Domain Name System (DNS) is an Internet-based directory system that returns a destination IP address, given a domain name (such as www.cisco.com). DNS is a distributed database. Separate, independent organizations administer their assigned domain name spaces and can break their domains into a number of subdomains. For example, given www.cisco.com, DNS returns the IP address 198.133.219.25. DNS was first specified in RFCs 882 and 883. The current specifications are provided in RFCs 1034 and 1035. DNS has also been updated by RFCs 1101, 1122, 1183, 1706, 1876, 1982, 1995, 1996, 2136, 2137, 2181, 2308, 2535, 2782, 2845, 3425, 3658, 3755, 4033, 4034, 4035, 6014, and 6840. As you can see, a lot of work has gone into making DNS efficient and secure.
Figure 1-8 shows a simplified view of the DNS process for name resolution. The client device queries its configured DNS server (the resolver) for the IP address of a fully qualified domain name (FQDN; for example, www.cisco.com). The resolver in turn queries the DNS server of the foreign or remote DNS server, which responds with the IP address of www.cisco.com. This response is stored in cache on the resolver so that it can be used for future queries. The resolver provides the response to the client machine, which can then communicate via the IP address to the destination.
Figure 1-8 DNS Name Resolution
DNS was implemented to overcome the limitations of managing a single text host table. Imagine creating and maintaining text files with the names and IP addresses of all the hosts on the Internet! DNS scales hostname-to-IP-address translation by distributing responsibility for the domain name space. DNS follows a reverse tree structure for domain name space, as shown in Figure 1-9. IANA (www.iana.org) manages the tree’s root.
Figure 1-9 DNS Tree
DNS data is called resource records (RRs). Resource records are the data within a DNS zone. Table 1-31 lists some common resource records.
Table 1-31 DNS Resource Records
| DNS RR | Description |
| A | Address. Provides the name-to-address mapping. It contains the IP address in dotted-decimal form. |
| AAAA | Secure IPv6 address. |
| CNAME | Canonical name. Used for aliases or nicknames. |
| MX | Mail Exchanger. Specifies the IP of the server where mail should be delivered. |
| NS | Name server. Specifies the name of the device that provides DNS for a particular domain. |
| PTR | Pointer. Used for reverse mapping from the translation of IP addresses to names. |
| SOA | Start of Authority. Designates the start of a zone. This is the device that is the master of DNS data for a zone. |
DNS uses TCP and UDP port 53. UDP is the recommended transport protocol for DNS queries. TCP is the recommended protocol for zone transfers between DNS servers. A zone transfer occurs when you place a secondary server in the domain and transfer the DNS information from the primary DNS server to the secondary server. A DNS query searches for the IP address of an FQDN, such as www.cnn.com.
One important note for the CCNP to remember is to place DNS servers in the enterprise campus server farm module and enterprise branch of the enterprise campus architecture (see Figure 1-10).
Figure 1-10 DHCP and DNS Servers in the Network
Table 1-32 summarizes the placement of DHCP and DNS servers on a Cisco enterprise network.
Table 1-32 DHCP and DNS Servers
| Network Location | Server Type |
| Campus data center | DHCP and internal DNS |
| Enterprise branch | DHCP and internal DNS |
| E-commerce | External DNS |
| Internet | External DNS |
| SP edge premises | External DNS |
| Remote enterprise data center | Internal and external DNS |
