1 00:00:00,240 --> 00:00:01,710 In this video, I'm going to take you 2 00:00:01,710 --> 00:00:03,570 a little bit inside of the network 3 00:00:03,570 --> 00:00:06,150 and we're going to use a tool called Packet Tracer from Cisco. 4 00:00:06,150 --> 00:00:07,770 So we can actually watch the packets 5 00:00:07,770 --> 00:00:09,450 and then see exactly what's going to happen 6 00:00:09,450 --> 00:00:11,160 as packets go across the network 7 00:00:11,160 --> 00:00:12,810 when we do our DNS resolution 8 00:00:12,810 --> 00:00:14,790 to be able to pull up a website. 9 00:00:14,790 --> 00:00:15,900 When we go in the environment, 10 00:00:15,900 --> 00:00:18,840 you can see that on my left side I have a sample network. 11 00:00:18,840 --> 00:00:21,000 I have a client and I have a local DNS server 12 00:00:21,000 --> 00:00:22,830 both attached to switch zero, 13 00:00:22,830 --> 00:00:25,650 then those attached to that company's router. 14 00:00:25,650 --> 00:00:27,630 That company's router has a serial connection, 15 00:00:27,630 --> 00:00:30,300 indicated in red, that's connecting to an internet router. 16 00:00:30,300 --> 00:00:32,070 And this would usually be shown as a big cloud 17 00:00:32,070 --> 00:00:33,780 with a lot of different routers and switches 18 00:00:33,780 --> 00:00:36,750 in the real world because the internet's a big place. 19 00:00:36,750 --> 00:00:39,360 But in this case, I'm just going to use one router, 20 00:00:39,360 --> 00:00:41,820 so I can use that as my sample internet. 21 00:00:41,820 --> 00:00:43,080 In that internet router 22 00:00:43,080 --> 00:00:44,910 or in that internet cloud, if you will, 23 00:00:44,910 --> 00:00:46,560 there is also a DNS server there. 24 00:00:46,560 --> 00:00:48,180 This is the root DNS server. 25 00:00:48,180 --> 00:00:50,340 So when you think about something like the .com domain 26 00:00:50,340 --> 00:00:53,670 or the .net domain, that's what we're talking about here. 27 00:00:53,670 --> 00:00:54,750 Now off to the right, 28 00:00:54,750 --> 00:00:56,490 you'll see there's the Dion Training router. 29 00:00:56,490 --> 00:00:58,200 Now this is our border gateway router 30 00:00:58,200 --> 00:00:59,640 that's connected to the internet 31 00:00:59,640 --> 00:01:02,100 so when your company tries to access our company, 32 00:01:02,100 --> 00:01:03,180 it goes over the internet 33 00:01:03,180 --> 00:01:04,590 and goes from your company's router 34 00:01:04,590 --> 00:01:05,880 through a bunch of internet routers 35 00:01:05,880 --> 00:01:08,250 and eventually to the Dion Training router. 36 00:01:08,250 --> 00:01:09,600 Now, the Dion Training router 37 00:01:09,600 --> 00:01:12,510 is then connected to our internal switch, known as Switch 1, 38 00:01:12,510 --> 00:01:15,510 and that has two devices hanging off of it that you can see. 39 00:01:15,510 --> 00:01:17,070 One is at the bottom of the screen 40 00:01:17,070 --> 00:01:18,683 called authority.diontraining.com. 41 00:01:19,555 --> 00:01:21,750 This is our internal DNS server. 42 00:01:21,750 --> 00:01:24,840 And then up top you have server.diontaining.com 43 00:01:24,840 --> 00:01:27,480 which is acting as a web server in this example. 44 00:01:27,480 --> 00:01:28,920 All right, the first thing I want to show you 45 00:01:28,920 --> 00:01:32,160 is that all of these DNS servers right now have empty caches 46 00:01:32,160 --> 00:01:33,240 because I haven't done anything 47 00:01:33,240 --> 00:01:34,740 and it's a brand new network. 48 00:01:34,740 --> 00:01:36,840 So if I click in here and go to services, 49 00:01:36,840 --> 00:01:40,170 you can see under DNS that I have a couple of records here, 50 00:01:40,170 --> 00:01:42,570 and under my cache it is completely empty. 51 00:01:42,570 --> 00:01:43,560 If it had something in there, 52 00:01:43,560 --> 00:01:45,750 I could clear the cache from here. 53 00:01:45,750 --> 00:01:48,300 Next, we're going to look at the root DNS server, 54 00:01:48,300 --> 00:01:50,400 and I'm going to look at its DNS cache as well 55 00:01:50,400 --> 00:01:52,473 and see that it is also clear. 56 00:01:53,340 --> 00:01:54,780 Finally, I want to look at 57 00:01:54,780 --> 00:01:57,060 the Dion Training authority DNS server 58 00:01:57,060 --> 00:02:00,360 and I'm going to look at that and see again that it's clear. 59 00:02:00,360 --> 00:02:03,870 All right, so what happens when you, as a client, 60 00:02:03,870 --> 00:02:06,210 want to go to diontraining.com? 61 00:02:06,210 --> 00:02:08,190 Well, you're going to go onto your client 62 00:02:08,190 --> 00:02:10,259 and you are going to end up hitting desktop 63 00:02:10,259 --> 00:02:11,850 and go to your web browser. 64 00:02:11,850 --> 00:02:12,690 Just like you would at home, 65 00:02:12,690 --> 00:02:14,310 you'd open up Google Chrome or Safari, 66 00:02:14,310 --> 00:02:15,420 or something like that 67 00:02:15,420 --> 00:02:17,100 and we're just going to type in what we want to go to, 68 00:02:17,100 --> 00:02:20,340 in this case diontraining.com, and then hit Go. 69 00:02:20,340 --> 00:02:21,960 Now because this is a packet tracer, 70 00:02:21,960 --> 00:02:24,720 I'm going to step-by-step through each and every packet 71 00:02:24,720 --> 00:02:26,610 as it moves across the network. 72 00:02:26,610 --> 00:02:29,250 You can see when I hit Go two packet showed up, 73 00:02:29,250 --> 00:02:31,950 one with that brownish color and one with the green. 74 00:02:31,950 --> 00:02:32,783 So what I'm going to do 75 00:02:32,783 --> 00:02:34,410 is I'm going to minimize the client right now 76 00:02:34,410 --> 00:02:35,243 because it's going to take 77 00:02:35,243 --> 00:02:36,750 a lot of packets going back and forth 78 00:02:36,750 --> 00:02:39,060 before we actually see anything in this web browser. 79 00:02:39,060 --> 00:02:40,170 And I want you to see what I have 80 00:02:40,170 --> 00:02:41,610 on the right side of the screen. 