Welcome to Jeremy’s IT Lab. This is a free, complete course for the CCNA. If you like these videos, please subscribe to follow along with the series. Also, please like and leave a comment, and share the video to help spread this free series of videos. Thanks for your help. In this video we will cover DNS, Domain Name System. DNS is a protocol that you certainly make use of on a daily basis. DNS is all about making it easier for us humans to access different resources over networks such as the Internet. For example it allows us to use the domain name ‘youtube.com’ to access YouTube instead of having to enter an IP address. Names like ‘youtube.com’ or ‘google.com’ are much easier for us to remember than IP addresses. DNS is part of exam topic 4.3, which says you must be able to explain the role of DHCP and DNS within the network. You don’t need to know DNS in depth for the CCNA, you don’t need to know the detailed operations of DNS, just understand its basic purpose. The information I give you in this video should be more than enough for you to answer any DNS-related questions on the CCNA exam. Here’s what we’ll cover in this video. First up, the purpose of DNS. I already mentioned it, but I’ll explain a little more. Then the basic functions of DNS, a quick overview of how it works. As I said before, I won’t get into unnecessary details that you don’t need for the CCNA. Finally, I’ll show how to configure DNS in Cisco IOS. Watch until the end of the video for a bonus practice question from Boson Software’s ExSim for CCNA. ExSim practice exams simulate the style and difficulty of the real CCNA better than any other practice exams, and from personal experience I can say they are a great tool to prepare for the CCNA exam. If you want to get ExSim, follow the link in the video description. Let’s review the purpose of DNS. DNS is used to resolve human-readable names, such as google.com, to IP addresses. Resolve in this case means convert. You enter a name, such as google.com, and it converts it to an IP address. Machines such as PCs don’t use names, they use addresses such as the IPv4 and IPv6 addresses we’ve covered in the course. However names are much easier for us humans to use and remember than IP addresses. IP addresses are human-readable too, of course. IPv4 addresses especially aren’t too long when written in dotted decimal, however there’s no doubt that names are much easier to remember. What’s the IP address of youtube.com? Chances are you have no idea. Thanks to DNS, you can access youtube.com without having to remember the IP address. When you type ‘youtube.com’ into a web browser, your device will ask a DNS server for the IP address of youtube.com. The DNS server, or servers, your device uses can be manually configured or learned via DHCP. DHCP is the dynamic host configuration protocol, that will be the topic of a future video. Okay, that’s the basic outline of DNS. Now I’ll use this network to demonstrate how it works. Three PCs are connected to R1 via SW1. R1 is connected to the Internet, and somewhere across the Internet is Google’s DNS server with the IP address 8.8.8.8. So, let’s go on to PC1, a Windows PC, and check out how DNS works. Here’s the CLI of PC1, the Windows command prompt. I used the command IPCONFIG /ALL to display various info for PC1. You should remember this command, ‘verify IP parameters for client operating systems’ is actually a CCNA exam topic. I’ll probably make a separate video to cover that exam topic, but we’ll cover a few Windows commands in this video. So, here’s some of the information displayed. Note that there is also the command IPCONFIG without the /ALL, but it doesn’t display what I want to show you, which is the DNS server of 8.8.8.8 which I configured here on PC1. As I said in the previous slide, end hosts will usually automatically learn which DNS server to use via the protocol DHCP. However we haven’t covered that yet in the course, so I manually configured PC1 to use Google’s DNS server 8.8.8.8. Let’s see how DNS works. I used the command NSLOOKUP youtube.com. I briefly showed you the NSLOOKUP command in the NTP video, it stands for ‘Name Server Lookup’. It tells the device to ask its DNS server for the IP address of the specified name. As we saw before, PC1 is using Google’s DNS server at 8.8.8.8. Here’s the answer from Google’s DNS server. Youtube.com’s IPv4 address is 172.217.25.110, and its IPv6 address is displayed also. So I tried a ping, specifying the name instead of IP address. The name ‘youtube.com’ is then converted to an IP address, and PC1 is able to ping the IP address. Note that you don’t have to use the NSLOOKUP command before sending the ping. If your device doesn’t know the correct IP address it will automatically ask the server. I just used