Understanding the Purpose of Host Names
In TCP/IP based networks, the packets that are transmitted over the network contain the following IP addresses:
The IP address of the computer sending the packet
-
The IP address of the destination computer intended to receive the packet.
The IP address information is used to forward the packet to the destination computer. The IP addresses of computers therefore have to be both unique and correct so that they can be forwarded to the correct destination.
IP addresses also contain the following important information:
-
Network address or ID
-
Host address or ID.
What is a host name then? A host name is assigned to a computer to identify a host in a TCP/IP network. The host name can be described as being the alias that is assigned to a node, to identify it.
A few characteristics of host names are listed below:
-
Host names are assigned to computers by administrators.
-
The host name specified for a computer does not need to correspond to the Windows 2000 or Windows Server 2003 computer name or NetBIOS computer name.
-
More than one host name can be assigned to the same host.
-
The maximum length of a host name is 255 characters.
-
The host name can consist of both alphabetic characters and numeric characters.
-
A host name can be defined in a number of ways. The more common methods used are:
-
A nickname: This is an alias to an IP address which individuals can assign and utilize.
-
A domain name: This is a set structured name that adheres to Internet standards.
-
WinSock applications utilize the IP address of the host name for a connection to be established. Name resolution is not needed if the IP addresses are used to establish connections. However, because host names are simpler to remember than IP an address, the host name is typically used instead of the IP addresses. This is especially evident with TCP/IP applications.
When the host name is used, and not the IP address, the host name has to be resolved to an IP address for IP communication to occur. This is known as host name resolution. A host name must match to an IP address that is located in a DNS server database, or in a Hosts file.
Host Name Resolution in Windows
Each network needs a mechanism that can resolve host names to IP addresses. Name resolution has to occur whenever the host name is used to connect to a computer and not the IP addresses. For instance, when a server name is used to access a resource, the computer resolves that name to an IP address. Host name resolution resolves the host name to an IP address. This has to occur so that the IP address can be resolved to the hardware address for TCP/IP based communication to occur.
With the introduction of Windows 2000, came support for several different name resolution mechanisms:
-
LMHOSTS files
-
Network broadcasts
-
NetBIOS name cache
-
Windows Internet Naming Service (WINS)
-
Active Directory service
Network broadcasts and LMHOSTS files were generally utilized in the earlier versions of Windows NT. Windows Internet Naming Service (WINS) is generally used in Windows NT 4. Prior to Windows 2000, NetBIOS names identified computers on the network. With the introduction of Windows 2000, came the introduction of Active Directory. Active Directory uses the Domain Name System (DNS) for name registration and name resolution.
With the introduction of Windows Server 2003, DNS name resolution is used over NetBIOS name resolution. The DNS Client service handles name resolution. It first submits all name resolution tasks to DNS. If DNS name resolution cannot occur, the DNS Client service submits the name to NetBIOS.
The common methods used to resolve host names are listed below:
-
NetBIOS name resolution: This is the process of mapping the NetBIOS name of the computer to an IP address. With NetBIOS, communication occurs between NetBIOS hosts via name discovery, name registration, and name release.
-
HOSTS file: This is a text file that includes the host names to IP addresses mappings. The HOSTS file is stored locally.
-
DNS server: DNS resolves host names and fully qualified domain names (FQDNs) to IP addresses in TCP/IP networks. The DNS server manages a database of host name to IP address mappings. This is the primary method used for name resolution in Windows Server 2003.
For DNS name resolution, the mechanisms that can be used are:
-
The local DNS client cache can be used to perform a name lookup.
-
A DNS server query.
For NetBIOS name resolution, the mechanisms that can be used are:
-
The local NetBIOS name cache can be used to perform a name lookup.
-
WINS server query
-
NetBIOS broadcasts to query the local network.
-
The local LMHOSTS file can be used to perform a name lookup
The HOSTS File
This is a text based file which contains host names to IP addresses mappings. TCP/IP applications mainly use the HOSTS file when a host name needs to be mapped to an IP address. The file can also be used resolve NetBIOS names. The HOSTS file is stored locally on a system, and is located on each computer.
