Why I need to specify a DNS server in my operating system?

Question

I have this big doubt concerning DNS. I have been watching some videos and reading about how DNS works. I think I have unsertood it except in one point. Why I need to specify in my win 7 OS or in my Ubuntu box the DNS server? Sometimes it is configured as the one my ISP assigns to me and sometimes I have test google's public dns servers (8.8.8.8). I don't understand what these DNS servers mean.

As far as I know the operating system has a resolving name server. This is the one responsible for querying the ROOT name servers to get the TLD name servers and then the Authoritative name servers to finally get the IP. The root name server's ips are "hardcoded" into the OS. So I don't understand why I need my ISP dns servers or google's dns server, my OS can resolve that on his own!

Thanks a lot!

Answer 1

Short answer: you have chosen not to use DHCP, which automatically configures the IP addresses of your ISP's name servers (or your home router's additional layer of DNS caching).

Explanation:

DNS resolvers do not directly query the root servers because that would be very inefficient. The root servers would have to handle all the load of billions of Internet-connected devices, and if resolvers were to make multiple non-recursive queries (and be more complex than necessary), DNS lookups might be drastically slower.

Therefore, ISPs operate "recursive" or "caching" name servers for their customers to use. Ideally, the servers are located close by to minimize latency. Many home routers even provide an additional layer of caching – if your DNS server address is the same as your gateway address, that is likely the case.

Say for example your web browser needs to know the IP address of superuser.com. and asks your ISP's name server for it. Here are the performance advantages of doing so over directly querying authoritative servers:

• Your ISP's name server might actually know the answer from when another resolver asked the same question, saving time and bandwidth.

• Even if your ISP's name server does not already know the answer, it probably does know where to look: the .com. name servers. It knows their addresses from when a resolver asked about another .com domain name.

• It can remember the answer in case it later receives the same query. The "time to live" (TTL) associated with a particular answer makes the server forget it after a while to prevent outdated information from staying around forever.

Each ISP's name servers have different IP addresses, so the DNS IP addresses cannot be hardcoded. Perhaps all ISP-operated recursive DNS servers could be clustered under a single IP address using anycast as Google Public DNS is, but there is no point in doing that, as the problem of automatically configuring DNS is already solved by protocols like DHCP and PPP.

DHCP and PPP allow not only configuring the client's IP address but also its DNS server addresses. You only need to specify a DNS server address manually if you have specifically chosen not to use DHCP.

Answer 2

Unless I'm severely mistaken, the root name servers are NOT "hardcoded" into any operating system. DNS is used, as you know, to resolve website names (or server names) to IP addresses. Your server (or Windows box or what-have-you) will NOT be able to resolve any website addresses unless your box gets its DNS from a DHCP server, OR unless you have explicitly told your server/computer which DNS servers to query.

In Linux, that's done by editing /etc/resolv.conf. In Windows, that's done by editing the Network Adapter's settings.

Answer 3

As far as I know the operating system has a resolving name server.

It doesn't by default (except if you have installed one.)

So I don't understand why I need my ISP dns servers or google's dns server, my OS can resolve that on his own!

Theoretically, you may install your own DNS server and use it in your LAN to resolve all domain names. Google's and ISP's servers can save you time on resolving names because they have got a big cache of names they have recently resolved. They can save your efforts on setting up your own name server. Also, you should note that not so many ordinary (non-techie) people are willing to install any servers, etc., they just want to work on the computer.

Answer 4

Your internal resolver is a query client which may be able to query a number of sources for addresses including:

• Your local hosts file (/etc/hosts on Linux/UNIX)
• DNS
• WINS
• mDNS (Zero Config name service)

Your ISP's DNS servers work like a local database containing the addresses for hosts you and your neighbors have used recently. The DNS server will cache any addresses looked up for a period of time (often several days). They also know how to quickly find the address for names not already cached. Servers of this type are known as recursive DNS servers, and are normally not available to the general Internet.

For services like Google, Facebook, and other high volume sites, it is helpful to use a local server. Your ISPs DNS should have the addresses which are nearby (in network terms). Other DNS servers may provide addresses which are relatively far away, perhaps even continents away.

The root servers only provide servers for TLDs (Top Level Domains) like .com .net, .uk, etc. Like most DNS servers on the Internet, they don't provide recursive name services. As the data they provide is relatively static, it will be cached by recursive name servers that do query them. While the cached data is valid the recursive server will not need to query the root servers for that TLD.

If you get an IP address using DHCP, you usually also get name servers as part of the automatic setup. This is the way most of the computers I know of get their IP address, router, and DNS servers.

Hosts and servers with a fixed IP addresses require the DNS servers to be specified, if used. Many of the servers I have worked with use local DNS servers which are not available to users on the Internet. They usually serve up address for local hosts and servers. Selecting appropriate name servers may be critical for hosts and servers on a private network.

I am aware of a couple of major publicly accessible recursive DNS servers. These are the Google DNS servers and OpenDNs servers. I believe both these servers provide a some protection against malware sites. OpenDNS provides a number of filters which can be applied to restrict access to certain types of sites.

Answer 5

The DNS hierarchy is designed this way to limit the number of queries sent to root servers. there are some reliable and considered secure servers that provide DNS resolution like opendns http://www.opendns.com/- you can use their server if you are concern about security.

your ISP DNS server is able to cache some queries thus answering to them faster.

Answer 6

Root severs are only "hard coded" into a server running performing a DNS server role - your windows 7 machine wouldn't have those servers configured (unless, that is, it's serving as a DNS server). It's important to distinguish that these root servers are programmed into the mechanism serving DNS (BIND for instance) and not into the operating system itself.

Those DNS servers reference the root servers to find authoritative servers for the domain being looked up. Clients reference the DNS server programmed into their network adapter or /etc/hosts files, and those servers reference root servers.