Time
3 hours 28 minutes
Difficulty
Intermediate
CEU/CPE
4

Video Description

The Internal DNS Server This lesson covers the Internal DNS Server (or domain controller). The internal server helps us find internal devices. DNS does forward as well as reverse look ups. A reverse look up are when we look up the IP address that corresponds to the fully qualified domain name.

Video Transcription

00:04
we took a look at our D. N s. Now let's take this and put it into practice on our chart here. We have an example of our network here. Now, our neck network is connected to the Internet,
00:14
which we have identified up here. I'll just put a big eye next to it.
00:20
So everything
00:23
inside here
00:27
is our local network
00:30
and then everything outside that is our
00:34
actually,
00:36
Yeah.
00:37
Then everything outside that is Arab external network. So in our model here we have our internal network, and then we also have our external network outside that so our external network is going to be the Internet.
00:49
So we have our client computer here, and our client computer
00:54
connects to our router, which connects to our sales server as well as our internal D. N s server,
01:00
our internal being s servers also going to be our domain controller.
01:04
Now, our internal D. N s server is going to provide resolution for our internal names. Now, why do we need a new internal D. N s server? Why don't we just use our default dina servers that say, our say our Internet service provider gives us or use an external dina server such as 8888888
01:25
Well, these external being s servers don't have records for our internal servers, and they're not gonna let us write records for our internal servers on them. So we need to have an internal D. N s server, which is able to which is able to know which is able to help us find our internal devices.
01:46
So we have our client computer here,
01:49
and it's looking to save a file, or it's looking to pull a file off of the sales server.
01:56
So our sales server
01:59
sales that cyber it out local? Um, we don't know its full path. Maybe we're just entering in a share path, so we type in that we want to access
02:08
ford slash ford slash sales,
02:13
Ford's Lash docks.
02:15
And that's our shared folder for our sales documents.
02:19
So
02:20
our computer is going to say, OK,
02:23
get rid of the slash docks for sec.
02:27
I need to identify forward slash forward slash sales.
02:30
Now,
02:31
this is not a fully qualified domain name.
02:35
This is just a r shorthand for our server name. So how does our computer know? How does it know where to begin searching for its local are our local server.
02:46
Well, the first thing on computers going to do is it's going to tack on what? Whatever local domain we're on. So
02:53
we are on the same domain as this sales, not cyber readout. Local server.
02:59
So we're going to talk. We're gonna tack on, okay?
03:01
Sales thought cyber eri
03:05
dot local. And that's what our computer's going to do automatically for us.
03:10
Now, the first place is going to check for resolution is not gonna be our d. N s server is gonna check our local hosts file as well as our cash.
03:19
Now, our computer, in order to speed up and in order to save time, doesn't immediately
03:24
go out and search for D. N s on our server. It checks. It's local cash. And as we resolve different names, it saves those saved searches in our local cash so that we can find them quicker in the future. It takes time for a request to go out, go out to a D. N s server, bring back its i P address and begin to route.
03:44
So in order to speed that up,
03:46
we have a we have a cache that we save in addition to our cash. We also have a hosts file.
03:53
Now what is our hosts? File? Do
03:54
well.
03:55
Our host file is going to provide us with a manual way to set on our local computer D. N s entries
04:04
back in the dawn of the Internet. This is where we kept all of our d. N s entries for everything was a giant host file, but that very, very quickly became too large to unmanageable toe have for all of the computers and all of the servers on the Internet. So we developed a D. N s.
04:24
Well,
04:25
our host file is still a location where we may edit or we may want to modify in order to change where our computer looks for certain servers. Certain locations say, if we wanted to, if we if we needed to have our sales, that cyber without local server,
04:41
if we were doing some tests and we wanted that toe look at a different server that we were planning on implementing,
04:46
we could edit that hosts file, and then, instead of having and setting, have instead of having our computer go out and checking our D n s. Our computer would check our hosts file first.
04:58
