Windows 2000 DNS

Previous Topic Next Topic

Examples of Queries

The following examples show how queries for the following names are resolved:


note-icon

Note

In all of these examples, no DNS server has cached the name for which the client is querying. An actual query might progress differently, because the name might be cached.

Query for a Name in the Internal Namespace

Suppose that a computer in reskit.com needs to resolve a DNS query for host.second.reskit.com. First, the computer consults its exclusion list or its PAC file and discovers that host.second.reskit.com is in the internal namespace. Therefore, the computer submits the query to a local DNS server. Figure 6.28 shows how the query proceeds.

Figure 6.28    Query for an Internal Name in the Domain Reskit.com
Enlarge figure

Figure 6.28 Query for an Internal Name in the Domain Reskit.com

The query proceeds as follows:

  1. The computer submits a query to its local DNS server, server.first.reskit.com.
  2. If the local server is not authoritative for host.second.reskit.com, the local DNS server queries a root server.
  3. The root server returns a reference to the authoritative server, server.second.reskit.com.
  4. The local server, server first.reskit.com, queries server.second.reskit.com.
  5. Server.second.reskit.com resolves the query and returns the response to the local server.
  6. Server.first.reskit.com passes the response to the client.

Now suppose that a computer in acquired01-int.com needs to resolve a DNS query for host.second.acquired01-int.com. Figure 6.29 shows how the query proceeds.

Figure 6.29    Query for an Internal Name in the Domain <NOBR>Acquired01-int</NOBR>.com
Enlarge figure

Figure 6.29 Query for an Internal Name in the Domain Acquired01-int.com

The query proceeds as follows:

  1. The computer submits the query to its local DNS server, server.first.acquired01-int.com.
  2. If the local server is not authoritative for host.second.acquired01-int.com, the local DNS server forwards the query to the DNS server that is authoritative for the acquired01-int.com zone.
  3. The DNS server that is authoritative for the acquired01-int.com zone finds a delegation to the server server.second.acquired01-int.com and queries that server.
  4. Server.second.acquired01-int.com resolves the query and returns the name to the DNS server authoritative for the acquired01-int.com zone.
  5. The DNS server that is authoritative for the acquired01-int.com zone returns the name to the local DNS server.
  6. Server.first.acquired01-int.com returns the name to the client.

Query for a Name in the External Namespace

Suppose that a computer in reskit.com needs to access a Web page on the computer host.isp01-ext.com. Figure 6.30 shows how the query proceeds.

Figure 6.30    Query in the Domain Reskit.com for a Name on the Internet
Enlarge figure

Figure 6.30 Query in the Domain Reskit.com for a Name on the Internet

The query proceeds as follows:

  1. Because the client is a proxy client, it consults its exclusion list or its PAC file and determines that the name is not in the internal namespace. Therefore, the client sends the request to the proxy server.
  2. The proxy server sends a query to the DNS server to which it is configured to send queries. In this case, the server is server.reskit01-ext.com.
  3. The server server.reskit01-ext.com sends a query to the Internet root server.
  4. The Internet root server returns a referral to a server that is authoritative for the Internet zone com.
  5. The server server.reskit01-ext.com queries the server that is authoritative for the com zone.
  6. The server that is authoritative for the zone com returns a referral to the server that is authoritative for the zone isp01-ext.com.
  7. The server server.reskit01-ext.com queries the server that is authoritative for the zone isp01-ext.com.
  8. The server that is authoritative for the zone isp01-ext.com returns the IP address that corresponds to the name host.isp01-ext.com.
  9. The server server.reskit01-ext.com returns the response to the proxy server.
  10. The proxy server uses the IP address to contact host.isp01-ext.com and provides necessary information to the client.

Now suppose that a computer in acquired01-int.com needs to resolve a DNS query for host.isp01-ext.com. Figure 6.31 shows how the query proceeds.

Figure 6.31    Query in the Domain <NOBR>Acquired01-int</NOBR>.com for a Name on the Internet
Enlarge figure

Figure 6.31 Query in the Domain Acquired01-int.com for a Name on the Internet

The query proceeds as follows:

