For example:


     Domain Name Service (DNS) is used to convert domain names like into IP numbers like, and back again.  The
reason for this is that the internet needs to work in IP numbers, but
human minds prefer to work in English words.

     IP stands for Internet Protocol, and an IP number is the logical
address of a computer on the internet.
     Human minds can deal with, but computers need to
deal with

     IP numbers also allow efficient routing to take place.  For
example both and are under 205.232.  So if
the router knows where to send 205.232, it doesn't have to bother even
looking at the rest of the IP.

     A domain name server is a program that runs on a computer,
usually there is at least one such server running at every large
organization, school or ISP, so there are quite a few of them in the

     One such name server program is called BIND which stands for the
Berkeley Internet Name Daemon.  Its also called NAMED, which is
pronounced NAME - D.

     Most unix daemons end with the letter d.  A daemon (pronouced
DEMON) is a program that stays resident in core and listens
continuously in the background for incoming requests and then services
them as they come in.  Unix daemons are similar to DOS TSR's
(Terminate and Stay Resident programs) or Mac extensions, both of
which serve the same purpose.

     Other examples of unix daemons are ftpd which handles FTP
requests, httpd, which handles web requests, sendmail which handles
mail requests, telnetd which handles telenet requests, innd which
handles news (usenet), and ircd which handles irc requests.

      FTP  = File Transfer Protocol
      HTTP = Hyper Text Transfer Protocol
      INN  = Internet Network News
      NNTP = Network News Transport Protocol
      IRC  = Internet Relay Chat
     The term 'server' tends to have two separate but related

     The first meaning is the physical machine that a daemon is
running on, such as 'the web server'.  At lightlink, our web server is
the machine named  It also used to be mail and
ftp server.

     The second meaning of the word server, is the daemon program
running on the machine.  "What web server are you running?" In this
case the answer is Apache HTTPD.

     So this can lead to the following brain twister:

     "We are running the Apache web server on a Sparc 20 server."
     Usually when one refers to a server, one is refering to the whole
functional conglomerate which consists of both the physical machine
server and the server software.


     A domain name server is a machine usually running the named
daemon.  It can be a stand alone machine set up solely to run named,
or it can be a mail, ftp or a web server that is also running named
for its own purposes.

     DNS servers provide 3 broad functions on the internet.

     They act as the primary server of authority for a given domain,
such as  When a user wishes to have their own domain,
either a private end user or a major ISP, they need to get an IP
number assigned to their domain, and they need to find a DNS server
somewhere that will act as the primary server of authority for their

     Only one DNS server machine can be the primary server of
authority for any given domain, but any one ISP might have more than
one DNS server machines serving different domains.

     When a customer wishes to have their own domain, they must first
choose a domain name that does not already exist on the planetary
grid.  The master database of US domains is at the Internic (Internet
Network Information Center) and can be queried through the WHO-IS
search engine that they provide.  Foreign domains must be handled
through the respective foreign 'internics' in each country.

     Once a domain name has been chosen like, the
customer must find an ISP somewhere that will be willing to offer
primary name service for that domain.  This is often the same ISP that
the client is using for his dial up access and to host his web pages,
but it does not have to be.

     The customer and ISP must decide on an IP number that will be
associated with the domain name, and the ISP must then enter a record
into his domain name server that records the relationship between the
customer's domain name and its IP number.

     The customer must register the domain name with the internic and
in the registration, he must state that his domain gets is primary
name service from say,

     As an example, Art Matrix which sells fractal videos, has a
domain name, which has its primary DNS server at and there is a record in the name server on light
showing that <->  Coincidentally, that
IP number points to web pages also hosted on, but
they could just as easily have been hosted in Timbuktu, in which case
the name record residing on the machine would
point to some completely different IP over in Timbuktu.


     Say a remote user at using Win95 running Netscape,
wishes to visit the home pages.  So he types in and hits the return key.
     His browser will first query a local name server probably
belonging to  His Win95 setup will contain an area to enter
two name server IP numbers, and no doubt will have told him
what these IP numbers are for just this purpose.
     Although Win95 calls these two entries, Primary and Secondary
DNS, they really have nothing to do with the primary name service that
we are talking about here, they merely lay out the order in which the
two name servers should be queried in case one is down.  Neither of
them will be the primary name server of authority for

     Since the first name server in the user's list is undoubtedly not
primary for it will have no idea what the correct IP
number is for
     The name server will then query the internic ROOT name
servers that contain the data base which says where every domain gets
its primary name service.
     Every domain name server on the planet knows the IP addresses of
the internic ROOT servers, if they didn't, they would never be able to
get any data about the rest of the world.