So our computer's gonna check for sales that cyber dot local in our cash and our hosts file
05:02
now, it doesn't find it in either of those places. It doesn't find the d. N s entry in either of those two places because we've never connected to the server before. It's not gonna be in our cash. Or maybe we just recently performed an I p config flush D N s, which flushes this cash and clears it all out,
05:18
so it's not gonna find anything there.
05:21
So our computer is now going to send our d. N s query to our D. N s server that we have set up in our I p r I p configuration and we're going to set our default D. N s server to be our internal being s server here.
05:36
So our computer's gonna send its first query over too.
05:42
Our internal being s
05:45
Now our internal being s is going to look for sales. That's I really doubt local, and it will find it in its entry, and it's going to say OK, sale starts. I buried out local is 1 92.1 68 That one about 17.
05:57
So it found it.
05:59
So our dina service going to return our query
06:01
and let us know. Okay, I found sales, not cyber dot local and it said this address. So then our computer just simply goes to that address after that, and it saves that search in its cash. V N s not only performs Ford Lookups,
06:15
which is a fully qualified domain name, translated directly to an i p address, but it can also do reverse lookups
06:25
reverse lookups are where we type in where we search for the i p address to the fully qualified domain name. So if we didn't know who sails, that cyber dot local was and we wanted to search for it on we searched for 1 92.1 68 at one that 17 it would perform that reverse lookup and then let us know. So
06:45
we had our Ford look ups
06:46
and we found our sales that cyber dot local.
06:51
Now, how do we find something that's gonna be outside of our domain? How do we find something that's going to be outside of our domain? How do we find a server such as a Google server Over here
07:02
Now, we don't wanna have every single website in the entire Internet
07:06
saved on our D. N s servers as the location that it goes to
07:13
our internal Deanna servers. Rather, that would be way too unmanageable. That would be way too risky that someone's going to attempt to affect this D n a server. And it would just be the configuration in the management of that would be just too incredible. So what we have set up are we have the ability to forward D. N s requests
07:32
Now,
07:33
What that means is we have our
07:36
client here searches for google dot com. Maybe we just recently flushed our cash. So the location is not in our cash.
07:43
It's not in our host file because we've never manually configured it.
07:46
So we send the request out to our router.
07:49
Our router sends the request over to our local DNF server, and our local Dina server says,
07:59
I've never seen this one before
08:01
and I don't have any record for this. So I'm going to send this off to who I have set up as my for order.
08:09
So our d. N s server. We know that our internal, the N s server isn't gonna find everything. So when we set it up, we manually configure a location. It goes and looks
08:20
four looks four dresses if it can't find them, and it's local set in its local manual configurations. So we set
08:30
eight dot a dot a 8.0.0.8
08:31
as our Deena's border for
08:35
are the internal D. N s server. So our internal DINA server can't find google dot com So it's going to search.
08:43
It's going to send this query on back to our router
08:48
and then out to the Internet.
08:50
When it gets there,
08:54
this Internet Vienna server is going to say, Oh, yeah, I know where google dot com iss So it's going to send that reply back
09:03
to our internal D. N s server,
09:05
who will then pass that along
09:07
to our computer, who can now go out to Google and find where it's at, which is right here. So then it goes out to Google.
09:16
So
09:18
that's how are being s works. That's how our
09:22
clients and our servers,
09:26
that's our sales server, our clients and our D. N s servers work together.
09:31
So,
09:31
huh,
09:33
We know now that D N s resolves fully qualified domain names toe I p addresses and can also do a reverse look up sort results I p addresses to fully qualified cola fall fully qualified domain names.
09:46
So let's go ahead. And now let's move on. And we're gonna take a little bit of a closer look at Dina servers and D. N s clients.

Up Next

Strategic DNS Ops and Security

Domain Name Servers (DNS) are the Internet's equivalent of a phone book. They maintain a directory of domain names and translate them to Internet Protocol (IP) addresses

Instructed By

Instructor Profile Image
Anthony Harris
Systems Analyst and Administrator at SAIC
Instructor