81 00:02:41,610 --> 00:02:43,590 This is a list of all of the different clients 82 00:02:43,590 --> 00:02:45,720 and the different packets going back and forth. 83 00:02:45,720 --> 00:02:49,560 So at time 0.0 you can see there was no last device, 84 00:02:49,560 --> 00:02:52,140 but the first device here is it is at the client. 85 00:02:52,140 --> 00:02:53,880 So it created these new packets, 86 00:02:53,880 --> 00:02:56,340 we have a DNS packet and an ARP packet. 87 00:02:56,340 --> 00:02:58,020 Now why does this happen? 88 00:02:58,020 --> 00:02:59,220 Well, when the client 89 00:02:59,220 --> 00:03:01,530 wants to look up something through DNS, what does it do? 90 00:03:01,530 --> 00:03:04,200 It first checks its internal DNS cache. 91 00:03:04,200 --> 00:03:07,860 And here we can see that this one has no internal DNS cache, 92 00:03:07,860 --> 00:03:12,360 but we do have a DNS server of 10.0.0.3 that we want go to. 93 00:03:12,360 --> 00:03:15,570 Now, our default gateway is 10.0.0.1, 94 00:03:15,570 --> 00:03:17,100 and this particular client, 95 00:03:17,100 --> 00:03:21,960 it has an IP address of 10.0.0.2. 96 00:03:21,960 --> 00:03:25,920 So when it says I want to go to diontraining.com, 97 00:03:25,920 --> 00:03:28,890 it's first going to say, hey, I need to look this up in DNS. 98 00:03:28,890 --> 00:03:30,510 So I'm going to go to my DNS server, 99 00:03:30,510 --> 00:03:33,600 which is shown here as 10.0.0.3, 100 00:03:33,600 --> 00:03:36,510 which is this DNS server down at the bottom of the diagram. 101 00:03:36,510 --> 00:03:38,790 And you can see here it's on fast ethernet zero, 102 00:03:38,790 --> 00:03:42,630 its link is up, and it's 10.0.0.3/24, 103 00:03:42,630 --> 00:03:44,520 which is this particular DNS server. 104 00:03:44,520 --> 00:03:46,890 But my client doesn't know where that is yet 105 00:03:46,890 --> 00:03:49,590 because it only talks to things using Mac addresses. 106 00:03:49,590 --> 00:03:51,630 And since I've never talked to that DNS server before, 107 00:03:51,630 --> 00:03:53,790 'cause this is a brand new network I just created, 108 00:03:53,790 --> 00:03:55,140 it doesn't know where to go 109 00:03:55,140 --> 00:03:57,270 so it's going to send out an ARP packet, 110 00:03:57,270 --> 00:03:58,893 and that's why you see that green ARP packet. 111 00:03:58,893 --> 00:04:01,470 Now, as you can expect, that ARP packet 112 00:04:01,470 --> 00:04:04,320 is going to go from the Mac address of my client, 113 00:04:04,320 --> 00:04:09,320 and it's going to go to ff ff ff ff ff ff, 114 00:04:09,780 --> 00:04:12,000 which is the broadcast at layer two. 115 00:04:12,000 --> 00:04:14,100 So when that packet goes to the switch, 116 00:04:14,100 --> 00:04:15,780 which we're going to see here in a second, 117 00:04:15,780 --> 00:04:17,100 what is the switch going to do? 118 00:04:17,100 --> 00:04:19,560 It's going to broadcast it out to everybody. 119 00:04:19,560 --> 00:04:20,411 So we see that ARP packet 120 00:04:20,411 --> 00:04:23,490 going from the client to the switch. 121 00:04:23,490 --> 00:04:25,950 Once it gets to the switch, the switch is going to look at it 122 00:04:25,950 --> 00:04:30,540 and it's going to say, do I know who ff ff ff ff ff ff is? 123 00:04:30,540 --> 00:04:31,710 And in this case they do. 124 00:04:31,710 --> 00:04:33,240 It knows that it goes to the broadcast 125 00:04:33,240 --> 00:04:35,580 so it's going to send out every other switchboard it has. 126 00:04:35,580 --> 00:04:37,647 In this case, it's going to go to the company router 127 00:04:37,647 --> 00:04:39,570 and the local DNS server. 128 00:04:39,570 --> 00:04:42,450 They're going to receive that and inside that ARP packet, 129 00:04:42,450 --> 00:04:44,610 they're going to see, hey, is this for me? 130 00:04:44,610 --> 00:04:46,530 So if I look at this ARP packet, 131 00:04:46,530 --> 00:04:49,560 you can see the inside of it is asking, 132 00:04:49,560 --> 00:04:53,610 do you know where the 10.0.0.3 address is? 133 00:04:53,610 --> 00:04:56,400 And it's going to say, yes, I do. I'm that guy. 134 00:04:56,400 --> 00:04:58,920 And so local DNS is going to answer up back to the switch 135 00:04:58,920 --> 00:05:01,530 and say, I'm the device you're looking for. 136 00:05:01,530 --> 00:05:03,570 Now on the company router side, it's going to look at that 137 00:05:03,570 --> 00:05:06,180 and go, you're looking for 10.0.0.3. 138 00:05:06,180 --> 00:05:07,830 That's not me, I'm a router 139 00:05:07,830 --> 00:05:11,970 and I host the 10.0.0.0/24 network. 140 00:05:11,970 --> 00:05:14,190 But that means I don't need to take this traffic 141 00:05:14,190 --> 00:05:16,650 and pass it outward because it's in my network 142 00:05:16,650 --> 00:05:18,307 so I'm just going to drop this packet 143 00:05:18,307 --> 00:05:20,130 'cause that's not really meant for me. 144 00:05:20,130 --> 00:05:21,630 All right, once we do that, 145 00:05:21,630 --> 00:05:23,370 we're going to go to the next packet that happens. 146 00:05:23,370 --> 00:05:24,690 This time the DNS server's 147 00:05:24,690 --> 00:05:27,000 going to send the message back to the switch and say, 148 00:05:27,000 --> 00:05:29,040 yes, I'm the guy you're looking for. 149 00:05:29,040 --> 00:05:31,290 I am 10.0.0.3. 150 00:05:31,290 --> 00:05:32,123 And the switch says, 151 00:05:32,123 --> 00:05:34,230 okay, let me tell that back to the client. 152 00:05:34,230 --> 00:05:36,780 So the client now knows what the Mac address is 153 00:05:36,780 --> 00:05:38,670 for that local DNS server 154 00:05:38,670 --> 00:05:41,940 because it reports it inside of that ARP message. 