NSLOOKUP to demonstrate the command. Let me show you visually. To learn the IP address of youtube.com, PC1 sends a DNS query message to its configured DNS server, 8.8.8.8. Then the DNS server replies, telling PC1 that the IP address is 172.217.25.110. What’s the role of R1 in this exchange? In this case, R1 isn’t acting as a DNS server or client. It is simply forwarding packets. So, no DNS configuration is required on R1. That’s an important point. Often there’s simply no need to do any DNS configuration on routers. They just need to perform their job of routing network traffic. However, a Cisco router can act as a DNS server and client, so I’ll show you how to configure that later in this video. I used Wireshark to capture the traffic from that NSLOOKUP command. There are four messages. Here’s the first one. It’s from source 192.168.0.101, PC1, to destination 8.8.8.8, Google’s DNS server. Under ‘info’ it says standard query, so this is a standard DNS query message, a request to the server. Notice this part here, ‘A youtube.com’. I’ll tell you in a minute what that ‘A’ means. Here’s the next message, from Google’s DNS server 8.8.8.8 to PC1, 192.168.0.101. Under ‘info’ it says standard query response. So this is a response to PC1’s query. And here it says A youtube.com A 172.217.25.110. Notice that it’s an IPv4 address. Now here’s the next message, again a standard query from 192.168.0.101 to 8.8.8.8. This time it says AAAA, which we call quadruple A, youtube.com. And here’s the standard query response. Quadruple A youtube.com, quadruple A, followed by an IPv6 address. So, can you guess what ‘A’ and ‘quadruple A’ stand for? DNS ‘A’ records are used to map names to IPv4 addresses. In the first query message, PC1 asked the DNS server for the A record of youtube.com, so the DNS server responded with an IPv4 address. DNS ‘quadruple A’ records are used to map names to IPv6 addresses. In the second query message, PC1 asked the DNS server for the quadruple A record of youtube.com, so the server responded with an IPv6 address. Now let’s briefly look inside of that first query. Here’s Layer 4, which protocol is used? It’s UDP. Remember, DNS uses both TCP and UDP, so why is UDP used here? Standard DNS queries and responses typically use UDP. TCP is used for DNS messages greater than 512 bytes. In either case, UDP or TCP, the port number is 53. You don’t have to know the details of when TCP would be used, just remember that standard DNS queries and responses like these will usually use UDP, and remember that number, 512 bytes. If you’d like to know the details, try a google search for ‘DNS TCP UDP’, you’ll find lots of great resources. Finally, down here is the UDP query itself, asking for the A record of youtube.com. As I’ve said before, Wireshark is a very useful tool not just for studying, but it also has many real-world on-the-job uses. If you have some time I recommend downloading it and checking out some of the network traffic your computer is sending and receiving. Moving on, let me introduce the DNS cache. Devices will save the DNS server’s responses to a local DNS cache. This means they don’t have to query the server every single time they want to access a particular destination. This saves a lot of unnecessary network traffic. So, to view the DNS cache on a Windows PC use the command IPCONFIG /DISPLAYDNS. Here’s the record for youtube.com. However look at the record type. It’s not A or quadruple A, it’s CNAME, and it lists another domain name. CNAME, canonical name, is another kind of DNS record that basically maps a name to another name. I looked in the DNS cache for that other domain name, and here’s the A record with that same IPv4 address, 172.217.25.110. So, as you can see there are some complexities to DNS. DNS is a very important part of the Internet and is interesting to study, but once again for the CCNA you just need to know the basics. Here’s one more command in the Windows command prompt, you can clear the DNS cache with the command IPCONFIG /FLUSHDNS. It says the DNS resolver cache was flushed, and now when I use IPCONFIG /DISPLAYDNS, nothing is displayed. If I try to access youtube.com again, for example, PC1 will have to send another DNS query to the DNS server to learn the IP address again. Before moving on to R1, here’s one more point about these PCs. In addition to a DNS cache, most devices have a ‘hosts’ file which is simply a list of hosts and IP addresses. In Windows it’s in the C:\Windows\System32\drivers\etc folder, and the name is simply ‘hosts’. Let’s see what’s in that file. In Windows it looks like this. By default there are no hosts listed, however here on PC1 I added an entry for R1 simply by typing the IP address, a space, and then the host name. I then returned to the command prompt and