  18. Secondary Level Domain (SLD)
  19. Primary and Secondary Servers
  20. Caching Servers
  21. DNS Management
  22. DNS Direct Risks
  23. DNS Performance versus Security
  24. DNS Cache Poisoning
  25. Corrupt DNS Packets
  26. DNS Domain Hijacking
  27. DNS Server Hijacking
  28. Dynamic DNS
  29. Similar Hostnames
  30. Domain Renewals
  31. Hostnames
  32. Zone Transfers
  33. Host Listing
  34. DNS Fields
  35. Mitgation Option
  36. Technical Threat Mitigation
  37. Social Threat Mitigation
  38. Defining Trusted Replies