155 00:05:41,940 --> 00:05:43,890 Now the client, when it receives that goes, 156 00:05:43,890 --> 00:05:46,950 great, now I know who to send my DNS traffic to. 157 00:05:46,950 --> 00:05:49,140 So I'm going to create a new DNS message, 158 00:05:49,140 --> 00:05:50,550 which you can see here in brown, 159 00:05:50,550 --> 00:05:52,800 and I'm going to send that back to the switch 160 00:05:52,800 --> 00:05:55,320 and the switch is going to send it to the DNS server 161 00:05:55,320 --> 00:05:56,850 because it knows that Mac address 162 00:05:56,850 --> 00:05:59,820 was addressed from the client to the DNS server. 163 00:05:59,820 --> 00:06:02,130 At this point, the DNS server looks at it 164 00:06:02,130 --> 00:06:04,500 and it has to see what do I do with this message? 165 00:06:04,500 --> 00:06:05,790 So the first thing we're going to do 166 00:06:05,790 --> 00:06:06,900 when we look at that message 167 00:06:06,900 --> 00:06:09,210 is we have to check our own DNS records. 168 00:06:09,210 --> 00:06:12,750 So as the DNS server, when I see that, I'm going to say, 169 00:06:12,750 --> 00:06:15,720 do I know what to do with diontraining.com? 170 00:06:15,720 --> 00:06:18,090 So I check my DNS records, and here they are. 171 00:06:18,090 --> 00:06:21,810 I have two records, I have one for com and one for root. 172 00:06:21,810 --> 00:06:25,260 Now the com one is a name server for the.com domain 173 00:06:25,260 --> 00:06:27,900 and it says, if you get something that ends in com, 174 00:06:27,900 --> 00:06:30,600 go to the root server here on the right. 175 00:06:30,600 --> 00:06:32,340 Well, that then looks in the record, it says, 176 00:06:32,340 --> 00:06:33,900 okay, where's the root server? 177 00:06:33,900 --> 00:06:37,500 I have an A record for that and it's 10.2.0.2. 178 00:06:37,500 --> 00:06:39,360 So where is that device? 179 00:06:39,360 --> 00:06:40,830 Well, it's not on this network 180 00:06:40,830 --> 00:06:42,780 because that's a different local area network. 181 00:06:42,780 --> 00:06:45,180 So I'm going to have to send this message to my gateway, 182 00:06:45,180 --> 00:06:47,640 which is the company router, which will then forward it out 183 00:06:47,640 --> 00:06:50,961 to the appropriate network where 10.2.0.2 is. 184 00:06:50,961 --> 00:06:53,100 Now 10.2.0.2 in this example 185 00:06:53,100 --> 00:06:56,040 is simulating the top level domain for .com 186 00:06:56,040 --> 00:06:57,390 because we don't own this name 187 00:06:57,390 --> 00:06:58,500 and we don't know where it goes 188 00:06:58,500 --> 00:07:00,030 so we're going to go to .com 189 00:07:00,030 --> 00:07:02,550 and ask them for the authoritative name server for it. 190 00:07:02,550 --> 00:07:04,590 All right, 10.2.0.2 191 00:07:04,590 --> 00:07:07,680 is actually going to be this route DNS server right here, 192 00:07:07,680 --> 00:07:11,130 and you can see right here it is 10.2.0.2/24 193 00:07:11,130 --> 00:07:12,750 and it is up and available. 194 00:07:12,750 --> 00:07:15,900 So we want to get that message over to this server 195 00:07:15,900 --> 00:07:18,780 and then we're going to check our DNS records on this server. 196 00:07:18,780 --> 00:07:20,550 So you're going to watch that brown packet 197 00:07:20,550 --> 00:07:22,440 and it's going to go up to the switch, 198 00:07:22,440 --> 00:07:24,810 and the switch is then going to send an ARP message 199 00:07:24,810 --> 00:07:26,970 out to the company and out to the client, 200 00:07:26,970 --> 00:07:30,390 because again, nobody knows where 10.2.0.2 is yet. 201 00:07:30,390 --> 00:07:31,530 Now when it gets to the client, 202 00:07:31,530 --> 00:07:34,230 the client says, that's not me, and drops the message. 203 00:07:34,230 --> 00:07:35,940 The router on the other hand says, 204 00:07:35,940 --> 00:07:39,390 hey, I know how to get to 10.2.0.2 205 00:07:39,390 --> 00:07:42,450 so I'll answer up for that and say any local area traffic 206 00:07:42,450 --> 00:07:44,760 that's destined for that address comes to me 207 00:07:44,760 --> 00:07:47,460 and then I'll forward it using layer 3 IP addresses 208 00:07:47,460 --> 00:07:49,350 out to the internet to get it over there. 209 00:07:49,350 --> 00:07:51,510 So it's going to send that message back to the switch 210 00:07:51,510 --> 00:07:52,740 and the switch sees it, 211 00:07:52,740 --> 00:07:55,230 and then it sends it back to the local DNS server. 212 00:07:55,230 --> 00:07:56,310 The local DNS server says, 213 00:07:56,310 --> 00:07:58,110 great, now I know how to get there, 214 00:07:58,110 --> 00:08:01,410 I'm going to send all those requests for 10.2.0.2 215 00:08:01,410 --> 00:08:04,290 over to the company router, which is my default gateway. 216 00:08:04,290 --> 00:08:05,640 So that's what's going to happen. 217 00:08:05,640 --> 00:08:07,890 We see that go up, we see it hit the switch, 218 00:08:07,890 --> 00:08:10,200 and then it goes from the switch over to the company. 219 00:08:10,200 --> 00:08:12,180 Now once it gets to the company router, 220 00:08:12,180 --> 00:08:15,960 we need to get that over to the 10.2.0.2 device. 221 00:08:15,960 --> 00:08:19,140 So it's going to look at it and say, not part of my network, 222 00:08:19,140 --> 00:08:21,810 let me send it out my default gateway to the internet. 223 00:08:21,810 --> 00:08:24,540 So it does that and sends it over to the ISPs router. 224 00:08:24,540 --> 00:08:26,160 The ISPs router looks at and goes, 225 00:08:26,160 --> 00:08:28,230 hmm, where is this thing located? 226 00:08:28,230 --> 00:08:29,100 And in this case, 227 00:08:29,100 --> 00:08:31,230 we have it directly attached to that router 228 00:08:31,230 --> 00:08:33,240 so it's going to drop that DNS packet 229 00:08:33,240 --> 00:08:35,087 and it's going to change it into an ARP packet 230 00:08:35,087 --> 00:08:38,159 'cause again, we always send things to the final device 231 00:08:38,159 --> 00:08:40,260 using layer 2 using ethernet 232 00:08:40,260 --> 00:08:42,150 and that's going to require a Mac address, 233 00:08:42,150 --> 00:08:43,140 and so we have to use ARP 234 00:08:43,140 --> 00:08:45,690 to do the IP and Mac address binding. 