CCNA Routing and Switching
<< IP and Network Fundamentals Course
>> Models, Protocols, and Standards Section
- Understanding TCP/IP and OSI Models
- Understanding Packet Flow Across the Network Part1
- Understanding Packet Flow Across the Network Part2
- Understanding Ethernet LAN Standards
- Understanding Ethernet MAC Addresses
- Understanding WAN Technologies
- Understanding Data Link Layer Encapsulation
- Understanding EoMPLS WAN Technology
- Understanding IP Routing Process Concept
- Understanding Web Browser DNS Lookup
- Understanding ARP Broadcast Message
- Understanding TCP and UDP Protocols
- Understanding TCP and UDP Multiplexing
- Understanding Application Layer Services
- Understanding Quality of Service Concept
Understanding Web Browser DNS Lookup function will show you what’s happening behind the seen when PC1’s Web Browser request a web page from Remote Host such Web Server or Hosting Server. The key piece used to Resolve Human Names into matching IP addresses is is Domain Name System (DNS) or Nameservers. So, imagine that every time you want to search the Internet, you need to type google’s IP Address (173.194.43.9) instead of using google.com.
Luckily, TCP/IP networking Model defines a way to use Host Names Resolution through DNS, just type google.com and the browser DNS client behind the seen resolves and discover the matching IP address of google.com, by the help of DNS server.
As mention with previous IP Fundamentals Articles, IP packets include a destination IP address in every packet created. So, in order to communicate with google using its web address name instead of IP address, TCP/IP Network Layer help the Internet Browser finding the IP address of google.com using DNS servers resolution.
Browsing ccnahub.com Page
Below, PC1 is is going through Web Browser DNS Lookup process to Browse ccnahub.com.
The following figure will Zoom at PC1 side, to help you understand the process. What follows are detailed steps of what happened when a user type a URL inside the Internet browser URL address field, hence, triggering Web Browser DNS Lookup.
Note that your router at home or office could function as DNS server as well. DNS servers can be also dedicated hardware, and usually will be housed or installed along side of a Domain Controller in case of Windows environment, or dedicated Linux DNS Server.
Step 1: Web Browser Requesting ccnahub.com
Step 2: Resolving and Browsing ccnahub.com
PC1’s TCP/IP Stack and for the first time (before caching ccanhub.com), sends DNS request packet to the DNS server on the right as shown on the above image.
Note: the DNS request uses a UDP header with a destination UDP Port 53 indicating DNS server as shown on the following image.
Step 3: Receiving App Layer Request
The following image shows that the DNS server sent a reply listing the IP address of ccnahub.com as 172.16.10.20.
Note: the difference between the Request packet of PC1 and the Reply packet of DNS Server. The packets may look similar, but the highlighted Yellow shows the difference between both, at the request and reply stage.
Destination and Source IP addresses are flipped at the Reply stage.
PC1’s TCP/IP Stack starts the process of establishing a new TCP connection with the web-server that hosts ccnahub.com as requested by the Browser.
Note: the following figure shows the Web-Server’s IP Address as destination IP Address that hosts www.ccnahub.com, and at this time, the header is TCP since HTTP protocol uses TCP socket with destination TCP port 80, and TCP SYN set at ON indicating that TCP connection has been established.
Keep in mind that No single DNS server knows all the names and matching IP addresses around the world, but the information is distributed across many ISP DNS servers.
So, the local DNS server such Router’s DNS server works with the ISP DNS server to resolve queries. The local DNS server forwards the queries to the ISP server if is not listed in its DNS Table.
Even the ISP DNS server itself sometimes forwards the queries to other ISP’s DNS server till they find the answer and supply back the desired IP address, all this in a fraction of a second – Caching is used for faster response. With IPv4, DNS table information called “A records”, at IPv6, it’s called “AAAA Records”.
Note: DNS runs as service on a Server to respond to DNS requests by the Network Clients, you might asking yourself, if DNS is a service, why would DNS protocol or service categorized under Network Layer Protocol?
Shouldn’t be categorized under Application Layer instead? Well, it is on both actually, it is a service where an administrator can interact with, but it mainly serves the Network Layer, without DNS we cannot translate Domain Names and Shared Folders to an IP Address.
ARP is next, it has almost a similar situation; it works back and forth between Network Layer and Data-Link layer to Translate this time IP Addresses to MAC Addresses when using Ethernet Network.
I’m not aware of ARP service in Windows machine, but there is an ARP cache table. DNS cache and ARP cache tables can be flushed mostly from all Network devices.
Subject Related
By Wikipedia DNS | What happens when you navigate to a URL | Technet MS DNS | Catch Point DNS Lookup | R&S ICND1 and ICND2 | Introduction To Network | Practical Packet | Computer Network | Introduction to Networking | Who is Running the Internet | Networking Self-Teaching Guide
CCNA Routing and Switching
<< IP and Network Fundamentals Course
>> Models, Protocols, and Standards Section
- Understanding TCP/IP and OSI Models
- Understanding Packet Flow Across the Network Part1
- Understanding Packet Flow Across the Network Part2
- Understanding Ethernet LAN Standards
- Understanding Ethernet MAC Addresses
- Understanding WAN Technologies
- Understanding Data Link Layer Encapsulation
- Understanding EoMPLS WAN Technology
- Understanding IP Routing Process Concept
- Understanding Web Browser DNS Lookup
- Understanding ARP Broadcast Message
- Understanding TCP and UDP Protocols
- Understanding TCP and UDP Multiplexing
- Understanding Application Layer Services
- Understanding Quality of Service Concept
Rickey Pardini author says
I am impressed with this site, very I am a big fan .
Tabina author says
<p>Clear explanation. Good. Thank You.</p>
Lorilee author says
<p>Great explanation, thank you.</p><p>Quick question, on Microsoft DNS is there a way to have logging set so that only DIRECT queries made against the Server for a HOST resolution is made, and have all other requests, referrals, etc not logged?</p><p>Thanks,<br />Martin</p>
Nadim pathan author says
Suppose there are two DNS server on the same subnet, so which DNS server would respond first to query packet sent by PC, could you please tell me what type DNS query packet use(broadcast or unicast)
Imad Daou author says
Hi Nadim, Answering your first Question: DNS1 would be the first one to call, and if it’s down, then DNS2 would be the next DNS to call. Second, you are right, for the first time, PC1’s ARP table doesn’t know about the DNS server, and it would need to broadcast first to locate the DNS server’s MAC address, once it’s cached on PC1 ARP table, then domain translation request through IP communication can happen. What was demonstrated on the upper image between PC1 and DNS server is the process of the DNS translation only assuming PC1 knows already DNS1 and DNS2 MAC addresses, however, the ARP broadcasting to initially locate the DNS server was not part of this demonstration, but you can add it as first step. Thanks for asking such very good question 🙂