A few characteristics of the HOSTS file are:
-
Multiple host names can be assigned to the identical IP address.
-
Each entry in the HOSTS file has an IP address that is associated with one or multiple host names.
-
Host name localhost is an entry in the HOSTS file, by default.
-
All frequently used names should be located close to the start of the file.
-
The entries in the HOSTS file for Windows 2000 operating systems are not case-sensitive.
-
The entries in the HOSTS file for Unix operating systems are case-sensitive.
How host names are resolved with a HOSTS file
-
A user utilizes a host name to connect to a Winsock application.
-
The system checks whether the host name is the same as the local host name.
-
The name is resolved if the two names match.
-
The HOSTS file is parsed if the host name is not the same as the local host name.
-
The host name is resolved to its associated IP addresses if it is found in the HOSTS file.
-
The IP address of the destination host is then resolved to its hardware address.
-
If the destination host is located on the local network, either of the following methods is used to obtain the hardware address:
-
The hardware address is retrieved from the ARP cache
-
The IP address of the host is broadcast for its hardware address
-
-
If the destination host is located on a remote network, the hardware address of a router is obtained so that the request can be routed.
In instances where the host name cannot be resolved to an IP address in the HOSTS file, and this is the only host name resolution method that is configured, an error message is returned to the user that initiated the request.
How host names are resolved with a DNS server
-
When a user enters a host name or a fully qualified domain name (FQDN), host name resolution is initially attempted through the HOSTS file.
-
If the host name could not be resolved to an IP address through the HOSTS file name resolution method, the DNS server is used.
-
The request is transmitted to the DNS server to perform a lookup of the name in its database, to resolve it to an IP address.
-
The DNS server resolves the host name to IP address.
-
The hardware address is obtained next.
-
If the destination host is located on the local network, the hardware address is obtained from the ARP cache, or viabroadcasting of the IP address.
In instances where the DNS server does not respond to the initial request, the DNS server is tried again at 1, 2, 2, and 4 second intervals. If after all these attempts the DNS fails to responds, and no other name resolution mechanisms exist, an error message is returned to the user that initiated the request.
The Recommended Method for Resolving Host Names to IP Addresses
You can configure a number of methods to resolve host names to IP addresses. You can specify the use of a DNS server, name resolution via the HOSTS file or with a DNS server, network broadcast, WINS server, and through LMHOSTS. When you configure numerous mechanisms for host name resolution, you are essentially providing a backup strategy for your name resolution process. When one method fails to resolve the host name to IP address, another method is used.
Only after each of the configured name resolution mechanisms fail to yield a host name to IP address mapping, does the specific IP address need to be provided to service the request.
The recommended process for resolving host names to IP addresses is illustrated below:
-
The user specifies a host name and not the associated IP address in the request.
-
Windows first determines whether the host name provided is the identical name as the local host name.
-
The name is resolved if the two names match.
-
The HOSTS file is parsed if the two names are not the same.
-
If the host name exists in the HOSTS file, it is resolved to its IP address.
-
When the host name does not exist in the HOSTS file, the request is sent to the DNS server for name resolution.
-
The host name is resolved if the DNS server contains the host name to IP address mapping in its database.
-
If the DNS server does not respond to the initial request for name resolution, the request is attempted again at 1, 2, 2, and 4 second intervals.
-
When the DNS server cannot resolve the host name into an IP address, the host next checks whether the host name exists in its local NetBIOS name cache.
-
The host name is resolved to an IP address if it is located in the local NetBIOS name cache.
-
If the host name cannot be located in the NetBIOS name cache, the NetBIOS name server is contacted for name resolution.
-
When the NetBIOS name server cannot resolve the host name to an IP address, the host then transmits three broadcast messages on the local network.
-
Name resolution takes place if the host name exists on the local network.
-
When the host name cannot be resolved through broadcasting on the local network, the next check that occurs is the parsing of the local LMHOSTS file.
-
The host name is resolved into an IP address if it is located in the local LMHOSTS file.
-
If the host name cannot resolved into an IP address after all the above methods have been attempted, the user has to provide the IP address.
Follow Us!