235 00:08:45,690 --> 00:08:46,818 So the internet router 236 00:08:46,818 --> 00:08:48,750 is then going to go down to the DNS server, 237 00:08:48,750 --> 00:08:50,520 when it hits there, the DNS server says, 238 00:08:50,520 --> 00:08:52,050 oh, I know what that is. 239 00:08:52,050 --> 00:08:54,360 That's me. I'm 10.2.0.2. 240 00:08:54,360 --> 00:08:56,730 So it sends that message back to the internet router 241 00:08:56,730 --> 00:08:58,710 and the internet router is going to send that message 242 00:08:58,710 --> 00:09:00,240 back over to the company router, 243 00:09:00,240 --> 00:09:01,290 and in turn they're going to say, 244 00:09:01,290 --> 00:09:03,060 okay, I know how to get there. 245 00:09:03,060 --> 00:09:05,160 Now at this point, the local DNS server 246 00:09:05,160 --> 00:09:07,620 hasn't gotten its message over to that final server yet, 247 00:09:07,620 --> 00:09:10,260 and it's going to then send it again to the company. 248 00:09:10,260 --> 00:09:12,870 So in this case, it sends it up to the switch zero, 249 00:09:12,870 --> 00:09:15,240 from switch zero to company and now at this point, 250 00:09:15,240 --> 00:09:17,160 the company router knows what to do with it. 251 00:09:17,160 --> 00:09:18,990 It sends it over to the internet router 252 00:09:18,990 --> 00:09:21,090 and the internet router knows what to do with it as well, 253 00:09:21,090 --> 00:09:23,790 it's going to send it down to the root DNS server. 254 00:09:23,790 --> 00:09:26,340 So we're now going to look at that message which says, 255 00:09:26,340 --> 00:09:31,340 hey, where is this address for www.diontraining.com 256 00:09:31,500 --> 00:09:34,650 or diontraining.com like we entered in the browser. 257 00:09:34,650 --> 00:09:37,200 Now we're going to look at our DNS records on this server 258 00:09:37,200 --> 00:09:38,850 and see if we have one for it. 259 00:09:38,850 --> 00:09:41,280 So as we go here and we look at our DNS records, 260 00:09:41,280 --> 00:09:43,590 we can see there's nothing in its cache 261 00:09:43,590 --> 00:09:45,930 and we see three records. 262 00:09:45,930 --> 00:09:49,170 First we have an SOA record or a start of authority. 263 00:09:49,170 --> 00:09:50,760 Now the start of authority record 264 00:09:50,760 --> 00:09:52,620 is going to have these things about it 265 00:09:52,620 --> 00:09:55,200 like saying when does it expire, when does it refresh, 266 00:09:55,200 --> 00:09:57,660 when do you want to retry, what's the minimum time to live? 267 00:09:57,660 --> 00:09:59,100 And all those details. 268 00:09:59,100 --> 00:10:03,240 Now this authority record says who owns the authority name. 269 00:10:03,240 --> 00:10:06,120 Now the next one we have is authority.diontraining.com 270 00:10:06,120 --> 00:10:07,800 and we have an A record associated with that 271 00:10:07,800 --> 00:10:11,010 which says this address of authority.diontraining.com 272 00:10:11,010 --> 00:10:13,320 goes to 10.4.0.2. 273 00:10:13,320 --> 00:10:15,690 That is not the same as diontraining.com, 274 00:10:15,690 --> 00:10:19,110 it's not the same as www.diontraining.com. 275 00:10:19,110 --> 00:10:21,480 This is a subdomain called authority 276 00:10:21,480 --> 00:10:23,160 and so authority.diontraining.com 277 00:10:23,160 --> 00:10:25,140 would be at that servers IP. 278 00:10:25,140 --> 00:10:26,340 Now if we go to the last thing, 279 00:10:26,340 --> 00:10:29,010 we do see that there's diontraining.com there, 280 00:10:29,010 --> 00:10:31,200 and this is actually a name server record. 281 00:10:31,200 --> 00:10:35,040 So who owns all of the diontraining.com name server records? 282 00:10:35,040 --> 00:10:37,140 Well, it's owned by what we see on the right, 283 00:10:37,140 --> 00:10:39,660 which is authority.diontraining.com. 284 00:10:39,660 --> 00:10:43,167 So if somebody wants to look up beta.diontraining.com, 285 00:10:43,167 --> 00:10:47,370 www.diontraining.com, support.diontraining.com, 286 00:10:47,370 --> 00:10:49,170 they're going to go from this record 287 00:10:49,170 --> 00:10:51,420 to that name server at diontraining.com, 288 00:10:51,420 --> 00:10:54,090 which is located at the authority.diontraining.com 289 00:10:54,090 --> 00:10:56,640 or 10.4.0.2. 290 00:10:56,640 --> 00:11:00,780 So let's look and see where is 10.4.0.2 on this diagram? 291 00:11:00,780 --> 00:11:04,110 Well, here it is, it's authority.diontraining.com 292 00:11:04,110 --> 00:11:06,420 and you can see it's 10.4.0.2. 293 00:11:06,420 --> 00:11:08,670 So again, this route DNS server 294 00:11:08,670 --> 00:11:10,980 is now going to send the traffic over there, 295 00:11:10,980 --> 00:11:13,590 and to do that, it's going to have to do that at layer 3. 296 00:11:13,590 --> 00:11:14,550 So first we're going to have to 297 00:11:14,550 --> 00:11:16,170 go through the ARP process again 298 00:11:16,170 --> 00:11:17,700 because we just found a new IP address 299 00:11:17,700 --> 00:11:19,200 that nobody knew of before 300 00:11:19,200 --> 00:11:21,270 and we have to figure out where it's going to be located. 301 00:11:21,270 --> 00:11:23,730 So up we go with the DNS to the internet router, 302 00:11:23,730 --> 00:11:25,590 and then that's going to get sent over to the next router 303 00:11:25,590 --> 00:11:27,480 which is diontraining.com. 304 00:11:27,480 --> 00:11:30,060 Now once it's there, it's now going to have to get delivered 305 00:11:30,060 --> 00:11:32,190 to that final leg to that server 306 00:11:32,190 --> 00:11:34,380 and this is where we have to again use ARP. 307 00:11:34,380 --> 00:11:36,630 So the router's going to drop that message 308 00:11:36,630 --> 00:11:38,160 because it doesn't know what to do with it 309 00:11:38,160 --> 00:11:39,450 and instead it's going to start sending out 310 00:11:39,450 --> 00:11:40,950 the ARP broadcast again. 