top

09.0914DNS traceroute, a technical premier

Edit | Tagged: | 0 Comments

Domain names are resolved by DNS name servers. These name servers resolve a given domain name from right to left. When you goto the domain "entic.net", the following queries are done, in order:

root@tail:~# dig +trace www.entic.net

; <<>> DiG 9.3.6-P1 <<>> +trace www.entic.net
;; global options:  printcmd
.			147403	IN	NS	L.ROOT-SERVERS.NET.
.			147403	IN	NS	D.ROOT-SERVERS.NET.
.			147403	IN	NS	K.ROOT-SERVERS.NET.
.			147403	IN	NS	B.ROOT-SERVERS.NET.
.			147403	IN	NS	C.ROOT-SERVERS.NET.
.			147403	IN	NS	M.ROOT-SERVERS.NET.
.			147403	IN	NS	J.ROOT-SERVERS.NET.
.			147403	IN	NS	H.ROOT-SERVERS.NET.
.			147403	IN	NS	E.ROOT-SERVERS.NET.
.			147403	IN	NS	I.ROOT-SERVERS.NET.
.			147403	IN	NS	G.ROOT-SERVERS.NET.
.			147403	IN	NS	A.ROOT-SERVERS.NET.
.			147403	IN	NS	F.ROOT-SERVERS.NET.
;; Received 500 bytes from 66.151.145.33#53(66.151.145.33) in 1 ms

net.			172800	IN	NS	a.gtld-servers.net.
net.			172800	IN	NS	b.gtld-servers.net.
net.			172800	IN	NS	c.gtld-servers.net.
net.			172800	IN	NS	d.gtld-servers.net.
net.			172800	IN	NS	e.gtld-servers.net.
net.			172800	IN	NS	f.gtld-servers.net.
net.			172800	IN	NS	g.gtld-servers.net.
net.			172800	IN	NS	h.gtld-servers.net.
net.			172800	IN	NS	i.gtld-servers.net.
net.			172800	IN	NS	j.gtld-servers.net.
net.			172800	IN	NS	k.gtld-servers.net.
net.			172800	IN	NS	l.gtld-servers.net.
net.			172800	IN	NS	m.gtld-servers.net.
;; Received 491 bytes from 199.7.83.42#53(L.ROOT-SERVERS.NET) in 10 ms

entic.net.		172800	IN	NS	ns1.everydns.net.
entic.net.		172800	IN	NS	ns2.everydns.net.
entic.net.		172800	IN	NS	ns3.everydns.net.
entic.net.		172800	IN	NS	ns4.everydns.net.
;; Received 176 bytes from 192.5.6.30#53(a.gtld-servers.net) in 80 ms

www.entic.net.		7200	IN	CNAME	entic.net.
entic.net.		86400	IN	NS	ns1.everydns.net.
entic.net.		86400	IN	NS	ns2.everydns.net.
entic.net.		86400	IN	NS	ns3.everydns.net.
entic.net.		86400	IN	NS	ns4.everydns.net.
;; Received 190 bytes from 208.76.62.100#53(ns1.everydns.net) in 1 ms

The queries are done in this order, as shown above:

"." -> "net." -> "entic.net." -> "www.entic.net."

You ask a DNS server for information about ".", you get back a list of servers mapped it. You then ask these servers for information about "net.", you get back another list. You then ask those list of servers for information about "entic.net.". This process follows, until we get back the final IP address information for www.entic.net. Note, the "." information is built into the DNS servers (e.g. called the ROOT cache).

There you have it, a quick summary of a trace of a domain lookup done by servers all over the world.

0 Responses to DNS traceroute, a technical premier

Feed for this Entry

Leave a Reply

Mail will not be published