entered PING R1, and PC1 was able to ping R1 because it had an entry in its hosts file. This isn’t DNS, it’s a simple alternative to DNS. A long time ago before DNS was invented, host files like this were used. In modern days a hosts file might be used in a small network to list some hosts on the local network if necessary, however DNS is a much better solution. Okay, so I hope that gave you a general understanding of how DNS works. A client wants to access something using a name, such as accessing a website like youtube.com. But in order to access the website, it needs to know the IP address of the destination. To learn the IP address, the client sends a query to a DNS server, which informs it of the IP address. Now let’s look at how to configure DNS in Cisco IOS, using R1 as an example. Let me repeat, for hosts in a network to use DNS, you don’t need to configure DNS on the routers. They will simply forward the DNS messages like any other packets. However, the Cisco router itself can be configured as a DNS server, although it’s rare. If an internal DNS server is used, usually it’s a Windows or Linux server. By ‘internal’ I mean a DNS server in the local network, not a public server like Google’s. Also, a Cisco router can be configured as a DNS client, so you can execute PING and other commands using names instead of IP addresses. Here’s how to configure a router as a DNS server. First, you should use the command IP DNS SERVER from global config mode. This configures the router to act as a DNS server. If a client sends a DNS query to R1, R1 will respond if it has the requested record. However, for that to work R1 needs to have some records. Use the IP HOST command, followed by the host name and the IP address, to build a host table on R1. I configured entries for R1 itself, PC1, PC2, and PC3. Next, it’s a good idea to configure an external DNS server for R1 to use. R1 will query this server if it doesn’t have a requested record in its own table. I configured R1 to use Google’s DNS server at 8.8.8.8. I’ll demonstrate how this works in a minute. The final command is IP DOMAIN LOOKUP. This enables R1 to perform DNS queries. If this command isn’t enabled, R1 won’t be able to query Google’s DNS server. However, this command is enabled by default, so usually you won’t have to configure it. By the way, a lot of resources teach an old version of the command, which is IP DOMAIN ‘hyphen’ LOOKUP. This is the old version of the command, however modern IOS versions still support it. You should probably know both versions, with and without the hyphen. So, that’s how you configure a router to be a DNS server. Now let me demonstrate how it works. So let’s say PC1 wants to ping PC2. By the way, I configured PC1 to use R1 as its DNS server, instead of Google. So I issue the PING PC2 command on PC1, however note that I used ‘hyphen n 1’ to send only a single ping, for the purpose of this demonstration. PC1 doesn’t have an entry for PC2 in its own host table, so it has to use DNS to learn the IP address of PC2. It sends a query to its DNS server R1, asking ‘What’s the IP address of PC2?’. R1 has an entry for PC2, I just configured it in the last slide using the IP HOST command, so it replies to PC1’s query. Finally PC1 sends the ping to PC2, PC2 sends a reply, and the process is over. Now PC1 has entry for PC2 in its DNS cache, so if I issue the PING PC2 command again it won’t have to perform a DNS query, it already knows PC2’s IP address. Okay I’ve added the YouTube server to the diagram. This time, I issued the command PING YOUTUBE.COM -N 1. So let me walk through that process again. Before PC1 can actually send the ping, it has to know the IP address of youtube.com, so it sends a query to its DNS server, R1. However, R1 doesn’t have an entry for youtube.com. What does it do? Remember I used the IP NAME-SERVER 8.8.8.8 command on R1, so R1 can send queries to Google’s DNS server. That’s what it does, it sends a DNS query to 8.8.8.8. Google’s server replies, telling R1 the IP address of youtube.com. Now R1 is able to reply to PC1’s query, telling it the IP address of youtube.com. Finally PC1 is able to send the ping to YouTube, and YouTube sends the reply. Sorry for the messy diagram, but I hope that helps you understand how this works. R1 acts as a DNS server for PC1, but if it doesn’t have an entry for a record that PC1 requests, it acts as a DNS client and asks Google’s DNS server for the record. To view both the configured hosts, as well as the hosts learned and cached via DNS, use the command SHOW HOSTS. For example, here you can see the cached entry for youtube.com that R1 learned from Google’s DNS server. Notice in the ‘flags’ column it says ‘temp’, for temporary. Because this entry was learned via DNS it is not permanent. If