     The internic root servers will send back to the name
server that primary service for can be found at or (same thing).

     Then the name server will send a second request
directly to asking for the IP of,
and our name server on light will respond with
     The name server will then send this answer
( = to the end user at using
win95 who made the request in the first place, and his netscape
browser software will then send a web (http) request directly to which will respond with the web pages for

     The next user at who wants to get to will
have to go through the same procedure, except that the local name
servers at already know the IP for because
they have recorded it in their memory from the last person who wanted
it, so they won't have to bother the internic root servers nor the
primary server at for the answer all over again.
     This recording process is called CACHING, and greatly lessens the
load on the primary name servers which would go crazy if they had to
answer every time someone wanted the home page.
     Every so often the data in the caches expire, and the remote name
servers erase their data and so the primary has to be queried again if
someone wants the data.  This assures that the data in the caches does
not get too old and stale, in case the IP number for
changes or disappears completely.


     It's pretty clear that primary name service is a VERY important
service to domain name holders, because if the primary name server
goes down, then the remote user won't be able to find out what IP that
domain is, and that domain will effectively be off the internet.


     It is for this reason that it is very important to not only have
a very stable and well guarded primary name server, but to also have
multiple secondary backup name servers.


     The second broad function of a name server is to act as a
secondary backup name server for a domain.

     It has been a long standing internet policy that every domain
should be serviced by at least two name servers, a primary name server
and at least one secondary name server.

     Further the secondary name server should not be on the same
network as the primary, because if the network as a whole goes down,
then both name servers will be out of commission, which means all of
the domains that they service will be dead for the duration of the

     For example we have two name servers here at lightlink, light is
the primary name server for all our domains, majesty is the secondary.

     If light goes down, then majesty takes over, no loss.

     But if NYSERNET or SPRINT go down, then we are effectively cut
off from the net for a while, and everyone outside our dark spot will
find that all the domains that we host are 'non existent'.

     Now you might say, well if your whole network is off line, then
remote people can't get to your web pages anyhow, so who cares if the
domain is off line?

     Well for one it is very disconcerting to an end user to receive
back a message that says 'domain unknown', or 'domain does not
resolve' or some such.  If its your domain, it might make them think
you have gone out of business.

     So even if your ISP or your web pages are momentarily down, you
ALWAYS want your domain to resolve properly.  Then the user gets back
'Server might be down', which is much more calming than 'Domain does
not resolve.'
     But more importantly, it is not always true that one's web pages
are hosted at the same ISP that is doing primary name service.  One
can in fact envision a business whose sole activity is to provide
domain name service to people who will definitely host their pages and
e-mail elsewhere.  (Check out for example, they
provide 'cold storage' for domains names that people want to reserve
but not otherwise use.)

     So even if the primary name server or its ISP are offline, the
webpages might be just fine and accesible at some other ISP, but no
one can get to them!

     This is why it is so important to have a secondary name server
that is physically and electronically separate from the primary name
     Taking it to an extreme, the primary and secondary name servers
shouldn't even be in the same city, because if the city gets nuked,
both will go off line!

     If one is really paranoid, which you should be if you are taking
responsibility for other people's lives, you probably will want 2 or
more secondary servers at very widely disparate locations, preferably
on the other side of the country, or even in a foreign land if you

     Secondary name servers are no different than primary name
servers, they run BIND on a machine just like the primary.  Only
rather than having an authoritative database of domains and their IP
nuymbers entered by the hand of the ISP, they have a secondary
database of domains and their IP numbers THAT THEY HAVE DOWNLOADED

     They may have no primary records of their own, but they download
copies of primary records from the real primary name servers, and
store them in their own database.
     A secondary name server is set to download its secondary database
every couple of hours or every day or whatever the ISP who owns the
primary records wants.

     One problem with setting up secondary name servers, is getting
access to a name server in a remote part of the country that is
willing to down load YOUR primary domains!  In order to facilitate
this, ISPs join into swapping agreements with each other.  For example
we have a swapping agreement with John Levine at

     Every night his name server downloads all our primary name
records and puts them in his secondary data base.  And we download all
his primary name records and put them in our secondary database.

