Overview

Communications over a network such as the internet are understood within the context of a layered network model. TCP/IP is the protocol that is used to transport information over the internet and the TCP/IP network model consists of five layers: the Application layer, the Transport layer, the Network layer, the Data Link layer, and the Physical Network.

Application Layer: This is where the user interacts with an application on their computer that has networking capabilities, such as a web browser or an email client. The user interacts with the application by inputing commands such as the URL in the example above.

Transport Layer: Information flow between two computers on the internet is managed here. TCP/IP uses two different transport protocols, TCP for reliable delivery and UDP, a faster, simpler protocol that does not provide any reliability guarantees. The majority of traffic on the internet is TCP traffic.

Network Layer: The movement of data across heterogeneous networked hosts is done here. This is where IP, or the Internet Protocol, operates. Routing of data between intervening networks is done by the IP Routing at this layer. Each local network has at least one router, or portal, to the internet and local machines communicate with machines on the internet through this router.

Data Link Layer: After data arrives at the router from the Network Layer to the appropriate local network, the Data Link Layer transports the information to the correct computer. On an Ethernet network, for example, each computer's network interface card has a hardware address in the form of a 6-btye MAC address usually represented in hexadecimal form such as "aa:bb:cc:dd:ee:ff". If a host detects its own hardware address, it processes the data.

Physical Network: This can be thought of as the "wire" and can take on many different forms. Most organizations have some type of cabled network, either fiber, ethernet, or fddi ring while most individuals still connect via telephone lines. The important thing is that information from one physical network can be transmitted to another regardless of its type by traversing the layered model above. Once TCP/IP does its job of delivering packets to this level, the hardware takes over and performs the raw communications.

TCP/IP Identifiers:

Every host (computer) on the internet has a unique identifier, or address. (Note: some computers have multiple addresses and in some cases, the same address can be distributed to multiple machines but for simplicity sake it is sufficient to think of computers and addresses as having a one-to-one corrospondance.) The IP address space is represented in "dotted-quad" notation such as "208.166.40.166" where each quad can have a number from 0 to 255. This allows for about 3.6 billion computers. (see note below about the next generation of IP protocol)

With all these computers, it would be impossible to remember the dotted-quad address of the web server address if it weren't for Domain Names. Just as each computer on the internet must have a unique address, it must also have a unique name, or "host name". In addition, all IP networks must have a name and these names are stored in a distributed database system known as the Domain Name System, or DNS. Because the TCP/IP protocols do not understand host names, they use DNS to link the host names such as the one above, "www.stanford.edu" to its unique IP address, 171.64.14.239.

Domain Names:

A fully qualified domain name gives the name of a specific computer on a network. "www.stanford.edu" is the name of a computer in the educational network that is in the Stanford network that has the name "www". How does a packet of information from one computer find each successive network and finally the specific computer? That's where Domain Name Servers come into play.

Domain Name Servers:

Each network is required to have two Domain Name Servers. These machines keep a file with all the IP address and subnetwork addresses on the network as well as root level domain name servers. When a computer needs an address, the domain name server on the local network is queried. If the server contains the information, it fields the request, otherwise it forwards it on to a higher name server. Eventually the request goes up and down the distributed domain name system until the information is retrieved and sent.

Domain servers provide other features as well, such as the reverse function of returning host names when queried with an IP address. This can used to authenticate requests. Aliasing is also offered under this system as a way to redirect traffic such as internet mail to a particular machine inside a network, to offer multiple names for one machine, or to just simplify an address for users. For example "www.mydomain.org" and "ftp.mydomain.org" could point to the same machine that is running both the web server and the ftp server. "www.mydomain.org" could also point to "www.public.services.mydomain.org" and the alias would prevent the user from having to remember (or type) the longer name.

Before DNS, each computer on the network had to store its own domain name resolution information in the form of a hosts file. This file quite simply matched a name with an address. Clearly this method becomes cumbersome with only a small number of addresses.

A Note About the Future of IP:

Because the address space of IP is running out, work is underway for a next generation of IP protocol. This protocol is backwards compatible with existing IP (version 4), but offers many new benefits, most notably, a much larger address space. The current IP protocol's 32-bit address space is being expanded to 128-bit. (This translates to 2^128 or a hundred billion billion billion billion addresses.) The new protocol offers simplified routing facilities, new broadcast/multicast/anycast implementations, new headers, and facilities for authentication. For more information on the current status of IPv6 including a list of relevant RFC's, see http://www.comsoc.org/pubs/surveys/stallings/stallings-orig.html

The complete list of current internet drafts are also available via ftp at ftp://ftp.ietf.org/internet-drafts.

Back to "What is DNS?"