I do not understand how our modern domain name service (of course: DNS) works.
Hopefully some knowledgable dopers will fight my ignorance and explain the workings.
For background, here is the wikipedia page:
Here are some questions.
What software on my computer actually does the work of translating names to IPs? Since this function has to happen on any networked computer, I am hoping we can keep the answers OS independant.
When my computer sends out a DNS resolution request, it is a specially formed packet is it not? Of course it is TCP, but isn’t it recognizable at the packet addressing level (a router doesn’t have to open the packet to know what it is). The reason I ask is it seems in my experience ISPs don’t make it easy to use other DNS servers. And if they are so concerned, they could program their routers to resolve DNS requests themselves regardless of what the destination address on the packet is.
I have another thread where I am troubleshooting a DNS problem for a new DSL setup.
There is a case where everything works except the DNS. It is as if the ISP isn’t handling the address resolution packets as I think they should.
In a modern big ISP dominated world, how do I redirect DNS resolution requests to a DNS server of my choice? Will just putting the Google DNS IP (8.8.8.8) into my network panel work? That is what I do, but I am not convinced my ISP actually honors that request.
Does anyone know whether ISPs redirect or intercept DNS requests?
Any insight or additional questions would be most appreciated.
Thanks
Why do you think the ISP’s make it difficult? (Or, in what way are they making it difficult?)
On my machines I just open a dialogue box and enter the dotted quad for the primary and secondary DNS. That’s all there is to it! The ISP is not involved at all.
The basics of DNS are pretty simple - think of a phone book. You look up Bob Smith (or Google) and you get a phone number (or IP address). It’s an idiot scheme that lets us human folks, who tend to remember words more easily than numbers.
There are some emerging technologies (OpenDNS, for example) that slightly complexify the concept, but… they’re still “phone books.”
My guess would be that, in the next 10 years or so, DNS as we know it currently will become somewhat deprecated due to security considerations. But that could just be the security guy in me worrying about DNS poisoning.
Why aren’t you convinced of this? Simple test: does name resolution work when you have it set to 8.8.8.8? Now does it work when you have it set to 100.100.100.100? (Make sure your OS isn’t caching lookups when you perform this test.)
If you want to debug DNS issues, use a tool like nslookup or dig, depending on OS.
I suppose they could if they wanted to, but I doubt that many do.
I remember something on slashdot last year where comcast was intercepting dns requests even when the user was trying to use a different dns server. Not sure what the outcome of this was.
I don’t think the software on your computer does a whole lot in terms of DNS; it sends out the query to a remote DNS server, which gives you back an IP address to connect to. Your hosts file can specify manual routings, but aside from that, your system should be going with whatever your ISP or other DNS server tells you.
Like arseNal said, just try it out with either a browser or nslookup. You can also download Wireshark (a packet inspector) if you want to see the raw traffic. Here is a page that seems to analyze a sample DNS query (I didn’t read it).
I think now they allow you to opt-out. Other ISPs have since started doing similar things – it’s free ad avenue for them whenever someone types in an invalid URL. Ugh.
The only way you could figure out if your ISP is transparently redirecting DNS requests is by looking at the resolver information (nslookup shows this, but is generally deprecated), or the results for a failed lookup (either a fail from a properly configured DNS of your choice, or a search page from some provider).
An ISP would do this if they make money of the search redirection, or if they feel too much DNS traffic is going off-network.