Networking Fundamentals​, Quick Notes – Name Resolution

Name Resolution

  • Friendly Names are used for identifying hosts in IP networks, instead of IP addresses.  Friendly names must be resolved to IP address before communication.
  • Name resolution is the process of resolving names to IP address (for example: LAB01 = =
  • Multiple methods such as HOSTS, DNS, WINS, DDNS available for resolving names to IP address.


  • Before DNS, records were maintained manually in a simple TEXT file named “HOSTS”.
  • HOSTS file has entries on each client about other clients name & IP address (Hence not suitable for medium or large networks as it is difficult to update all computers when there is a change).
  • HOSTS file mechanism is still used for specific scenarios.

HOSTS File with proper entries must exist on all computers, similar to a personal phone book

  • View HOSTS file (Microsoft Windows)
    • Go to C:\Windows\System32\drivers\etc

Folder listing HOSTS & Other files; observe there is no file extension for “HOSTS”

  • Open HOSTS in a text editor

Hosts file open in a text editor, observe existing entries

  • To add Entries to a HOSTS file
    • BACKUP existing HOSTS file (Keep a copy elsewhere).
    • Open HOSTS file using a text editor.
    • Add 168.100.1SOMENAME (example).

Sample input in a hosts file

Note: You may not be able to save the file to the same location due to security restrictions; however, you can copy this file to another location, add sample entries and overwrite the file in C:\Windows\System32\drivers\etc; take extra caution to make sure there is no extension such as .txt applied automatically when saving this file.

  • To test:

Observe computer name resolved to an IP and message indicating 192.168.100.x network not reachable

Tip: Hosts file can be used for pointing to unfriendly or difficult computer names on a LAN (for example, CORP044594 can be mapped to a friendly name JOESCOMPUTER in HOSTS file). You can try adding an entry:   Gogoogle


  • Domain Name System.
  • Hierarchical distributed naming system.
  • Reduces administrative efforts, records are saved on a server instead of records on each computer.
  • Client/Server Technology.

DNS entries are stored in a centralized database, similar to a telephone directory


  • Zone contains mapping of IP addresses to Domain names, used for DNS queries.
  • Zone contains records in a well structured file (kind of text file) on DNS Servers referred to as “Zone” files.
  • Zone files contains records such as:
    • NS Record:Name Server records, IP address of name servers for a domain.
    • SOA Record:Start Of Authority Record, the authoritative name server for a domain.
    • A Record: Mapping of IPv4 address to Domain Names (used for resolving domain names to IP addresses).
    • PTR Record: Used for reverse lookup (Resolving IP Address to Domain Names).
    • CNAME Record:Canonical Name record, mapping standard names to a domain name such as www, mail, ftp, etc (
    • AAAA Record: Mapping of IPv6 address.
    • MX Record:Mapping of Mail Servers for a domain.

DNS Servers

Typically there are at least two DNS servers:

  • Primary DNS Server: First server that holds the records.
  • Secondary DNS Server: Syncs from Primary DNS time-to-time, can serve as a backup for Primary DNS Server.
  • DNS records aresynchronized within defined time, so either Primary or Secondary DNS server can respond to a client query as quick as possible and also serve as a backup if one DNS server fails or taken out for maintenance.

DNS Query Process

DNS Name Query Process example

  1. Client sends DNS request to ISP’s DNS Server.
  2. DNS Server replies with the corresponding IP address, if DNS 1 has the answer.
  3. If DNS Server 1 doesn’t have the answer, then DNS Server 1 gets the answer from DNS server 2.
  4. DNS Server 1 stores record in its Cache.
  5. DNS Server 1 replies to Client.
  6. Client receives and stores in local cache for subsequent actions (helps in reducing turn around time).
  • Authoritative Name Servers have all details of a particular domain and can provide answers directly to a DNS Client (DNS 1 can directly reply if that’s the authoritative server for a domain).
  • Non-Authoritative Name Servers query Authoritative servers to provide answers to a DNS client; may also provide answers to DNS client if answers are available in DNS Server Cache based on previous queries. (DNS 1 will get the reply from DNS 2, if DNS 2 is the authoritative server for a domain).

Domain Names

  • Unique names, maximum 63 characters.
  • Mapped to one or more IP addresses.
  • Domain name records are stored on DNS servers.
  • Simple tree structure with multiple levels.
  • Domain names are “leased” (not owned) for 1 Year, 2 Years, 3 Years or up to 10 Years and renewable thereafter.


