IP adresses is an example. IP address has a form of four numbers (between 0 and 255), separated by dots. Each machine in the Internet must have an unique IP address. It works as a postal address - no message can reach the machine if there's no correct address.

Numbers are friendly for machines, but hard to remember for humans. That's why we have hostnames and domain (there are more reason, for example names allow to easily change IP addresses of servers - only DNS entry must be changed).

Hostnames, domains, zones

An example of a hostname: www.linuxquestions.org. It's a part of linuxquestions.org domain. Last portion of the address (.org) refers to a toplevel domain where the host belongs. Other toplevel domains are: .com, .net, .gov etc. Every country has its own toplevel domain. For example: .fr (France), .de (Germany), .jp (Japan) or .br (Brazilia).

Zone and domain mean nearly the same. There's one difference: zone is delegated to one server. A domain can be diveded into different zones.

How it works?

When you connect to LQ, you send a query to your DNS server (more about it later). The server checks if it has needed information. If it does, it sends it back to you. If the server that stores data from previous queries is called a caching nameserver.

If it doesn't have the information you're searching for, it asks one of the root servers. Root servers are on the top of DNS servers tree (the structure looks like a tree). They contain pointers to name servers for each top level domain.

Now the toplevel domain server for .org is asked about linuxquestions.org domain, it knows the address of the server containing detailed information about all hosts in the linuxquestions.org domain.

The last server is asked about the host www.linuxquestions.org hosts. When your DNS server has the reply, it sends the result back to you.

Types of DNS servers

A caching nameserverfinds answer to queries and then remembers them. Next time you wait much shorter (important when you have a slow connection).

Authoritative server is a server that can answer queries about a zone without help of any other server. Both primary and secondary servers are authoritative.

Primary server(in terms of specific zone) is a server that reads zone data from its local configuration.

Secondary server(in terms of a specific zone) gets zone data from outside sources (usually from master server).

How to use DNS servers?

The file with IP addresses of your nameservers is /etc/resolv.conf. When the machine is correctly configured, it should like this way:


DNS servers are listed in lines beginning with 'nameserver' (there are more things to configure in that file). In the example above there are two DNS servers: and (don't copy them, local addresses are used and it won't work in your network).

There's one more important file - /etc/host.conf. It should look like below:

order hosts,bind
multi on

When the file is filled properly, everything should work fine.

Where to get the addresses from?

Your ISP is the best source. Most ISPs have their own DNS servers. They're closest to you (so should be the fastest).

If you're using DHCP (many ADSL connections) or modem, your ISP may pass the information to you when you connect. In such case, you don't need to edit /etc/resolv.conf manually.

How to test it?

You can use 'ping' command. In the example below I sent 4 pings to www.linuxquestions.org. As you can see, the name was resolved to It means that my DNS works correctly.

sh-2.05b$ ping -c 4 www.linuxquestions.org
PING www.linuxquestions.org ( 56 octets data
64 octets from icmp_seq=0 ttl=48 time=533.9 ms
64 octets from icmp_seq=1 ttl=48 time=1184.3 ms
64 octets from icmp_seq=2 ttl=48 time=835.6 ms
64 octets from icmp_seq=3 ttl=48 time=543.4 ms

--- www.linuxquestions.org ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 533.9/774.3/1184.3 ms

Sometimes the simple method with ping is not enough. You can use 'nslookup' or 'dig'.

First example, using nslookup:

sh-2.05b$ nslookup www.linuxquestions.org
Note:  nslookup is deprecated and may be removed from future releases.
Consider using the `dig' or `host' programs instead.  Run nslookup with
the `-sil[ent]' option to prevent this message from appearing.

Non-authoritative answer:
Name:   www.linuxquestions.org

As you can see it gives the same answer as we got when ping was used.

Next example, using 'dig'. The command format is:

dig @DNS_server host

It returns more information, so may be harder to read. I'm asking the server about www.linuxquestions.org. You don't need to give the DNS server. If you simply use 'dig.linuxquestions.org', your default DNS server will be used. In the 'ANSWER SECTION' you can see that www.linuxquestions.org is In the line 'Query time' you can see how much time it takes to get an answer. In the example below the time is very short, because I use caching nameserver (you can use this to choose between servers).

sh-2.05b$ dig @ www.linuxquestions.org

; <<>> DiG 9.2.2 <<>> @ www.linuxquestions.org
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28312
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 0

;www.linuxquestions.org.                IN      A

www.linuxquestions.org. 16      IN      A

linuxquestions.org.     16      IN      NS      ns2.choiceone.net.
linuxquestions.org.     16      IN      NS      ns3.choiceone.net.
linuxquestions.org.     16      IN      NS      ns1.choiceone.net.
linuxquestions.org.     16      IN      NS      ns1.linuxquestions.org.

;; Query time: 6 msec
;; WHEN: Fri Jul 11 17:00:39 2003
;; MSG SIZE  rcvd: 141