311 00:11:40,950 --> 00:11:43,020 So out goes the broadcast to the switch, 312 00:11:43,020 --> 00:11:44,550 the switch then broadcasts it up 313 00:11:44,550 --> 00:11:46,500 and it goes to server diontraining.com, 314 00:11:46,500 --> 00:11:47,670 which is my web server, 315 00:11:47,670 --> 00:11:50,790 and authority.diontraining.com, which is my name server. 316 00:11:50,790 --> 00:11:53,970 Now at this case, we were looking for 10.4.0.2, 317 00:11:53,970 --> 00:11:57,090 which happened to be the authority.diontraining.com server. 318 00:11:57,090 --> 00:11:59,400 So server.diontraining.com 319 00:11:59,400 --> 00:12:02,040 is going to drop that ARP packet and not respond to it 320 00:12:02,040 --> 00:12:03,570 because it's not meant for them. 321 00:12:03,570 --> 00:12:06,180 Instead, the DNS server is going to respond back to the switch 322 00:12:06,180 --> 00:12:08,190 and say, I'm who you're looking for, 323 00:12:08,190 --> 00:12:09,420 and the switch is going to send that back 324 00:12:09,420 --> 00:12:11,460 to the router at Dion Training. 325 00:12:11,460 --> 00:12:13,020 Now the Dion Training router 326 00:12:13,020 --> 00:12:16,050 knows where the authority.diontraining.com server is, 327 00:12:16,050 --> 00:12:18,540 and it knows how to address it using its Mac address 328 00:12:18,540 --> 00:12:20,460 because we just did this ARP broadcast. 329 00:12:20,460 --> 00:12:24,600 So the next time we get the retransmit of that DNS request, 330 00:12:24,600 --> 00:12:27,210 it's going to go and it's going to come from the client 331 00:12:27,210 --> 00:12:28,043 to the switch. 332 00:12:28,043 --> 00:12:29,760 The switch says, I know what to do with that. 333 00:12:29,760 --> 00:12:31,067 I'm going to send it over to the DNS server 334 00:12:31,067 --> 00:12:33,930 'cause I always use my local DNS server first. 335 00:12:33,930 --> 00:12:36,570 Now my local DNS server is going to check its cache. 336 00:12:36,570 --> 00:12:38,760 Again, do we have anything in our cache yet? 337 00:12:38,760 --> 00:12:40,140 Let's take a look. 338 00:12:40,140 --> 00:12:41,160 Right now we don't 339 00:12:41,160 --> 00:12:43,710 because we never got a message back to this server yet 340 00:12:43,710 --> 00:12:45,660 to know where the final destination is. 341 00:12:45,660 --> 00:12:46,850 So what is it going to do? 342 00:12:46,850 --> 00:12:48,300 If it's not my cache, 343 00:12:48,300 --> 00:12:50,310 I'm going to send it to the next higher DNS server, 344 00:12:50,310 --> 00:12:52,110 which happens to be the root DNS server. 345 00:12:52,110 --> 00:12:55,350 So off it goes, it transfers it up to the switch, 346 00:12:55,350 --> 00:12:56,700 over to the company router 347 00:12:56,700 --> 00:12:58,950 that's going to say, and take it over to the internet, 348 00:12:58,950 --> 00:13:00,300 the internet's then going to deliver it 349 00:13:00,300 --> 00:13:01,890 down to the root DNS server. 350 00:13:01,890 --> 00:13:04,410 So the root DNS server is now going to send that message 351 00:13:04,410 --> 00:13:05,550 up to the internet router, 352 00:13:05,550 --> 00:13:08,220 the internet router's going to send it over to Dion Training, 353 00:13:08,220 --> 00:13:10,980 and then Dion Training is going to send it over to the switch. 354 00:13:10,980 --> 00:13:12,330 The switch knows where to send it now 355 00:13:12,330 --> 00:13:14,280 because of that ARP broadcast we just did, 356 00:13:14,280 --> 00:13:15,330 and so it's going to send it down 357 00:13:15,330 --> 00:13:17,640 to the authority.diontraining.com. 358 00:13:17,640 --> 00:13:19,110 Everything we did so far 359 00:13:19,110 --> 00:13:21,420 was just to establish that initial connection 360 00:13:21,420 --> 00:13:24,510 and get that first DNS request over to the name server 361 00:13:24,510 --> 00:13:27,690 who is the authority for this diontraining.com name. 362 00:13:27,690 --> 00:13:30,930 So now that we're there, what is this server going to do? 363 00:13:30,930 --> 00:13:32,940 It's going to take it and it looks at the request 364 00:13:32,940 --> 00:13:34,020 and the request said, 365 00:13:34,020 --> 00:13:36,300 I want to know where diontraining.com is. 366 00:13:36,300 --> 00:13:39,510 So it's going to check its DNS records and in its DNS records, 367 00:13:39,510 --> 00:13:41,743 does it have an A record for diontraining.com 368 00:13:41,743 --> 00:13:44,430 or a CNAME record for diontraining.com? 369 00:13:44,430 --> 00:13:45,780 Well, yes it does. 370 00:13:45,780 --> 00:13:48,840 You can see that record number two is diontraining.com 371 00:13:48,840 --> 00:13:52,500 and it's an A record that points to 10.4.0.3. 372 00:13:52,500 --> 00:13:54,960 Now that same IP address is also going to be used 373 00:13:54,960 --> 00:13:56,910 for server.diontraining.com 374 00:13:56,910 --> 00:13:58,320 and there's an A record for that. 375 00:13:58,320 --> 00:14:00,660 And then finally you see a CNAME record at the end, 376 00:14:00,660 --> 00:14:03,390 which says www.diontraining.com 377 00:14:03,390 --> 00:14:06,840 and that is going to be pointing to server.diontraining.com. 378 00:14:06,840 --> 00:14:08,490 So if I went in my web browser 379 00:14:08,490 --> 00:14:11,190 and asked for www.diontraining.com, 380 00:14:11,190 --> 00:14:12,870 it's going to use the CNAME record 381 00:14:12,870 --> 00:14:15,420 and point me to server.diontraining.com, 382 00:14:15,420 --> 00:14:17,280 which points me to this A record, 383 00:14:17,280 --> 00:14:18,807 which points me to this IP address. 384 00:14:18,807 --> 00:14:20,940 And you could see how these things link together. 385 00:14:20,940 --> 00:14:22,200 But when I typed it in, 386 00:14:22,200 --> 00:14:24,660 I just typed in directly diontraining.com. 387 00:14:24,660 --> 00:14:27,180 So I'm only going to be looking at record number two here, 388 00:14:27,180 --> 00:14:30,000 which is the A record with the IP address we want to go to. 389 00:14:30,000 --> 00:14:33,090 So the question is, where is 10.4.0.3? 