Introduction
When using the Internet most people connect to web sites, ftp servers or other Internet servers by connecting to a domain name, as in www.bleepingcomputer.com. Internet applications, though, do not communicate via domain names, but rather using IP addresses, such as 192.168.1.1. Therefore when you type a domain name in your program that you wish to connect to, your application must first convert it to an IP address that it will use to connect to.
The way these hostnames are resolved to their mapped IP address is called Domain Name Resolution. On almost all operating systems whether they be Apple, Linux, Unix, Netware, or Windows the majority of resolutions from domain names to IP addresses are done through a procedure called DNS.
Domain Name Resolutions
As discussed above, Domain Name Resolution is the task of converting domain names to their corresponding IP address. This is all done behind the scenes and is rarely noticed by the user. When you enter a domain name in an application that uses the Internet, the application will issue a command to have the operating system convert the domain name into its IP address, and then connect to that IP address to perform whatever operation it is trying to do.
The way the operating system resolves the domain name is based upon its configuration. For almost all operating systems the default order for Domain Name resolution is as follows:
- Hosts File - There is a file called the HOSTS file that you can use to convert domain names to IP addresses. Entries in the HOSTS file override any mappings that would be resolved via a DNS server.
- Domain Name System - This is the system used on the Internet for converting domain names to their corresponding IP addresses. Your operating system will connect to the DNS server configured on your computer and have that server return to you the IP address for the domain name you queried it with.
- Netbios - This only applies to Windows machines and will only be used to map names to IP addresses if all previous methods failed. This method will attempt to map the netbios name you are trying to connect to with an IP address.
It is possible though to change the order that your operating system uses when doing Domain Name Resolution. We will discuss these methods for the Windows and Unix/Linux operating systems below.
Domain Name Resolution on Windows
Windows by default uses the above order for Domain Name Resolution. This can be changed though by changing certain registry keys. There registry keys are:
Registry Key
|
Description
|
| DnsPriority | Which corresponds to using the Domain Name System |
| LocalPriority | This refers to the local name of the computer |
| HostsPriority | This is the HOSTS file |
| NetbtPriority | This is using Netbios name mapping |
You assign to these keys a priority based upon values ranging between -32768 and 32767. The lower the number you assign to the entry, the higher the priority for that particular resolution provider.
For example, examine the priorities assigned to the values below:
DnsPriority = 30
LocalPriority = 200
HostsPriority = 75
NetbtPriority = 100
LocalPriority = 200
HostsPriority = 75
NetbtPriority = 100
What this will do is change the Domain Name Resolution order to the following sequence:
- Domain Name System
- Hosts file
- Netbios Mappings
- The Local Computer Name
As you can see I have changed the default order of how Windows will do domain name resolution and the value that had the lowest number had the highest priority when doing domain name resolution.
The location for the above registry subkey's can be found under these registry keys:
| Windows 95/98/ME | HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSTCP\ServiceProvider |
| Windows NT, 2000, XP | HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\ServiceProvider |
NOTE: For Windows 95/98/ME if the key does not exist, you must create it. In order for these keys to work with NT 4.0, you need to install Service Pack 4.
Domain Name Resolution on Linux and Unix
Unix and Linux have a similar default Domain Name Resolution order as Windows. The operating system will first check its /etc/hosts file and if it does not find an entry for the queried domain, it will then query its configured DNS servers.
The order in which server resolves domain names can be changed by editing the /etc/host.conf file. This file determines the order that the operating system uses to resolve domain names. The line that we are concerned with is the one that looks like:
order hosts, bind
This tells the operating system to first check the hosts file, and if that fails, to use DNS, otherwise known as bind which is the name of the software used to make DNS requests.
You can change the order the operating system uses, by changing the order line. For example if we wanted to make it so it queried DNS first and the hosts file second we would change the line to read:
order bind, hosts
Currently the valid values you can place after order is hosts, bind, or nis. NIS stands for the Network Information Service and will not be covered by this article.
Conclusion
As you can see it is not always wise to think that your operating system will always use the default resolution order. Due to it being possible to change the order in which the operating system does Domain Name Resolution, you must keep this in mind when trying to debug problems with resolving domain names.
No comments:
Post a Comment