Webserver use, configuration and management

Unit WUCM1

Domain names

DNS - the Domain Name System

(Best reference for this topic is Albitz (2001), parts of these notes from Albitz after Jim Briggs)

Resolving host names

The Domain Name System (DNS) is the means by which the names of network hosts (e.g. www.port.ac.uk) are mapped onto their address (e.g. Although not limited to the Internet, DNS is hardly ever used for other networks, some of which have their own name mapping schemes (e.g. Microsoft WINS, Sun's NIS).

Initially (in the 1970s) there was a single file HOSTS.TXT that could be downloaded by FTP from a computer at Stanford. This contained a name-to-address mapping of all the (few hundred) hosts on the then ARPAnet. (The Windows /system32/drivers/etc/hosts or Linux /etc/hosts files are the residual decedents of the original HOSTS.TXT, with some of the original fields deleted.) The use of an FTP copy of HOSTS.TXT quickly became difficult to maintain, with the growth of the number of hosts, by the time an update had been copied to the far reaches, it was out of date! For a brief review see http://www.byte.org/one-history-of-dns.pdf

DNS has been used since about 1984. It was designed by Paul Mockapetris, then of University of Southern California.

It is a distributed database. Servers called name servers each keep details about some segment of the Internet. Clients called resolvers query the database by means of calls to name servers.

Pros and cons of distribution:

Structure of the namespace

Structure of the namespace (and hence the database) is hierarchical.   There are 13 logical root name servers (designated A-M).   These comprise the root of an inverted tree of domains.

Of the original servers, 10 are in the USA, 1 in the UK, 1 in Sweden and 1 in Japan. See http://www.root-servers.org/ for a map of where the (274 when last accessed) worldwide servers are now.


DNS root servers

The original (1980s) three-letter top-level domains (TLDs) are .COM, .NET, .ORG, .EDU, .INT, .MIL and .GOV. The first three are operated on commercial principles, while the last four have restrictive conditions on who can register names in those domains (respectively, four-year degree granting institutions in North America, organisations that were established by international treaty, the US military, and the US federal government). In 2001-2002, four new domains (.biz, .info, .name, and .pro) were introduced, as well as three so-called "sponsored" TLDs (.aero, .coop and .museum).

In addition, there are two-letter top-level domains for each country, and a special domain .ARPA which currently contains some Internet infrastructure databases. The two-letter country code top-level domains (ccTLDs) are based on the ISO 3166-1 two-letter country codes, (see http://www.din.de/gremien/nas/nabd/iso3166ma/codlstp1/en_listp1.html). There is one exception to this - .UK should really be .GB!

See http://www.icann.org/tlds/ for more details

Within each domain, the rules for allocating names and sub-domains are up to the domain administrator. An organisation called InterNIC (http://www.internic.net/) administers the .COM, .NET and .ORG domains (though they subcontract registration within these domains to a number of other companies around the world).   Nominet.uk (http://www.nic.uk/) is the registry for most .UK domain names (including co.uk, org.uk, net.uk, ltd.uk and plc.uk).

The billions of resource records in the DNS directory are split into millions of files called zones. Zones are kept on authoritative servers distributed all over the Internet, which answer queries according to the DNS network protocols.

In contrast, caching servers simply query the authoritative servers and cache any replies. Most servers are authoritative for some zones and perform a caching function for all other DNS information.


Diagram modified from Albitz (2001)

Most DNS servers are authoritative for just a few zones, but larger servers are authoritative for tens of thousands of zones. There may be more than one authoritative server for a zone but one of them will be designated the primary master name server, and the others (the slave servers) will query the master to update their information.

Querying a domain name

Assume that your web browser (Firefox or Internet Explorer) wants to look up a page on sunsite.ic.ac.uk:

  1. The resolver within the browser will have a list of name servers that it can query. This list (like your machine's IP address) is either specified in your network settings, or (more usually) assigned dynamically when you establish a network connection using the Dynamic Host Configuration Protocol (DHCP). Such name servers are usually relatively local. (The University operates at least two.) It is considered impolite to bombard someone else's name server with requests.
  2. The resolver will contact the first name server on the list and send it a recursive query to resolve the name "sunsite.ic.ac.uk".
  3. If that name server has "sunsite.ic.ac.uk" in its cache, then it will return the address.
  4. If it doesn't, it will send a series of iterative queries to allow it to resolve the name.
    1. It will ask one of the root name servers for the address of the name servers for the .uk domain.
    2. It will ask one of those name servers for the address of the servers for the .ac.uk domain.
    3. It will ask one of those name servers for the address of the servers for the .ic.ac.uk domain.
    4. It will ask one of those name servers for the address of sunsite.ic.ac.uk.
    5. If it already knows the address of a server it can short-circuit the process. For example if it already knows the server for the .ic.ac.uk domain, it can skip steps (a)-(c) above.
  5. Whenever a name is resolved, the authoritative name server annotates it with a "time to live" (TTL). A caching server will only cache the entry (if it can) for that length of time. After that it will do a full resolution again. This means that changes to addresses eventually get noticed (but not necessarily immediately).
  6. The resolver will wait 5 seconds for a response from a name server. If there is no reply within that time, it will try another name server. Once it has tried all the servers it knows about and got no reply, it go backs to the beginning and tries again with ever longer timeouts. There is a limit to the number of retries (normally 3). Normally, your resolver will give up after 75-80 seconds with a message like "host name lookup failure". Diagram modified from Albitz, (2001)


Finding the name associated with an address (inverse query)

Part of the domain namespace is given over to the resolution of names from addresses. This is the purpose of the .in-addr.arpa domain.