390 00:14:33,090 --> 00:14:35,190 Well, if we look at that, it's up here 391 00:14:35,190 --> 00:14:37,200 and it's server.diontraining.com. 392 00:14:37,200 --> 00:14:39,060 So now what we want to happen 393 00:14:39,060 --> 00:14:41,940 is once the client finds out where this server is located, 394 00:14:41,940 --> 00:14:44,400 it's going to start sending all his traffic to the IP address 395 00:14:44,400 --> 00:14:46,410 of server.diontraining.com. 396 00:14:46,410 --> 00:14:48,480 And we're going to go from the client to the switch, 397 00:14:48,480 --> 00:14:50,490 across the network to the other switch, 398 00:14:50,490 --> 00:14:53,010 and then up to server diontraining.com. 399 00:14:53,010 --> 00:14:55,770 So let's see what happens as this DNS message goes back. 400 00:14:55,770 --> 00:14:57,360 So it's going to go back to the switch, 401 00:14:57,360 --> 00:14:58,500 it's going to give the reply and say, 402 00:14:58,500 --> 00:15:00,360 here's the IP address you were looking for. 403 00:15:00,360 --> 00:15:02,790 Then it's going to go over to the Dion Training router, 404 00:15:02,790 --> 00:15:03,810 from the Dion Training router 405 00:15:03,810 --> 00:15:05,550 it's going to go back to the internet router 406 00:15:05,550 --> 00:15:08,940 and now it's going to send it back to the route DNS server 407 00:15:08,940 --> 00:15:11,010 because we want them, that lower level server 408 00:15:11,010 --> 00:15:13,620 to know where is diontraining.com 409 00:15:13,620 --> 00:15:15,330 so if anybody else asks in the future, 410 00:15:15,330 --> 00:15:16,860 they can just tell them where it is 411 00:15:16,860 --> 00:15:18,660 using that .com domain name 412 00:15:18,660 --> 00:15:19,860 instead of having to go all the way back 413 00:15:19,860 --> 00:15:21,900 to my individual DNS server. 414 00:15:21,900 --> 00:15:23,580 So when I do this, you're going to see 415 00:15:23,580 --> 00:15:25,860 that we're going to actually get a cache happening 416 00:15:25,860 --> 00:15:27,420 inside this root DNS server. 417 00:15:27,420 --> 00:15:29,610 So there we go, now we've got the root DNS server 418 00:15:29,610 --> 00:15:30,750 and it knows where it is. 419 00:15:30,750 --> 00:15:33,600 So if I go to services and look at my DNS cache, 420 00:15:33,600 --> 00:15:35,790 you're going to see that it now knows 421 00:15:35,790 --> 00:15:38,919 that there's an A record for diontraining.com 422 00:15:38,919 --> 00:15:42,840 at this timestamp, and it's going to be going to 10.4.0.3. 423 00:15:42,840 --> 00:15:46,110 Now depending on the time to live for this DNS record, 424 00:15:46,110 --> 00:15:47,550 it's going to stay in this cache. 425 00:15:47,550 --> 00:15:50,400 And then once that cache is going to expire, 426 00:15:50,400 --> 00:15:53,100 it's going to go back and ask again directly from the server 427 00:15:53,100 --> 00:15:55,530 instead of using its cache in the future. 428 00:15:55,530 --> 00:15:56,940 All right, once we have that, 429 00:15:56,940 --> 00:15:58,680 you can see though it did not add that 430 00:15:58,680 --> 00:16:01,170 as an A record in its DNS. 431 00:16:01,170 --> 00:16:02,220 The reason for this 432 00:16:02,220 --> 00:16:05,520 is that this A record is not owned by this root server, 433 00:16:05,520 --> 00:16:07,770 it's owned by the authoritative name server 434 00:16:07,770 --> 00:16:09,510 authority.diontraining.com 435 00:16:09,510 --> 00:16:11,340 over on the right side of our screen 436 00:16:11,340 --> 00:16:12,750 so it only can cache it, 437 00:16:12,750 --> 00:16:15,000 can't add the A record automatically. 438 00:16:15,000 --> 00:16:16,110 All right, once it gets that, 439 00:16:16,110 --> 00:16:18,330 we still need to go and tell the lower level DNS server 440 00:16:18,330 --> 00:16:19,260 what's going on. 441 00:16:19,260 --> 00:16:22,320 So it's now going to send a message up to the internet router, 442 00:16:22,320 --> 00:16:23,610 over to the company router, 443 00:16:23,610 --> 00:16:25,260 which sends it over to the switch. 444 00:16:25,260 --> 00:16:26,580 The switch knows where it needs to go, 445 00:16:26,580 --> 00:16:28,830 so it sends it down to the local DNS server. 446 00:16:28,830 --> 00:16:31,440 And now if we check the local DNS server, 447 00:16:31,440 --> 00:16:33,060 we are going to see that its cache 448 00:16:33,060 --> 00:16:34,857 now has that same A record in it. 449 00:16:34,857 --> 00:16:37,380 And so again, we didn't add it as an A record here, 450 00:16:37,380 --> 00:16:39,360 we added it as a cache. 451 00:16:39,360 --> 00:16:41,370 And you can see now that we now have the cache name 452 00:16:41,370 --> 00:16:43,470 for the name server on the way over, 453 00:16:43,470 --> 00:16:46,050 and now we have the cache name for the IP address 454 00:16:46,050 --> 00:16:48,060 for diontraining.com. 455 00:16:48,060 --> 00:16:51,570 So at this point, our local DNS server can now answer up 456 00:16:51,570 --> 00:16:54,390 for anybody who's asking where diontraining.com is. 457 00:16:54,390 --> 00:16:55,290 And we don't have to go through 458 00:16:55,290 --> 00:16:58,530 all those packets we just did to get that information again 459 00:16:58,530 --> 00:16:59,940 because we already have it. 460 00:16:59,940 --> 00:17:01,770 Now, once the time to expire happens, 461 00:17:01,770 --> 00:17:03,690 we're going to have to have that cache invalidated 462 00:17:03,690 --> 00:17:05,040 and that happens automatically. 463 00:17:05,040 --> 00:17:07,079 So then we would have to go all the way back to the server 464 00:17:07,079 --> 00:17:08,220 and get a new copy 465 00:17:08,220 --> 00:17:10,916 because maybe I changed my IP address or moved that server. 