it expires it will have to be re-learned. These manually configured entries, however, are permanent as displayed in the flags column. Next, here’s how to configure a Cisco router as a DNS client. Basically, two of the commands I already showed you are used to configure a router to act as a DNS client. So, to demonstrate this I deleted all DNS settings from R1. Then I tried to ping youtube.com, but it didn’t work. R1 wasn’t able to translate ‘youtube.com’ to an IP address. Then I used the command IP NAME-SERVER 8.8.8.8, configuring R1 to use Google’s DNS server. I also used the command IP DOMAIN LOOKUP. Once again, this command is enabled by default so you don’t actually have to enter it, but make sure you know it. Then I tried the ping again and it worked. So, we have configured R1 as a DNS client. However, this time it is not a DNS server. If PC1 tries to use R1 as a DNS server, R1 will not reply to PC1’s queries. Now there is one more optional command that you can use. That is the IP DOMAIN NAME command, I specified jeremysitlab.com as R1’s domain. You’ve probably heard the term ‘domain’ or ‘domain name’ before, actually I think I’ve mentioned it a few times in this video. Names like ‘google.com’ and ‘jeremysitlab.com’ are domain names, and they define a realm or area of administrative control in the Internet. For example, the domain name ‘google.com’ tells us that Gmail at ‘mail.google.com’, this server ’dns.google.com’, Google’s NTP servers at ‘time.google.com’ all fall under Google’s administration and control. When this command is applied, this will be a default domain name applied to all hostnames without a specified domain name. For example, the command PING PC1 will actually become PING PC1.JEREMYSITLAB.COM. Like the IP DOMAIN LOOKUP command, there is an older version with a hyphen between DOMAIN and NAME. That old version is still supported in modern IOS, so you can use either. I will cover this command in a later video about SSH. SSH is a protocol that can be used to connect to the CLI of a device to configure it, but a domain name is needed to enable SSH. I’ll cover this command more in that video. For review, here are the commands I showed you in this video, both the commands you can use in the Windows command prompt and the Cisco IOS commands. If you don’t remember any of these commands, go back in the video to review. Before moving on to the quiz, let’s review what we covered in this video. First I introduced the purpose of DNS. Basically it enables the use of easy-to-remember names like google.com and youtube.com instead of IP addresses. DNS clients send queries to DNS servers, asking for the IP address of a particular name like youtube.com, and the server replies, telling it the IP address. Then I demonstrated some of the basic functions of DNS by using a Windows PC. I showed how it used Google’s DNS server to learn the IP address of youtube.com, and then it added that IP address to its own DNS cache. Finally I showed you how to configure a Cisco router to be a DNS server and a DNS client. As I have already said multiple times, in most cases you don’t need to configure DNS on a router. Usually you have a separate DNS server fill that role. However you still should know how to configure it. Make sure to watch until the end of the quiz for a bonus question from Boson Software’s ExSim for CCNA, the best practice exams for the CCNA. Okay, let’s go to question 1 of the quiz. Which of the following Windows command prompt commands will display the PC’s DNS server? (select two). Here are the commands. Pause the video now to find the correct answers, select two. The correct answers are B, IPCONFIG /ALL and D, NSLOOKUP. Both of these commands will show the DNS server that is configured on the PC. A, IPCONFIG displays things like the PC’s IP address, subnet mask, and default gateway, but not details like the DNS server. C, IPCONFIG /DISPLAYDNS shows the PC’s DNS cache, but not the DNS server address. Although the CCNA is focused on the Cisco CLI, of course, verifying parameters on client operating systems is now a CCNA exam topic so I think it’s a good idea to know some Windows commands. Okay let’s go to question 2. Which of the following statements about DNS are true? (select two). Here are the options. Pause the video now to find the correct answers, select two. The correct answers are B and D. DNS ‘A’ records map hostnames to IPv4 addresses, so B is correct. And a Cisco router can be both a DNS server and a DNS client at the same time, so D is correct. A is incorrect because messages greater than 512 bytes in size are sent using TCP, not UDP. UDP is used for messages 512 bytes or less in size. As for C, quadruple A records, not triple A records, map hostnames to IPv6 addresses. Okay let’s go to