Think of DNS to be like the phone book: to call Mr X Bloggs, you look up the name in some sort of paper or online phone book, call the number, and when there's an answer, you say "hello Mr Bloggs".... On yor PC, when you wish to go to "google.com", your PC needs to use DNS to find out which server to connect to (= its IP address)
So how does DNS work? How does your PC know where to do DNS lookups?
Most PCs will use DHCP to get their IP address as well as the IP address for the DNS server: at home,that typically comes from your broadband router. The router doesn't actually DO the DNS lookup itself, it typically asks your ISP to do so (the router learned that as part of it's "DHCP", when it connected to the ADSL). Your ISP will then go and do a "full DNS resolve", starting with the ROOT servers, then go to Nominet (who look after the .uk domain), then in my case, to NamesCo, who hosts my DNS. Plusnet then caches that information, and passes it back to my router (which also caches it). The router then passes it back to my PC (which also caches it), and from there, back to my browser (which caches it for 30 minutes) which now knows where to connect to....
At work, in a domain environment, the PCs will (usually) point to the Domain Cotrollers, which not only provides authoritive DNS for systems within the business, it resolves public DNS by either "resolving" the request itself, or by "Forwarding" it to an IPS (just like above).
The miracle of DNS is not just that it (usually) just works, but it does so, so quickly.
For example, in mine, I have:
192.168.30.250 gateway
192.168.30.22 shed
Thus, in my browser, to get to my router, I can type "http://192.168.30.250" (erm, now, did I get the right IP address?) or I could just type "http://gateway".
Shed is my other PC (it's in my shed!), so when I want to access a file on it, rather than typing "\\192.168.30.22\c$" in my explorer, I can just type "\\shed\c$"
So, if I want to get to "www.bloggs.co.uk" and the DNS is giving a wrong answer - or no answer at all - I could just add an entry into my HOSTS file, and it will work, without needing the DNS. Of course, the DISadvantage of the hosts file is that if the IP changes, you need to edit your hosts file!
If you have a DC providing your DNS, then a better solution is to create suitable static entries on there: we often do this for (non-Windows) servers. (Any PC that is a domain member will automatically be added to DNS)
As a single command, you type "nslookup <host>" or "nslookup <host> <server>". The first will use the DNS server specified in the operating system to do the DNS lookup, the later will use the specified server.
I like to use it interactively: typing "nslookup" by itself takes you into the program:
C:\Windows\system32>nslookup
Default Server: dsldevice.lan
Address: 192.168.30.250
That's telling me that it will use the 192.168.30.250 device (my router) for its DNS: that's because 192.168.30.250 is the setting my PC got from DHCP
If I now issue the "server 8.8.8.8" command, it will use the DNS server at 8.8.8.8 (= Google)
> server 8.8.8.8
Default Server: google-public-dns-a.google.com
Address: 8.8.8.8
If you hit "?" you'll get a HUGE list of options you can use.
To do a simple DNS lookup using the selected server, I would just type the fqdn in. Here's a lookup for paulblitz.uk:
> paulblitz.uk
Server: google-public-dns-a.google.com
Address: 8.8.8.8
Non-authoritative answer:
Name: paulblitz.uk
Address: 85.233.160.22
That tells me that it used google's DNS to do the look-up... ("paulblitz.uk" actually uses a CNAME DNS entry to point to "fwd3.hosts.uk", which itself has 3 possible IP addresses... the response above is one of those 3 IPs
So, when a DC, or an ISP's DNS resolver does a DNS lookup, it will cache the individual responses for their respective TTL values.
In addition, when Windows does a DNS lookup (that doesn't include using "nslookup") it too will cache it for the TTL.
However, when Windows passes the DNS details to an application, it does NOT pass on the TTL value: it is therefore up to the application to decide how long to cache DNS data for. IE caches DNS for 30 minutes, Firefox for 60 seconds, and Chrome for 30 seconds. Of course, after the application times out, it asks Windows for the DNS again, and Windows may well serve the response from it's cache.
The issue is what happens when a vserver goes offline: a user using IE will be unable to access the website for upto 30 seconds. Well, that's what the nay-sayers will say, to try and 'prove' that the fundamental basis for GSLB is broken.
The reality is that, as we regularly do, we would simply assume the application has died, so restart the application... in this case the browser. And if THAT doesn't work, we reboot the PC! And both of those will make the browser do another fresh DNS lookup!
Problem? What problem?
So how does DNS work? How does your PC know where to do DNS lookups?
Most PCs will use DHCP to get their IP address as well as the IP address for the DNS server: at home,that typically comes from your broadband router. The router doesn't actually DO the DNS lookup itself, it typically asks your ISP to do so (the router learned that as part of it's "DHCP", when it connected to the ADSL). Your ISP will then go and do a "full DNS resolve", starting with the ROOT servers, then go to Nominet (who look after the .uk domain), then in my case, to NamesCo, who hosts my DNS. Plusnet then caches that information, and passes it back to my router (which also caches it). The router then passes it back to my PC (which also caches it), and from there, back to my browser (which caches it for 30 minutes) which now knows where to connect to....