466 00:17:10,916 --> 00:17:13,349 All right, so now that the DNS server has it, 467 00:17:13,349 --> 00:17:15,540 it can answer that back to the original requester, 468 00:17:15,540 --> 00:17:19,740 which was our client, so now our client knows where to go. 469 00:17:19,740 --> 00:17:22,740 So now the client can actually start sending traffic 470 00:17:22,740 --> 00:17:25,140 and we want to send on HTTP traffic 471 00:17:25,140 --> 00:17:26,609 because that's what we were trying to do 472 00:17:26,609 --> 00:17:27,990 by going to a website. 473 00:17:27,990 --> 00:17:29,790 Now first you're seeing this ARP again. 474 00:17:29,790 --> 00:17:31,380 This ARP is going to the switch 475 00:17:31,380 --> 00:17:34,350 and then that's going over to the company and the DNS server 476 00:17:34,350 --> 00:17:37,350 because we now know what the IP address we want to go to is, 477 00:17:37,350 --> 00:17:39,060 and that IP address was the IP address 478 00:17:39,060 --> 00:17:40,890 for server.diontraining.com. 479 00:17:40,890 --> 00:17:42,870 But our switch doesn't know that 480 00:17:42,870 --> 00:17:44,250 and our router doesn't know that, 481 00:17:44,250 --> 00:17:46,080 so we again have to ARP to say, 482 00:17:46,080 --> 00:17:49,650 hey, what is the Mac address for this IP address? 483 00:17:49,650 --> 00:17:50,880 Both these things are going to get it 484 00:17:50,880 --> 00:17:53,040 and both of 'em are going to say, it's not me. 485 00:17:53,040 --> 00:17:54,900 The company router on the other hand is going to say, 486 00:17:54,900 --> 00:17:57,630 it's not me, but I know where to send it 487 00:17:57,630 --> 00:17:59,130 so you can send that to me 488 00:17:59,130 --> 00:18:01,050 and I'll send it out my default gateway. 489 00:18:01,050 --> 00:18:01,980 So that's what's going to happen. 490 00:18:01,980 --> 00:18:04,050 We get that ARP request going back to the switch, 491 00:18:04,050 --> 00:18:06,660 the switch now knows anytime somebody's asking 492 00:18:06,660 --> 00:18:08,910 for that server diontraining.com IP 493 00:18:08,910 --> 00:18:09,990 that we were talking about, 494 00:18:09,990 --> 00:18:11,850 it's going to go over to the company router 495 00:18:11,850 --> 00:18:14,310 because that is considered the default gateway. 496 00:18:14,310 --> 00:18:15,480 All right, now that we see that, 497 00:18:15,480 --> 00:18:17,130 what's the next thing that's going to happen? 498 00:18:17,130 --> 00:18:18,570 Well, the Dion Training router 499 00:18:18,570 --> 00:18:20,040 is also going to be doing an ARP request 500 00:18:20,040 --> 00:18:21,390 on its side of the connection 501 00:18:21,390 --> 00:18:23,610 because it needs to know how to do that final delivery 502 00:18:23,610 --> 00:18:24,570 to that server. 503 00:18:24,570 --> 00:18:27,360 So it's doing an ARP broadcast, it goes out to the switch, 504 00:18:27,360 --> 00:18:29,190 the switch sends it to both the servers 505 00:18:29,190 --> 00:18:30,420 and then the one that it is 506 00:18:30,420 --> 00:18:31,980 is going to respond back to the switch, 507 00:18:31,980 --> 00:18:35,160 in this case server.diontraining.com. 508 00:18:35,160 --> 00:18:37,680 Now as we do that, the switch now gets that message 509 00:18:37,680 --> 00:18:40,560 and it sends it back to Dion Training using ARP to say, 510 00:18:40,560 --> 00:18:42,510 hey, I know where to send messages 511 00:18:42,510 --> 00:18:44,520 for the server.diontraining.com 512 00:18:44,520 --> 00:18:46,020 so go ahead and send it to me as a switch 513 00:18:46,020 --> 00:18:48,360 and I'll deliver it on the local area network. 514 00:18:48,360 --> 00:18:50,220 All right, so now that we did all of that, 515 00:18:50,220 --> 00:18:51,480 our client knows where to go, 516 00:18:51,480 --> 00:18:53,190 it's going to go to its local DNS server 517 00:18:53,190 --> 00:18:54,630 for that address resolution. 518 00:18:54,630 --> 00:18:57,720 Now that it knows the IP name, anytime it wants to do things 519 00:18:57,720 --> 00:18:59,597 to go to server.diontraining.com 520 00:18:59,597 --> 00:19:02,310 or diontraining.com, it can do that using the IP 521 00:19:02,310 --> 00:19:04,650 using its local cache on the client. 522 00:19:04,650 --> 00:19:06,780 If its client has expired on that cache, 523 00:19:06,780 --> 00:19:08,730 it can then go to its local DNS server. 524 00:19:08,730 --> 00:19:10,230 If the local DNS server is expired, 525 00:19:10,230 --> 00:19:11,880 it's going to go back to the root server. 526 00:19:11,880 --> 00:19:13,020 If the root server has expired, 527 00:19:13,020 --> 00:19:13,950 it's going to go all the way back 528 00:19:13,950 --> 00:19:16,320 to the authority.diontraining.com name server, 529 00:19:16,320 --> 00:19:18,450 and we do this whole process again. 530 00:19:18,450 --> 00:19:21,180 All right, so now I want to go ahead and look at my browser 531 00:19:21,180 --> 00:19:24,060 and make sure we can get traffic going back and forth 532 00:19:24,060 --> 00:19:26,100 now that we've done the DNS part of this. 533 00:19:26,100 --> 00:19:29,640 So I'm going to go to diontraining.com and I'm going to hit Go. 534 00:19:29,640 --> 00:19:34,380 Off it goes with a message and there we go, DNS, DNS. 535 00:19:34,380 --> 00:19:35,910 We're going to go all through that process again 536 00:19:35,910 --> 00:19:37,680 so you can see what it looks like. 537 00:19:37,680 --> 00:19:39,960 Going through, getting to the root DNS server, 538 00:19:39,960 --> 00:19:43,080 back to the router, back over to Dion Training's router, 539 00:19:43,080 --> 00:19:46,260 back to the switch, down to the authority.DNS, 540 00:19:46,260 --> 00:19:47,970 and up to the server.DNS. 541 00:19:47,970 --> 00:19:50,880 It drops at the server because there's no DNS record there 542 00:19:50,880 --> 00:19:53,070 and then the authority one sends back its message 543 00:19:53,070 --> 00:19:55,050 and says, here is what we have. 544 00:19:55,050 --> 00:19:56,010 And so when it does that, 545 00:19:56,010 --> 00:19:59,130 it goes back through to one router, to the second router, 546 00:19:59,130 --> 00:20:01,530 to the root DNS, back to the internet router, 547 00:20:01,530 --> 00:20:03,990 over to the company router, over to the company switch, 548 00:20:03,990 --> 00:20:06,990 and then down to the local DNS server, 549 00:20:06,990 --> 00:20:09,960 and then that goes all the way back up to our client. 