SANS (Sockets Acquisition Name Servers) is a protocol and system used to maintain and access databases containing hostname to IP address mappings. It is a critical part of the Internet’s Domain Name System (DNS) infrastructure.
The SANS protocol consists of 6 key steps that allow clients to query name servers for hostname information and receive the corresponding IP address. Understanding these 6 steps provides insight into how the DNS system works under the hood.
Step 1: Client Queries Local Name Server
The first step occurs when a client device, such as a computer, needs to determine the IP address associated with a hostname. The client first queries the local DNS name server provided by the Internet Service Provider (ISP) or local network.
For example, a client trying to access example.com would send a query to the local name server asking for the IP address of example.com. The local name server functions as the first point of contact when a client needs to resolve a hostname.
Step 2: Local Name Server Checks Cache
When the local name server receives the query from the client, the next step is to check its cache for the requested hostname record.
A name server cache stores hostname to IP address mappings that have previously been resolved. If the local name server has recently looked up the IP for example.com, then the requested mapping will exist in the cache.
If found in cache, the local name server immediately returns the IP address to the client that initiated the query. This provides very fast hostname resolution, as the mapping does not have to be looked up again.
Step 3: Query Recursive Name Server
If the hostname record does not exist in the local name server’s cache, the next step is to send a recursive query to another DNS server.
A recursive query asks the other name server to fully resolve the hostname, not just provide information from its local cache.
The local name server usually forwards recursive queries to a DNS server run by the ISP. The ISP DNS server holds a more complete cache and has access to authoritative name servers for top-level domains.
Step 4: Recursive Name Server Performs Lookup
When the recursive name server receives the query from the local name server, it will then look in its cache for the mapping.
If not found in cache, the recursive name server will then perform a series of lookups to fully resolve the hostname.
For example, for example.com, it would query the root name servers for the .com TLD server IP address, then query the .com TLD server for the example.com authoritative name server IP address. Finally, it would query the example.com authoritative name server to get the IP address for example.com.
This recursive process contacts different authoritative name servers until the hostname IP mapping is found. The recursive name server cache stores each lookup result, allowing it to skip certain steps for future queries.
Step 5: Return Result to Local Name Server
Once the recursive name server resolves the hostname and finds the IP address from the authoritative source, it returns the result to the local name server that sent the initial recursive query.
At this point, the hostname record has been fully resolved by the recursive name server. It has chased down the lookup through the DNS hierarchy to find the ultimate IP address result.
Step 6: Local Name Server Returns IP to Client
In the final step, the local name server sends the IP address back to the client that initiated the request.
The client device now has the IP it needs to connect to the hostname. The local name server also caches the new hostname record to improve speed for subsequent requests.
This 6 step process outlines the basic sequence of lookups and queries necessary for a client to resolve a hostname using the DNS and SANS system. Multiple specialized name servers work together to provide the final IP address that enables communication over the Internet.
SANS Caching Optimizes Performance
Caching is a key performance optimization used at multiple stages of the SANS process. Caching reduces the load on authoritative name servers and speeds up subsequent related requests.
Without caching, every lookup would start from scratch by querying the root name servers. This would create a huge bandwidth burden.
Local name servers cache individual records to avoid repeated requests to recursive name servers. Recursive name servers also cache results to bypass recursive lookups for recently resolved hostnames.
As a result, popular hostnames can be resolved in just a few steps given sufficient cache hits at different name servers. Caching makes SANS an efficient system.
Load Balancing Handles High Traffic
Load balancing is another important performance factor for SANS in high traffic scenarios.
Authoritative name servers typically employ multiple servers and distributed architectures. This provides redundancy and ensures uptime during network failures or denial of service attacks.
In addition, the load balancing enables authoritative name servers to handle the incredible number of DNS queries hitting popular sites. Load balancers route traffic across many IP addresses.
Caching Risks and DNS Propagation Delays
While caching boosts performance, it also comes with two potential downsides:
– Stale data risks due to cached entries persisting past their freshness period. Caches are typically set to expire after a defined TTL (Time To Live). But on rare occasions stale data may be returned.
– Propagation delays on new DNS records. It takes time for new or updated DNS records to propagate out from authoritative name servers to local caches around the world. So changes are not effective immediately.
System administrators should be aware of these risks when making DNS changes and not expect instant worldwide activation. Caching is a trade-off that optimizes speed of the most common queries.
Conclusion
In summary, the 6 steps of SANS provide a reliable and efficient system for hostname resolution that underpins communication over the Internet. The steps involve specialized name servers querying each other to ultimately find and return the IP address to the requesting client.
Caching optimizations and load balancing capabilities enable SANS to work at the massive scale required for modern Internet traffic. Understanding the basics of how SANS functions provides insight into this critical backbone of Internet infrastructure.