  • Top Level Domains are the highest, controlled by the
  • Second Level Domains are leased through Domain Name Service Providers for a fee.
  • Third Level Domains are created by Administrators (for free) – also referred to as “Sub domains”.

Fully Qualified Domain Name (FQDN) for above:

Note: There are more than 1000+ TLD’s to choose from, and new TLD’s are being added. Customers may choose different TLD’s based on their business. For example a domain with .APP extension (TLD) may be selected if a customer plans to launch an Android or IOS App, a customer may select a domain name with .fashion extension if they are into garment business and so on. This is also useful in scenarios where a .COM or .NET extension is not available.



Sub-domains are used for creating sections under a domain, for specific purposes. For example, for web mail access, for employee access, etc.

16777216 sub-domains can be created per domain at no additional cost, as it is controlled by the domain owner.


  • DDNS (Dynamic DNS), allows automatic update of DNS records on DHCP environments.
  • DDNS reduces administrative efforts, since IP assignments & name services are automated.

Note: DNS requires records to be created/updated manually (Static Entries) by an administrator; In DDNS environments, records are automatically updated by DHCP Server (Dynamic Entries). DNS is suitable only for static entries.

DDNS Process


  1. DHCP Server assigns IP to DHCP Client.
  2. DHCP Server updates DNS Server ( =
  3. Client (3) sends name resolution request for to DNS Server
  4. DNS Server replies to Client with’s IP address.
  5. Client can communicate directly with
  6. If or when IP is changed for, then DHCP Server updates DNS Server with new IP.

Internet Service Providers often issue dynamic IP addresses to client devices, due to limited number of IP addresses (IP address assigned to a computer may be assigned to another computer at random, during DHCP renewals or when reconnecting). This makes it difficult for technical usage such as hosting a website which require a static IP address. Through DDNS it is possible to host websites using dynamic IP address. DDNS is offered as a free or paid service by many service providers; such service providers offer client software which automatically updates IP address whenever there is a change.

DDNS Example


  1. ISP assigns a dynamic IP address to a computer A.
  2. Client software installed on computer A updates DDNS server.
  3. Client B queries ISP DDNS server for Computer A’s IP address based on the mapped domain.
  4. ISP DDNS replies to Computer B with Computer A’s IP address.
  5. Computer B communicates with Computer A.
  6. ISP assigns a different dynamic IP address to the computer A.
  7. Client software on Computer A updates DDNS server.
  8. Computer B queries ISP’s DDNS server.
  9. ISP DDNS replies to Computer B with updated Computer A’s IP address.
  10. Computer B communicates with Computer A through updated IP address.

Note: There is no guarantee a client will receive the same IP address during DHCP renewals, yet still can be accessible as DHCP/DDNS will point to the right computer/server.

DNS/DDNS is also used in enterprise networks, generally not visible to public. Many organizations use DNS structure for internal Information Technology requirements; for example client computers may be named like CORPDESK01.COMPANYNAME.LOCAL and servers may be named like SVR01.COMPANYNAME.LOCAL for internal identification purposes; client computers are usually assigned IP addresses through DHCP servers and servers may be assigned static IP addresses.

An enterprise network with multiple clients and servers

For example:

  • Desktop clients are assigned IP addresses from DHCP Server
  • DHCP Server is set to allocate IP from range to
  • Mail & Web Servers are assigned static IP addresses.
  • DDNS service is enabled on DHCP Server.
  • DHCP Server automatically updates DDNS.

Note: If IP addresses of MSW02/O3/04 changes, then it is automatically updated in DDNS

  1. To communicate with WEB.EXAMPLE.COM, MSW04 sends a query to
  2. 168.1.1 replies to with WEB.EXAMPLE.COM’s IP address.
  3. 168.1.4 communicates with


  1. To communicate with MSW02.EXAMPLE.COM, MS04 sends a query to
  2. 168.1.1 replies to with MSW02.EXAMPLE.COM’s IP address.
  3. 168.1.4 communicates with

Note: If there are on the same physical network, then IP addresses are resolved to MAC address.

Many companies use a naming convention based on the location of a client/server computer; for example: BL01F2DC05 (Building 01, 2nd Floor, Desktop Computer 05). This helps administrators locate computers easily, when physical attention is required.

  • View DNS Server’s IP
    • CMD > ipconfig /all

Output listing a) IP of DNS Server (in this case it’s the Routers IP address)

Note: DNS Server’s IP addresses are pushed along with IP address from a DHCP server to a client in most scenarios; DNS servers can also be set on each client manually as per administrator’s preference.

NSLOOKUP is a command line utility for querying DNS servers.