     Since we already have a secondary name server on our own system
(majesty) that gives us two secondary servers, majesty and ivan.
     Ivan is physically disparate from us (well a single atom bomb
would take us both out), but we are very electronically separated from
each other, as he is on the PSI backbone, and we are on the Nysernet
backbone, and it is very unlikely that any single network down would
take both of us out.

     We also have a swapping arrangement with which is in
colorado on yet a totally different network.

     So for every domain that we host as primary, the internic lists
four name servers.    primary   authoritative secondary not authoritative         secondary not authoritative            secondary not authoritative

     The reason the secondary name servers are not considered
authoritative for our primary domains, is because if I change the IP
number of on the primary name server, it will be a while
before the secondaries go through their download cycle and get the new
corrected information.  Therefore secondaries can be wrong for a small
time window after a change takes place.
     Secondary servers always respond that they are non authoritative,
and primary name servers always respond that they are authoritative.
     When the user at wants to hit on, the
internic root servers actually send him all four addresses of the
primary and 3 secondary name servers, and his local name server at picks one of the 4 at random, so the load of incoming
requests is actually shared by all 4 name servers.

     When a secondary server is hit upon for, the server
will state that it is non authoritative, and this fact will be matched
with the data received from the internic.
     If the internic says that a server is non authoritative but the
server responds as if it were authoritative, then an error is logged
at although the data may be accepted and sent on to the end
user anyhow.

     If anyone of the 4 name servers fails to respond because it is
completely down, then the server at will try the next one in

     If anyone of the 4 name servers responds but says it has no data
for the domain being requested, then an error is logged saying that
the server is the brunt of a LAME DELEGATION.

     That means the server was delegated by the owner of the domain
through the internic as a valid primary or secondary server, and yet
that server says it has no knowledge of the domain.


     The third broad function of a name server is to act as a caching
only server.

     A caching only name server has no primary or secondary records to
serve.  It merely gets and stores answers to queries that are sent to
it.  If someone asks it what the IP of is, it will
respond if it knows.  If it doesn't know the answer, it will go to the
internic root servers, find the primary and secondary name servers for, query them, give the answer to the user making the
query, and store the answer in its cache so it can give a faster
answer to the next user.


     To summarize, there are 3 broad functions of a name server.

     1.) Primary name server - To act as the primary name server of
authority for a domain name.

     2.) Secondary name server - To act as one of a number of backup
secondary name servers that will respond if the primary is down.

     3.) Caching only name server - To answer name service queries for
any domain at all, and store the answer for a faster response.  The
caching only name server gets its answers from primary or secondary
name servers.


     Now that we know the 3 broad functions of a name server we can
take a look at the three broad uses that name servers can be put to.
These are of course related to the 3 functions, but it is enlightening
to take a look at the matter from the point of view of who is hitting
on the server, rather than what it can do.

     Remember that any one machine can act as primary for some
domains, secondary for others, and cache for every one else.

     All this name service can really load a machine down, so its
important to know where all the requests are coming from, and perhaps
divide up your name servers to handle each load separately.


     The first broad use of a name server is as a 'primary/secondary
name server', its job is simply to serve primary and secondary names
for the domains that it is hosting.  *ANYONE* anywhere in the world
who wants to know the IP number for will be hitting on
its primary server or one of its secondaries for the IP.
     Say a server is the primary server for 250 domains and secondary
server for 200 more domains.  That server is going to be receiving
hits all day long, 24 hours a day, from people everywhere on the
planet, trying to find the IP numbers of those domains.

     There are two things that mitigate this load.

     The first is that the primary and secondary servers share the
load.  When someone wants the IP of they are presented
with one primary and 3 secondary servers, and they pick the one they
query at random.  So if the primary server has 3 secondaries, it
really only gets to see 1/4 of the total hits meant for it.

     But if that same server is also secondary for other domains, it
will also be seeing the hits from those secondaries.  So basically the
server is going to see a full load of hits even if only 1/4 of those
hits are its own.  The other 3/4's are hits coming from domains it is
secondary for!
     If you have ever taken a look at the logs going by on a name
server, you will see that busy ones are being hit upon just
relentlessly.  For this reason it is important to have those domains
hosted on a strong and powerful server, with multiple redundant
hardware and tape for backups, in case something goes wrong.