  1. The computer queries its local DNS server, server.first.acquired01-int.com.
  2. If the server cache does not contain the requested data, the local DNS server forwards the query to the DNS server that is authoritative for the zone acquired01-int.com, server.acquired01-int.com.
  3. The server server.acquired01-int.com forwards the query to the external server, server.acquired01-ext.com, through the firewall.
  4. The server server.acquired01-ext.com sends a query to the Internet root server.
  5. The Internet root server returns a referral to a server that is authoritative for the Internet zone com.
  6. The server server.acquired01-ext.com queries the server that is authoritative for the zone com.
  7. The server that is authoritative for the zone com returns a referral to the server that is authoritative for the zone isp01-ext.com.
  8. The server server.acquired01-ext.com queries the server that is authoritative for the zone isp01-ext.com.
  9. The server that is authoritative for the zone isp01-ext.com returns the IP address that corresponds to the name host.isp01-ext.com.
  10. The server server.acquired01-ext.com returns the IP address to server.acquired01-int.com through the firewall.
  11. Server.acquired01-int.com returns the IP address to the local DNS server, server.first.acquired01-int.com.
  12. Server.first.acquired01-int.com returns the IP address to the client. The client can then contact the host through the firewall and download the desired Web page.

Query for a Name in the External Namespace of an Organization

Suppose that a computer in reskit.com needs to access a Web page in the external zone www.reskit01-ext.com. Figure 6.32 shows how the query proceeds.

Figure 6.32    Query for a Name in the External Zone <NOBR>Reskit01-ext</NOBR>.com
Enlarge figure

Figure 6.32 Query for a Name in the External Zone Reskit01-ext.com

The query proceeds as follows:

  1. Because the computer is a proxy client, it consults its exclusion list or its PAC file. After finding that the name is not in the exclusion list, it sends a request to the proxy server.
  2. The proxy server submits the query to the DNS server that the proxy server is configured to use, server.reskit01-ext.com. In this example, server.reskit01-ext.com also happens to be authoritative for www.reskit.com.
  3. The server server.reskit01-ext.com resolves the query and returns the response to the proxy server.
  4. The proxy server uses the resulting IP address to contact server.reskit.com and provides the necessary information to the client.

Now suppose that a computer in the zone acquired01-int.com needs to open a Web page in the external zone www.acquired01-ext.com. Figure 6.33 shows how the query proceeds.

Figure 6.33    Query for a Name in the External Zone <NOBR>Acquired01-ext</NOBR>.com
Enlarge figure

Figure 6.33 Query for a Name in the External Zone Acquired01-ext.com

The query proceeds as follows:

  1. The computer submits the query to its local DNS server, server.first.acquired01-int.com.
  2. If the cache does not contain the necessary data, server.first.acquired01-int.com forwards the query to the DNS server that is authoritative for the zone acquired01-int.com.
  3. The server that is authoritative for the zone acquired01-int.com forwards the request through the firewall to server.acquired01-ext.com.
  4. Server.acquired01-ext.com resolves the name and returns the response through the firewall to server.acquired01-int.com.
  5. Server.acquired01-int.com returns the response to server.first.acquired01-int.com.
  6. Server.first.acquired01-int.com returns the response to the client, and the client then uses the IP address to connect through the firewall to the Web server, which is located on the Internet.

Query for a Name in the Namespace of the Merged Organization

Suppose that a computer in reskit.com needs to contact the computer host.acquired01-int.com. Figure 6.34 shows how the query proceeds.

Figure 6.34    Query for a Name in the <NOBR>Acquired01-int</NOBR>.com Namespace
Enlarge figure

Figure 6.34 Query for a Name in the Acquired01-int.com Namespace

The query proceeds as follows:

  1. Because the computer is a proxy client, it consults its exclusion list or its PAC file and submits a query for the name host.acquired01-int.com to the local DNS server, server.first.reskit.com.
  2. If the cache does not contain the necessary data, the server queries the internal root server.
  3. The root server finds a delegation to the zone acquired01-int.com and returns the IP address of the server that is authoritative for acquired01-int.com to the local DNS server.
  4. The local DNS server submits the query to the server that is authoritative for acquired01-int.com.
  5. Because that server is authoritative for host.acquired01-int.com, the server resolves the query and returns the answer to the local DNS server.
  6. Server.first.reskit.com returns the response to the client.

Now suppose that a computer in acquired01-int.com needs to contact the computer host.reskit.com. Figure 6.35 shows how the query proceeds.

Figure 6.35    Query for a Name in the Reskit.com Namespace
Enlarge figure

Figure 6.35 Query for a Name in the Reskit.com Namespace

The query proceeds as follows:

  1. The computer submits a query to its local DNS server, server.first.acquired01-int.com.
  2. If the cache does not contain the necessary data, the server forwards the query to the DNS server that is authoritative for the zone acquired01-int.com.
  3. Because the DNS server that is authoritative for the zone acquired01-int.com contains a secondary copy of the zone reskit.com, it resolves the query and returns the response to server.first.acquired01-int.com.
  4. Server.first.acquired01-int.com returns the response to the client.

© 1985-2000 Microsoft Corporation. All rights reserved.