Cygna Labs
Request Free Trial

Cygna Labs Completes Acquisition of Diamond IP, Third-Largest Global DDI Vendor

Learn more
  1. Home

  2. Blog

  3. DNS: It's not just for humans anymore

DNS: It's not just for humans anymore

Timothy Rooney

Timothy Rooney

Aug 09, 2022

DNS: It's not just for humans anymore

Thanks to search engines like google, locating articles, blogs, opinions, and even bona fide information on the Internet is as simple as posing a question in a web browser. Just type in your query then click on one of the search engine results to access the corresponding content. Of course, between the point when you click on a result and arrive at the linked page, the critical function of the domain name system (DNS) performs its crucial yet hidden role. Each search result displays text to the searcher representing content they can expect to find if they click on it. With the hypertext markup language (HTML), behind the text lies the corresponding uniform resource locator or URL. The URL is in the form of a web address that you might enter into your web browser, like www.google.com.

Names are helpful for humans using the Internet to identify desired destinations, but your laptop, mobile, watch, etc., generically “device,” connects to your destination using the Internet Protocol (IP). The IP header enables specification of the destination IP address to route the request, typically using hypertext transfer protocol (HTTP), to the desired destination. So how does your device translate the linked URL into an IP address? DNS enables administrators to publish their domain names and corresponding IP addresses to direct devices seeking access to applications running on servers configured with those IP addresses.

Note that the URL corresponding to a given click may have slashes, question marks and other characters that are passed within the HTTP (or corresponding protocol) request to the destination. DNS translates only the domain name portion of the URL to an IP address. So a URL of “www.example.com/information?query=yes” would trigger a DNS lookup of www.example.com. Once the IP address of the server hosting the corresponding resource has been identified thanks to DNS, the application protocol can use these additional parameters to parse the request accordingly. And while HTTP is the example protocol I’m using to illustrate this process, DNS can translate destinations to IP addresses for any Internet protocol, include email, file transfer, even voice and video communications. And DNS can do more than translate destinations into IP addresses, enabling the location of desired network services, alias device names, security credential affirmations, and more.

DNS facilitates navigation of the Internet by humans for a wide variety of applications and services. It also eases the job of administrators managing IP networks. For example, to migrate to a new web server on a new IP address, administrators need only update DNS to change the IP address associated with the web server’s address records. The end user need not know that the web content is actually being served by a server in a different location, in the cloud, or on a content delivery network. Administrators can thus publish stable names for resources and manage IP address mappings behind the scenes with DNS. This naming stability not only facilitates consistent user reachability and access but also reachability from other sites which link to your content.

DNS name stability is also indispensable for machine-to-machine communications, particularly within software defined networks and private or public cloud virtualized network functions (VNFs). A series of VNFs may be required for data stream traversal to provide a given end-to-end service. For example, a new service promising secure, optimized communications could accept user data, voice or video traffic and route this input stream through a firewall VNF, then to an application traffic optimizer VNF and on to an encryption VNF. This service chaining concept enables flexible and modular services implementation.

If the service proves popular, the input traffic could exceed the processing capacity of one or more VNFs in the chain. Implementing the service such that a predecessor VNF references its successor VNF in the chain by name instead of IP address, multiple VNFs sharing a common domain name could be provisioned as needed to expand capacity elastically. The encryption service component for example could comprise three encryption VNFs sharing a common domain name, e.g., encrpytservice.example.com. The optimizer VNFs would locate the next link in the service chain via DNS (querying encrpytservice.example.com) and route the stream to one of the three corresponding VNF IP addresses returned by DNS. When spinning up new VNFs to support a given service in the chain, simply add the new VNF’s IP address to the service’s domain name resource record set in DNS. This streamlines the provisioning of elastic capacity for each chained function provided by instantiating the VNF and updating DNS without having to reconfigure predecessor VNFs.

DNS has proven an indispensable component for the smooth operation of today’s IP networks, enabling devices to “google” destinations to which to connect, whether initiated by humans browsing or using other Internet applications, by network administrators to manage their networks more easily behind the scenes and for software defined networks in facilitating scalability and elasticity.

Switch to Cygna Auditor and save 30% or more on your annual maintenance fee
Request Free Trial
Request Free Trial