question 3. PC1 is configured to use an external server, 8.8.8.8, as its DNS server. What DNS command is necessary on R1 to enable this? Here are the options. Pause the video to think about the answer. The answer is D. No DNS configurations are needed on R1. To forward DNS queries and replies between clients and servers, a router doesn’t need any DNS configurations. It will simply forward the packets as normal. Okay let’s go to question 4. Which of the following Cisco IOS commands shows the cached name/IP address mappings learned via DNS? Here are the commands. Pause the video to think about the answer. The answer is A, SHOW HOSTS. It displays both the hosts learned via DNS as well as the manually configured host entries. B and D are not real commands, and C is the command for Windows, not for Cisco IOS. Okay, let’s go to question 5. Which of the following protocols can hosts use to automatically learn the address of their DNS server? Here are the options. Pause the video to think about your answer. The answer is C, DHCP. Dynamic Host Configuration Protocol allows hosts to learn various parameters such as their IP address and subnet mask, default gateway, and DNS server. DHCP will be covered in another video. Okay, that’s all for the quiz. Now let’s take a look at a bonus question from Boson Software’s ExSim for CCNA. Okay here's today's Boson ExSim practice question. A web browser on HostA sends an HTTP request to WWW_server. This is the first time HostA has ever sent a request to WWW_server. HostA does not use a hosts files. With which of the following devices does HostA establish a TCP connection in this scenario? Select the best answer. Here are the options. A, only DNS_server and WWW_server. B, DNS_server, Default_GW, and WWW_server. C, only Default_GW and WWW_server. Or D, only WWW_server. Okay pause the video now to find the correct answer. Okay let's check. First, does HostA established a TCP connection with Default_GW? No, it does not. This router simply forwards traffic between the devices, but HostA is not trying to access something on this router so there's no need to establish a TCP connection. How about with DNS_server? So it says this is the first time HostA has ever sent a request to WWW_server. So that means it has no entry in its DNS cache for this web server. And HostA also does not use a hosts file, so HostA has to contact the DNS server to learn the IP address of the web server. So, to learn the IP address from the DNS server, does it use TCP? Does it establish a TCP connection? The answer is no. As I said in this video, standard DNS queries and responses use UDP, not TCP. So there's no need to establish a TCP connection with this DNS server. Finally, how about the web server? Does it establish a TCP connection? Yes, a web browser on HostA sends an HTTP request to the web server. HTTP uses TCP port 80, so HostA must establish a TCP connection with the web server. So that means the answer is D, only WWW_server. Click on show answer and there it is, correct. So here is Boson's explanation. You can pause the video to read it, and I recommend you do. They also have a reference to some documentation from Microsoft, explaining DNS and how it works on both TCP and UDP. Okay so that's Boson ExSim for the CCNA. These are by far the best practice exams for the CCNA. If you want to get Boson ExSim, please follow the link in the video description. There are supplementary materials for this video. There is a flashcard deck to use with the software ‘Anki’. There will also be a packet tracer practice lab so you can get some hands-on practice. That will be in the next video. Sign up for my mailing list via the link in the description, and I’ll send you all of the flashcards and packet tracer lab files for the course. Before finishing today’s video I want to thank my JCNP-level channel members. To join, please click the ‘Join’ button under the video. Thank you to Donald, C Mohd, Gustavo, Anthony, Biraj, Junhong, Njabulo, Benjamin, Tshepiso, Justin, Prakaash, Nasir, Erlison, Apogee, Marko, Daming, Jhilmar, Ed, Value, John, Funnydart, Velvijaykum, Mark, Yousif, Boson Software, Devin, Lito, Yonatan, and Vance. Sorry if I pronounced your name incorrectly, but thank you so much for your support. This is the list of JCNP-level members at the time of recording by the way, January 11th 2021. If you signed up recently and your name isn’t on here don’t worry, you’ll be in future videos. Thank you for watching. Please subscribe to the channel, like the video, leave a comment, and share the video with anyone else studying for the CCNA. If you want to leave a tip, check the links in the description. I'm also a Brave verified publisher and accept BAT, or Basic Attention Token, tips via the Brave browser. That's all for now.