DNS Explained | Domain Name System | Cisco CCNA 200-301

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey what's up guys welcome to serpros in this video we're going to be looking at the domain name system so the domain name system is more commonly known as dns dns plays a very important role in modern day networking it's the unsung hero that allows us to use the internet in the simplest way possible without dns our connected lives would look very different let me show you what i mean the world is full of web servers almost 2 billion websites exist today websites such as facebook.com youtube.com and of course everyone's favorite certabros.com the problem is web servers like these don't use names like certbros.com no web servers actually use ip addresses this becomes an issue being the small-minded humans that we are we can't process large amounts of ip addresses very easily humans are much better at using domain names such as searchpros.com but web servers can only understand ip addresses such as 160.153 can you imagine trying to browse the websites using the ip address alone this is why we need something that sits in between us something that will convert our domain names to ip addresses almost like a translator this is where dns comes in dns will take our domain name and then translate or resolve it into an ip address let's see how this works okay so this is your computer and you want to go to your favorite website so you type www.searchbros.com remember web servers do not work with domain names so your computer needs to translate this into an ip address the first thing it does is check the local cache both on the computer and the browser there's also a local configuration file that's checked if there are no cache entries your computer will send a query to something called a dns recursive resolver asking for an ip address for serpros.com the dns recursive resolver will most likely be managed by your isp you can change this to a third party such as google dns or even run your own internal dns resolver once the dns resolver receives your query it checks its cache if it can't find an entry for surprise dot com it will send a request to another server this is called a root server a root server is at the top of the dns hierarchy and it's the first step in resolving serpros.com to an ip address there are hundreds of root servers around the world but they all use one of 13 ip addresses the job of a root server is to provide the details of top level domain servers a top level domain could be com org net etc in this example the root server will refer us to the top level domain server for dot com so then we query the top level domain server for searchpros.com a top level domain server or tdl for short is a server that contains information for domains with a specific extension in this example we've queried the dot-com tdl server but the tdl still doesn't know the ip address we need it will however know the location of the authoritative name server we then send our query to the authoritative name server this is the last step of the dns lookup with a bit of luck the authoritative name server will have a record for certabose.com and it will return the ip address to our dns resolver the dns resolver would then send this ip address back to our computer and now with the ip address our computer can then speak directly to the web server and all of that happens in a blink of an eye so next time a web page is taking a moment to load just think back to all of these requests happening behind the scenes so normally if you're running a packet capture while querying dns you will only see the request to the dns resolver and the dns resolver's response the root tdl and authoritative name server queries are only ever seen from the perspective of the dns resolver but in this video i want to show you the whole process live and in action the way we can do this is by setting up our own internal dns resolver so here is my host computer and it's also a dns server as well it's a windows 2019 server with dns installed if i open powershell and i type ipconfig forward slash all we can see at the bottom the dns is set to colon colon 1 and 127.0.0.1 which hopefully by now you know is our local loopback address the first thing i'm going to do is open chrome and wireshark to capture this entire process i need to be very specific in how i go about this because dns is so darn efficient i need to make sure that there are no cached entries anywhere so i need to first clear my browser cache you can see already i have chrome colon for slash forward slash net dash internals slash dns open this page lets us clear chrome's dns cache so after i click that i now need to clear my computer's dns cache i'll open powershell again type ip config forward slash flush dns hit enter and now my computer's dns cache has been cleared now because this is also a dns server i need to take another step which is to clear the dns server cache to do this i type clear dash dns server cache but before i press enter i need to get everything ready dns is a very very quick to start caching entries and if i let it it will start to cache tld servers so i'll open another tab in my browser and type www.searchbros.com but i won't press enter just yet next i'm going to start our wireshark packet capture while that's running i'm ready to clear the cache and browse to the website so i'll open powershell backup i'll move it over so we can see the packet capture now i'll press enter to clear the dns server cache it will ask me to confirm by typing y as soon as i press enter i want to load the website to avoid any chance that dns will start caching servers so i'll hit enter in powershell and straight away load serpros.com in the browser and as the website starts to load we can see lots of traffic in our wireshark capture as soon as we start to see the webpage we can stop capturing traffic i'll make wireshark full screen so it's easier to see there's a lot of information here so the first thing we want to do is filter the capture to only show dns traffic to do this i'll simply click on the display filter at the top of the screen and type dns now we only see dns traffic because this computer is our dns resolver the first entry we see is going to be the query to the root server we know this because the destination ip address is one of the 13 root server ips if we open the transport layer information we can see that it's sent using udp to a destination port of 53 which is the well-known port number for dns if we close the transport information and now open up the dns information then select queries we can see our request for www.searchbros.com the request is for an a record an a record is an ipv4 address for a domain if we were trying to find the ipv6 address it would be an aaa record also known as quad a okay so now if we look down the captcha we should see the root server reply if we select the reply we can see the ports have been reversed and now the source port is 53. we can still see the query for serpros.com but now we have some more information under authoritative name servers we have a list of the dot-com top-level domain servers or tlds additional records show the ip addresses for these tld servers the top ip address is 192.5.6.30. if we take a look at the capture again we can see we sent a request to the top level domain server for surfboards.com hopefully this process is starting to look familiar to you if we then scroll down we can find the reply from the tld server the query is still there and the response is listing two authoritative name servers again additional records show the ip addresses we are now at the last step of this process a bit further down we can see we sent one last query to the authoritative name server at 173.201.6 again we are asking for www.searchbros.com the reply is just below here we see the query and finally the answer which is the ip address for certabros.com if i change the display filter the top of the screen to ip.addr equals equals and then the ip address 160.153.137.40 we can see the conversation between this computer and the web server hosting searchpros.com now that our computer knows the ip address for searchpros.com it's going to cache this for future use if we open powershell type ipconfig forward slash display dns we can see an entry for www.searchpros.com and the associated ip address as well as our local computer the browser and the dns server will cache this entry to make it easier to find in the future this video is part of the full ccna course that can be found in the description so please feel free to go and check that out that's it for dns if you like this video don't forget to give it a thumbs up comment and subscribe the support from you guys really helps this channel grow other than that thank you for watching you

Info

Channel: CertBros

Views: 145,260

Rating: undefined out of 5

Keywords: dns, domain name system, dns explained, dns lookup, what is dns, what does dns do, dns server, root server, tutorial, what is dns server and how it works, how dns works, ccna 200-301, ccna training, cisco, cisco ccna, cisco networking, computer networking, computer networking course, networking, networking tutorial

Id: FsGUi5pXpLk

Channel Id: undefined

Length: 11min 58sec (718 seconds)

Published: Tue Feb 23 2021