  • View A (IPv4) & AAAA (IPv6) Record (IP Address) of a domain:
    • CMD > nslookup domainname

Output listing resolved a) IPv4 & b) IPv6 addresses (if both are available)

  • View Authoritative DNS Server of a domain:
    • CMD > nslookup -querytype=soa domainname

Output a) listing primary name server (Authoritative) of a domain

  • View Name servers of a domain:
    • CMD > nslookup -querytype=ns domainname

Output listing all name servers for a domain

  • View Domain Name from IP (Reverse Lookup):
    • CMD > nslookup -querytype=ptr IPADDRESS

Output listing domain name based on IP address

  • View Mail Exchange record of a domain:
    • CMD > nslookup -querytype=mx domainname

Output listing mail server records for a given domain

Note: Settings such as port numbers for POP3, SMTP & IMAP can be viewed only through control panel of a domain.

Modern operating systems store cached copies of DNS queries (if visiting a website viewed earlier, client computers refer cache first instead of querying the DNS again, to save time & reduce network traffic):

  • View DNS Cache (cached DNS queries):
    • CMD > ipconfig /displaydns

Output listing all resolved domain names & IP addresses available in local cache

Tip: Try viewing few websites using a web browser and observe entries in cache.

  • Clear DNS Cache (removes all resolved domain names & IP addresses from DNS cache):
    • CMD > ipconfig /flushdns

Input to clear DNS queries from local cache

Tip: Clear DNS cache once in a while, particularly if there are problems in resolving domain names (website not found) or internet related issues. 

Note: Adding records to a DNS server requires a server operating system and it is currently not included in this guide.


  • Similar to HOSTS, LMHOSTS (LAN Manager HOSTS) file is used for name resolution.
  • Available only on Microsoft Windows Operating Systems.
  • SAM (file extension .SAM) located in same folder as HOSTS file.


  • Similar to DNS, Windows Internet Name Service is used for name resolution.
  • Client/Server Technology.
  • Available only on Microsoft Windows Operating Systems.
  • WINS is depreciated.

Note: WINS is depreciated, hence not covered here.

Quiz 06

1. Features of UDP.

A. Connection-less & Unreliable B. No sequencing
C. No acknowledgment or re-transmission D. All of the above

2. Features of TCP.

A. Reliable & Connection-oriented B. Sequencing
C. Flow Control and re-transmission D. All of the above

3. Number of ports per IP address:

A. 16000 B. 65530 C. 65536 D. Unlimited

4. Well-known port numbers range:

A. 0-1024 B. 0-1023 C. 1024-49151 D. 12001-65535

5. Registered port numbers range:

A. 0-1024 B. 0-1023 C. 1024-49151 D. 12001-65535

6. Default port number for HTTP:

A. 8080 B. 80 C. 12000 D. 21

7. Default port number for FTP:

A. 8080 B. 80 C. 12000 D. 21

8. Default port number for POP3:

A. 20 B. 53 C. 110 D. 25

9. Default port number for SMTP:

A. 20 B. 53 C. 110 D. 25

10. Default port number for DNS:

A. 20 B. 53 C. 110 D. 25

11. Default port number for TELNET:

A. 23 B. 55 C. 443 D. 25

12. Default port number for HTTPS:

A. 23 B. 55 C. 443 D. 25

13. Command line utility for viewing network statistics:


14. Methods for name resolution:

A. HOSTS file B. LMHOSTS file C. DNS D. All of the above

15. Centralized name resolution methods:

A. DNS B. WINS C. DDNS D. All of the above

16. _____ naming resolution is used on networks utilizing dynamic IP addresses.


17. Location of HOSTS file in Microsoft Windows:

A. C:\Windows\System\Drivers\etc B. C:\Windows\System32\Drivers\etc
C. C:\Windows\System32\HOSTNAMES\ D. C:\Windows\etc

18. DNS utilizes a _____ naming system.

A. Symmetrical B. Hierarchical C. Asymmetrical D. Variable

19. Domain names are managed by:


20. Acronym – ICANN.

A. Internet Corporation for Automated Names and Numbers
B. Intranet Corporation for Automated Names and Numbers
C. Internet Corporation for Assigned Names and Numbers
D. Intranet Corporation for Assigned Names and Numbers

21. Command line utility for querying DNS servers:


22. Syntax for viewing DNS resolver cache:


23.Syntax for clearing DNS Cache:


24. ___ is used for secured transmissions.

A. SSL B. TLS C. DNS D. All of the above.

Leave a Comment

Shopping Cart