     The second thing mitigating the load, is that remote name servers
around the world will cache the answers they get from the
primary/secondary name servers, so futher hits on the domain FROM
THOSE SAME AREAS will be answered locally rather than come to the
primary/secondary name server again.

     The second broad use of a name server is as a 'local user name
server', its job is to find and answer DNS queries from the local users of
the ISP who want to surf the web.
     For example lightlink may have 130 users on line at any time, and
they all have two name servers set in their Win95 or Mac, setup box.
     Everytime they want to go to a remote site, their Win95 queries
one of those name servers, usually, and that name server
has to go out and get the answer and give it to the user.  It also
caches the answer for the next user that wants to go to the same site.
     There are distinct differences between a local user name server
and the primary/secondary name server mentioned in 1.) above.  The
primary/secondary name server is being hit upon by millions of
different people from all over the world for the same 200 or so
domains.  It doesn't need to have a lot of memory but it has to have a
lot of bandwidth and CPU power to handle all those requests.

     There is no queuing of requests, if 10,000 people all want to
know the IP of at the same time, that name server had
better be able to deal with 10,000 requests at the same time or its
going to die.

     The local user name server is only being hit upon by say 130
users at a time but they are requesting data for every possible domain
in existence, so it has to have a HUGE cache.  It doesn't get a lot of
hits, so its CPU and bandwidth needs are minimal, but it has to have
fast and expansive memory.

     The primary/secondary name server is only answering queries for
its own primary and secondary domains so actually it doesn't need a
cache at all.  It already knows the data for its own domains, and no
one should be hitting on it for domains that it is not primary or
secondary for.  It's a good idea to actually turn the cache off.

     The local user name server shouldn't have any primary or
secondary domains at all in its data base, and it should ONLY answer
queries for domains that exist out in the real world, and so it needs
a huge cache to keep all that data.

     It is probably not a good idea to put both kinds of name servers
on the same machine.  The relentless hitting that comes from a planet
querying your machine for 200 domains, does not go well with the
memory needs of a huge cache created when your your local users query
3,000,000 different sites they want to see.
     It's two different jobs and should be handled by two different


     The third broad use of a name server is as a 'local program name
server', its job is to provide name service to local programs like
mail and web servers.

     For example every time you want to send a piece of mail to, the mail program has to look up the IP number for before it can send the mail.

     This is similar to the local user name server above, only its
being hit upon by a single program rather than a bunch of users, and
it needs to have a huge cache of answers to keep the mail busily
flowing on.

     Another big program user of name service is the web server.  This
isn't quite as obvious, but every time a hit comes into the server
from a remote site, for example someone trying to look at your home
page, the server gets the IP number of the requesting site.
     That's how it knows where to send the response back to and who is
making the reponse.  This IP number shows up in your web hit logs, and
that's how you know where hits are coming from.

     But people *HATE* IP numbers, and they want their web hit logs to
show english language domains names instead, so the web server has to
constantlly query a name server to translate those incoming IP's to
domain names.  If the web server is being hit relentless, then the
name server is also being hit relentlessly with every hit.

     Thus, just as with mail, it is very important for a web server to
have its own dedicated local program name server to service those
     A very busy mail or web server can generate more name service
queries than primary/secondary or local user name servers combined.
For this reason it is very important to have separate *DEDICATED* name
server daemons running on both the mail server and the web server
whose sole purpose is to service the requests being generated by those
two programs.

     Since a program name server is dependent on its cache, its
important for the web and mail servers to have LOTS of memory and CPU
     You certainly wouldn't want the name server that is servicing
your web server say, to ALSO be your primary/secondary server, because
the relentless number of hits coming in from the outside world is
going to slow your web server down tremendously, and that's going to
be very bad for business.


     To summarize, there are 3 broad uses for a name server.

     1.) Primary/secondary name service - to provide answers to
queries from people all over the world about domains that you are
hosting and for which you are a primary or secondary name server.
This server needs a powerful CPU and good bandwidth.

     2.) Local user name service - to provide your local users with
answers to queries for their surfing needs.  This server needs a huge
memory cache but doesn't need a terribly fast CPU, nor a lot of

     3.) Local program name service - to provide local programs like
mail and web servers with name service.  This server needs a huge
memory cache too and also a powerful CPU which has to do double duty
in running the mail or web server AND the name server at the same
time.  But doesn't need any bandwidth at all because usually its on
the same machine as the local program server that it is servicing.