To find the name server responsible for (for example), you would do a lookup on (note the reverse order of the octets).   Authoritative name servers need to be setup to administer the appropriate part of this domain, as well as the conventionally named one associated with their zone.

Choosing a domain name

You need to do two things:

1.      You need to choose a name for your domain.

2.      You need to find a parent domain willing to adopt you. Obviously you need to choose a name that is not already taken in the parent domain.

Choosing a good name

See also:

There is big business to be done in domain names. Tuvalu ( .tv domain) is making a big profit out of its registration process - it will cost you $1 million to register "sports.tv" (see http://www.tv/en-def-0b188b9a5d77/cgi-bin/lookup.cgi?domain=sports). Moldova (.md) is targeting the medical community (see http://www.register.md/our-company.jsp).

Registering a domain

If you wanted to be "me.port.ac.uk", you would need to persuade the administrators of the ".port.ac.uk" domain to add you to their name server configuration. If you want to be "me.com", you would need to register with one of InterNIC's registrars. Most domain registration authorities provide you with a web-accessible means of checking whether a name is already taken.

What if the name you want is already taken?

  1. Choose a different name.
  2. Choose a different parent domain.
  3. Persuade the owners of the name to give/sell you it.
  4. Initiate the Uniform Domain-Name Dispute-Resolution Policy followed by all registrars in the .com, .net and .org domains. (see http://www.icann.org/udrp/udrp.htm) Under the policy, most types of trademark-based domain-name disputes must be resolved by agreement, court action, or arbitration before a registrar will cancel, suspend, or transfer a domain name. Nominet operates a similar free Dispute Resolution Service (DRS) for the .uk ccTLD. (see http://www.nic.uk/ref/drs.html)
  5. Give up!

The DNS Resource Directory has some good advice on the legal position in respect of Domain Names as intellectual property, see http://www.dns.net/dnsrd/disputes.html  and (Rony, 1998)

Setting up your own DNS server

If you are willing and able to administer your own zone of the DNS, you need to set up a computer as a name server and get the administrator of your parent domain to delegate authority for your sub-domain to you. In order to provide a reliable service in all cases you need to provide a Master DNS Server, and a backup or slave.   Without this level of assurance – delegation will not occur.

The most commonly used DNS software is BIND ( http://www.isc.org/software/bind ). This is an open source product. It has been incorporated into most vendors' UNIX-based systems, though you won't necessarily get the most recent version.

There is also a Microsoft name server that runs under Windows NT/2000/XP. Other vendors offer similar products.

As well as the code for the name server, most distributions include a resolver as a library routine that can be loaded into your program.

See Albitz (2001) for details of how to set up your name server. The practical side is well outside the scope of the WUCMI unit.

Commercially provided service and names

Thus far the discussion has been centred about providing your own web server, DNS etc, but for many smaller companies obtaining the use of web space managed by a specialist company is a preferable option. Even larger companies may well outsource their web systems, relying on the expertise and technical support of a third party.

Narrow or broadband ISP

Many ISPs offering either dial up modem based Internet access or broadband ADSL or Cable Internet access include web space as part of the deal. In most cases the name on offer is very tied to the supplier, i.e. it includes the name of the ISP as part of the URL, e.g.  www.nodename.freeserve.co.uk where nodename is your Freeserve identifier. Whilst this is fine for private use it is inappropriate for commercial activities – though not unknown.

Web hosting companies

Another route to acquiring both a domain name and web space is the use of web hosting companies, e.g. Lycos, http://webcentre.lycos.co.uk/product/domain/ or One&One http://oneandone.co.uk/. In this case the hosting company offers clients managed space on their web servers. The package would typically include:

For reviews and comparisons see one of the many monitoring and evaluation sites (sometimes with a commercial interest in some of the services). As an example, look at http://www.webhostingratings.com/ or http://www.webhostdir.com/spotlight/ukwebhosting.asp

Dedicated and managed server hosts

The next level up of commercial outsourcing is to have a host company run the hardware on your behalf. In this case the web host will provide fast Internet connectivity (often by being sited near a major Internet node such as in Canary Wharf), air and power conditioning, and optionally technical support (in the managed server scenario). An example of companies in this market would be RackSpace, http://www.rackspace.com/index.php (both US and UK server farms) or Apollo Hosting, http://www.apollohosting.com/ (largely confined to the US).

This type of service is the closest to running your own server in your own computer centre, offering a very good level of control over the environment offered to your website visitors/clients.


The DNS Resources Directory is online at http://www.dns.net/dnsrd/

Paul Albitz and Cricket Liu,
DNS and BIND (5e),
O'Reilly, 2006,                                      (in Library)
ISBN 0-596-10057-4, see (http://oreilly.com/catalog/9780596100575/)

Nigel Whitfield & David Angel
Join the Broadband Revolution
Personal Computer World, February 2004, pp 91-97

Ellen Rony and Peter Rony
The Domain Name Handbook: High Stakes and Strategies in Cyberspace
R & D Books, 1998
ISBN: 0879305150


Last updated by Prof Jim Briggs of the School of Computing at the University of Portsmouth