At work, in a domain environment, the PCs will (usually) point to the Domain Cotrollers, which not only provides authoritive DNS for systems within the business, it resolves public DNS by either "resolving" the request itself, or by "Forwarding" it to an IPS (just like above).
The miracle of DNS is not just that it (usually) just works, but it does so, so quickly.
How to cheat your DNS:
If you know the FQDN (Fully Qualified Domain Name) and it's IP, but the DNS isn't playing ball then there is a sneaky cheat you can use: on your PC is a file called "hosts", it lives in "c:\windows\system32\drivers\etc\" This file gets looked at before it does a DNS lookup, and allows you to override DNS, and set up your own FQDN to IP list.For example, in mine, I have:
192.168.30.250 gateway
192.168.30.22 shed
Thus, in my browser, to get to my router, I can type "http://192.168.30.250" (erm, now, did I get the right IP address?) or I could just type "http://gateway".
Shed is my other PC (it's in my shed!), so when I want to access a file on it, rather than typing "\\192.168.30.22\c$" in my explorer, I can just type "\\shed\c$"
So, if I want to get to "www.bloggs.co.uk" and the DNS is giving a wrong answer - or no answer at all - I could just add an entry into my HOSTS file, and it will work, without needing the DNS. Of course, the DISadvantage of the hosts file is that if the IP changes, you need to edit your hosts file!
If you have a DC providing your DNS, then a better solution is to create suitable static entries on there: we often do this for (non-Windows) servers. (Any PC that is a domain member will automatically be added to DNS)
Testing DNS
The windows NSLOOKUP command gets your PC to do a DNS lookup. There's two ways to use it: on a single command line, and interactively.As a single command, you type "nslookup <host>" or "nslookup <host> <server>". The first will use the DNS server specified in the operating system to do the DNS lookup, the later will use the specified server.
I like to use it interactively: typing "nslookup" by itself takes you into the program:
C:\Windows\system32>nslookup
Default Server: dsldevice.lan
Address: 192.168.30.250
That's telling me that it will use the 192.168.30.250 device (my router) for its DNS: that's because 192.168.30.250 is the setting my PC got from DHCP
If I now issue the "server 8.8.8.8" command, it will use the DNS server at 8.8.8.8 (= Google)
> server 8.8.8.8
Default Server: google-public-dns-a.google.com
Address: 8.8.8.8
If you hit "?" you'll get a HUGE list of options you can use.
To do a simple DNS lookup using the selected server, I would just type the fqdn in. Here's a lookup for paulblitz.uk:
> paulblitz.uk
Server: google-public-dns-a.google.com
Address: 8.8.8.8
Non-authoritative answer:
Name: paulblitz.uk
Address: 85.233.160.22
That tells me that it used google's DNS to do the look-up... ("paulblitz.uk" actually uses a CNAME DNS entry to point to "fwd3.hosts.uk", which itself has 3 possible IP addresses... the response above is one of those 3 IPs
DNS Caching
When a DNS record is setup, it gets a "TTL" = Time to Live setting. This tells downstream DNS servers how long the record is valid for, and thus how long they can cache it for.So, when a DC, or an ISP's DNS resolver does a DNS lookup, it will cache the individual responses for their respective TTL values.
In addition, when Windows does a DNS lookup (that doesn't include using "nslookup") it too will cache it for the TTL.
However, when Windows passes the DNS details to an application, it does NOT pass on the TTL value: it is therefore up to the application to decide how long to cache DNS data for. IE caches DNS for 30 minutes, Firefox for 60 seconds, and Chrome for 30 seconds. Of course, after the application times out, it asks Windows for the DNS again, and Windows may well serve the response from it's cache.
GSLB?
GSLB on Netscaler uses DNS requests to load-balance vservers across different sites (= different IP, = different DNS response). Typically the TTL for GSLB-driven FQDN's is 5 seconds. So that's what Windows uses. Sadly, your browser doesn't... IE is the worst and caches DNS for 30 minutes, Firefox & Chrome are a bit better, at 60 / 30 seconds.The issue is what happens when a vserver goes offline: a user using IE will be unable to access the website for upto 30 seconds. Well, that's what the nay-sayers will say, to try and 'prove' that the fundamental basis for GSLB is broken.
The reality is that, as we regularly do, we would simply assume the application has died, so restart the application... in this case the browser. And if THAT doesn't work, we reboot the PC! And both of those will make the browser do another fresh DNS lookup!
Problem? What problem?
Comments
Post a Comment