550 00:20:09,960 --> 00:20:12,150 All right, that is the DNS process 551 00:20:12,150 --> 00:20:14,070 as we're looking at using hierarchies. 552 00:20:14,070 --> 00:20:16,110 We're going from our local to our root DNS 553 00:20:16,110 --> 00:20:18,630 and then over to our authoritative name servers. 554 00:20:18,630 --> 00:20:20,520 So at this point we want to send out a request 555 00:20:20,520 --> 00:20:24,077 back to that HTTP server which is holding diontraining.com. 556 00:20:24,077 --> 00:20:25,170 And at this point 557 00:20:25,170 --> 00:20:28,710 we will be able to send our GET message using HTTP 558 00:20:28,710 --> 00:20:30,510 and we'll receive the webpage back. 559 00:20:30,510 --> 00:20:32,160 So we create our packet, 560 00:20:32,160 --> 00:20:34,770 we address it with the Mac address of our default gateway 561 00:20:34,770 --> 00:20:35,880 and that way our company router 562 00:20:35,880 --> 00:20:37,920 will send it out to the Dion Training router 563 00:20:37,920 --> 00:20:39,120 across the internet. 564 00:20:39,120 --> 00:20:42,060 So here we go, we're going to send that HTTP traffic. 565 00:20:42,060 --> 00:20:44,340 It goes over to switch zero, from switch zero 566 00:20:44,340 --> 00:20:45,990 it's going to send it to the company router. 567 00:20:45,990 --> 00:20:48,060 The company router's going to then readdress it 568 00:20:48,060 --> 00:20:50,160 using the IP address that we want to go to, 569 00:20:50,160 --> 00:20:51,420 which happens to be the IP address 570 00:20:51,420 --> 00:20:53,250 for server.diontraining.com, 571 00:20:53,250 --> 00:20:54,930 and it sends it out to the internet. 572 00:20:54,930 --> 00:20:57,060 The internet then says, where does this belong? 573 00:20:57,060 --> 00:20:58,050 Finds the right network 574 00:20:58,050 --> 00:20:59,820 as it passes it from router to router 575 00:20:59,820 --> 00:21:01,920 and eventually getting to the Dion Training router 576 00:21:01,920 --> 00:21:05,430 which hosts the network for server.diontraining.com. 577 00:21:05,430 --> 00:21:06,570 Once it gets to that router, 578 00:21:06,570 --> 00:21:09,780 it's going to strip it down to layer 2 and start using ethernet 579 00:21:09,780 --> 00:21:12,390 as it goes to the switch and using Mac addresses, 580 00:21:12,390 --> 00:21:16,410 so it does the IP to Mac address conversion using ARP. 581 00:21:16,410 --> 00:21:18,420 Once it does that, it hits the switch, 582 00:21:18,420 --> 00:21:19,620 the switch knows where it goes 583 00:21:19,620 --> 00:21:21,240 and sends it up to the server. 584 00:21:21,240 --> 00:21:23,640 Notice it only went from the client to the server, 585 00:21:23,640 --> 00:21:25,710 it never touched those DNS servers again 586 00:21:25,710 --> 00:21:27,420 because we already did the DNS part, 587 00:21:27,420 --> 00:21:29,310 we know what the IP address is. 588 00:21:29,310 --> 00:21:30,540 Now, once it gets to the server, 589 00:21:30,540 --> 00:21:32,280 the server's going to process that message, 590 00:21:32,280 --> 00:21:33,570 in this case it was a GET message 591 00:21:33,570 --> 00:21:35,160 saying, give me the website. 592 00:21:35,160 --> 00:21:37,050 And so it's going to send back the website 593 00:21:37,050 --> 00:21:38,340 in a series of packets. 594 00:21:38,340 --> 00:21:40,080 In this case, it's only one packet 595 00:21:40,080 --> 00:21:42,210 because it's a very small website I'm sending 596 00:21:42,210 --> 00:21:45,030 and it goes back across the internet to the company, 597 00:21:45,030 --> 00:21:47,550 over to the switch, and then up to our client. 598 00:21:47,550 --> 00:21:48,750 Now, once I do that, 599 00:21:48,750 --> 00:21:51,660 we can go and look at what page it was that we received. 600 00:21:51,660 --> 00:21:53,190 This would happen all in the background 601 00:21:53,190 --> 00:21:54,720 and you'd see it on your web browser. 602 00:21:54,720 --> 00:21:55,680 And there it is. 603 00:21:55,680 --> 00:21:57,930 So in this case I have server.diontraining.com, 604 00:21:57,930 --> 00:22:00,750 also known as www.diontraining.com. 605 00:22:00,750 --> 00:22:03,180 And this is used to simulate the Dion Training homepage 606 00:22:03,180 --> 00:22:04,650 within my lab environment. 607 00:22:04,650 --> 00:22:06,060 Now, if I actually put pictures on there 608 00:22:06,060 --> 00:22:06,960 and things like that, 609 00:22:06,960 --> 00:22:08,820 it would make this a much bigger website. 610 00:22:08,820 --> 00:22:10,440 It would be a lot of different packets, 611 00:22:10,440 --> 00:22:12,360 and this purple packet going back and forth 612 00:22:12,360 --> 00:22:13,860 would just keep on happening. 613 00:22:13,860 --> 00:22:15,210 I would send the one packet over 614 00:22:15,210 --> 00:22:16,500 and say, give me the website. 615 00:22:16,500 --> 00:22:17,333 And then I would get 616 00:22:17,333 --> 00:22:19,830 a whole series of packets back from the web server 617 00:22:19,830 --> 00:22:22,410 with the videos and images and texts that I need 618 00:22:22,410 --> 00:22:24,780 to build that website at layer 7, 619 00:22:24,780 --> 00:22:27,060 the presentation layer on my client. 620 00:22:27,060 --> 00:22:28,770 And that's how you get to see the webpage 621 00:22:28,770 --> 00:22:31,560 once you go to something like diontraining.com. 622 00:22:31,560 --> 00:22:33,720 Hopefully this explanation helped you understand 623 00:22:33,720 --> 00:22:36,480 a little bit more about how DNS works in the background 624 00:22:36,480 --> 00:22:38,400 and how these things layer upon each other 625 00:22:38,400 --> 00:22:40,350 from the local to the top level domain 626 00:22:40,350 --> 00:22:42,063 and to the authoritative servers.