Chapter 4 ■ SoCket NameS aNd dNS
68
to DNS. On my Ubuntu laptop, for example, the /etc/hosts file is checked first on every single hostname lookup.
Then a specialized protocol called multicast DNS is used, if possible. Only if that fails or is unavailable is full-blown
DNS cranked up to answer the hostname query.
To continue our example, imagine that the name http://www.python.org is not defined locally on your machine and has
not been queried recently enough to be in any local cache on the machine where you are running your web browser.
In that case, the computer will look up the local DNS server and, typically, send it a single DNS request packet
over UDP.
Now the question is in the hands of a real DNS server. For the rest of this discussion, I will call it “your DNS
server,” in the sense “the particular DNS server that is doing hostname lookups for you.” Of course, the server itself
probably belongs to someone else, like your employer or your ISP or Google, and is therefore not actually yours in the
sense of your owning it.
The first act of your DNS server will be to check its own cache of recently queried domain names to see whether
http://www.python.org has already been checked by some other machine served by the DNS server in the last few minutes
or hours. If an entry is present and has not yet expired (and the owner of each domain name gets to choose its
expiration timeout because some organizations like to change IP addresses quickly if they need to, while others
are happy to have old IP addresses linger for hours or days in the world’s DNS caches), then it can be returned
immediately. But imagine that it is morning and you are the first person in your office or in the coffee shop to try
talking to http://www.python.org today, so the DNS server has to go find the hostname from scratch.
Your DNS server will now begin a recursive process of asking about http://www.python.org at the top of the world’s
DNS server hierarchy, the “root-level” name servers that know all of the top-level domains (TLDs) like .com, .org,
.net, and which know the groups of servers that are responsible for each. Name server software generally comes
with the IP addresses of these top-level servers built in, so as to solve the bootstrapping problem of how you find any
domain name servers before you are actually connected to the domain name system. With this first UDP round-trip,
your DNS server will learn (if it did not know already from another recent query) which servers keep the full index of
.org domain.
Now a second DNS request will be made, this time to one of the .org servers, asking who runs the
python.org domain. You can find out what those top-level servers know about a domain by running the whois
command-line program on a POSIX system or use one of the many “whois” web pages online if you do not have the
command installed locally.
$ whois python.org
Domain Name:PYTHON.ORG
Created On:27-Mar-1995 05:00:00 UTC
Last Updated On:07-Sep-2006 20:50:54 UTC
Expiration Date:28-Mar-2016 05:00:00 UTC
...
Registrant Name:Python Software Foundation
...
Name Server:NS2.XS4ALL.NL
Name Server:NS.XS4ALL.NL
And that provides our answer! Wherever you are in the world, your DNS request for any hostname within
python.org must be passed on to one of the two DNS servers named in that entry. Of course, when your DNS server
makes this request to a top-level domain name server, it does not really get back only two names like those just given.
Instead, it is also given their IP addresses so that it can contact them directly without incurring another expensive
round of DNS lookups.
Your DNS server is now finished talking to both the root-level DNS server and the top-level .org DNS server, and
it can communicate directly with NS2.XS4ALL.NL or NS.XS4ALL.NL to ask about the python.org domain. In fact, it
will try one of them and then fall back to trying the other if the first one is unavailable. This increases the chances of
you getting an answer, but, of course, a failure will increase the amount of time that you sit there staring at your web
browser before the page can actually be displayed.