1

I am unsure what the following sentence in bold means

If you are using only the hostname (without the domain information) to connect to a server, the application you're using may not be able to resolve the hostname. This can happen if either the DNS suffix search order in your computer's TCP/IP properties is incorrect, or the DNS table is corrupted. In these cases, entering the host's FQDN will allow DNS to locate the server. --

I know that FQDN means the following in www.mySite.com

  1. www is the 1st domain
  2. mySite is the 2nd level domain
  3. com is the 3rd level domain

I know that DNS stands for Domain Name server. It seems that DNS is the collection of FQDN.

What does the sentence in bold mean exactly?

chaos
  • 7,483
  • 4
  • 34
  • 49
Léo Léopold Hertz 준영
  • 809
  • 6
  • 22
  • 43

5 Answers5

9

You're not quite right about FQDN.

  1. It stands for Fully Qualified Domain Name, i.e. the entire domain name, not a prefix.
  2. Your parsing of your domain name is backwards. com is the top-level domain, mySite is the second-level domain, and www is almost certainly not a domain at all, but a hostname within the domain mySite.com.

What the sentence means is that if the settings that allow a 'partial' domain to be completed (i.e. you enter www, it figures out you mean www.mySite.com) are screwed up, you can work around this by entering the full domain.

chaos
  • 7,483
  • 4
  • 34
  • 49
  • I am not completely sure about your last sentence. Do you speak about .htaccess -file which allows you to redirect a partial domain such as mySite.com to www.mySite.com? – Léo Léopold Hertz 준영 Jun 25 '09 at 01:18
  • Excellent answer. Also to flesh out why this can be a problem, in many unixes (maybe all?), having an entry in /etc/resolv.conf like "domain mysite.com" allows you to use "shortcuts" like "ping www", and the first thing the local computer tries to ping is www.mysite.com. – Matt Simmons Jun 25 '09 at 01:19
  • 1
    @Masi: No, I mean the sort of thing Matt Simmons is talking about, where you're considered to be "inside" some domain or domains, so when you try to interact with some DNS host, it looks for that host within the domain(s) you're within. – chaos Jun 25 '09 at 01:23
  • 1
    Eddie and Jason B Shrout's answers go into some good detail about the topic. – chaos Jun 25 '09 at 01:25
9

DNS means Domain Name System, not Domain Name server. Chaos is correct with this answer, but didn't mention this one item.

Most computers have a "domain search suffix" given to them by their DHCP server or statically configured (or by other means). Let's say you're using a computer at a college that has the domain mycollege.edu and the computer you're using has a domain search suffix of the following:

labs.mycollege.edu
mycollege.edu

This means that if you try to access the computer by name "mylaptop" that DNS will look for the following names:

mylaptop.labs.mycollege.edu
mylaptop.mycollege.edu

If the computer, however, is actually in DNS as mylaptop.chemdept.labs.mycollege.edu, then the default search lists will not help you locate the computer by providing just the short name. In that case you need to supply the FQDN (Fully Qualified Domain Name) -- the FULL name of the computer -- for a DNS lookup to succeed.

To see your domain search suffix list, on UNIX do the following:

cat /etc/resolv.conf

and look at the line that starts with "search". On Windows, in a command window, enter the following command:

ipconfig/all

and look for the part of the output listing "DNS Suffix Search List"

Eddie
  • 11,432
  • 8
  • 37
  • 48
  • @Eddie: I use OS/X. I do not have "search" in /etc/resolv.conf. I have only two sentences: nameserver 193.229...nameserver 193.229... in the file. – Léo Léopold Hertz 준영 Jun 25 '09 at 01:29
  • 2
    Most likely, that means you DO NOT have a search list. If you do not have a search list, then you must always provide the FULL domain name of a computer you want to reach. The nameserver lines show the IP addresses (NEVER NAMES!!!) of the DNS servers you will connect to to resolve names. – Eddie Jun 25 '09 at 02:24
3

A fully qualified DNS name is simply a name that must not have any further stuff added to it to aid in it's resolution, or as it says in the wikipedia article "A fully qualified domain name is distinguished by its unambiguity; it can only be interpreted one way."

For instance, pn. is a fully qualified domain name.

The trailing period is important.

The trailing period tells your computer's resolver "do not add my dns domain or any of the other domains in my resolver's search list to this name I'm looking up." I did a quick check and there are several TLDs that resolve to real IP addresses, tk. being one that also is running a web server on that IP address.

Your computer is configured with an IP address it sends all DNS requests to. It is also (optionally) configured with a "domain" and a "search list", for the purposes of DNS resolution, they both behave the same way; when your computer looks up an "unqualified" name it automatically appends these (in order) to the search.

let's say your computer has a dns server of 1.2.3.4 and a domain of example.com and in the search list you also have snoopy.org. If you attempt to look up the name "woodstock" your computer will assume you really mean to look up "woodstock.example.com" and append that in the request it sends to the DNS server (1.2.3.4). If 1.2.3.4 responds with a "no such name" sort of error, your computer will then ask it to resolve "woodstock.snoopy.org" and maybe it will get an answer. If you ask your computer to look up "woodstock." then your are telling your computer "please do not append anything onto my DNS request."

chris
  • 11,944
  • 6
  • 42
  • 51
  • @Chris: What do you mean with the last sentence? - - - If you get nothing to be appended onto your DNS request, this suggests me that you have nothing in your search list and you do not have a domain example.com in your computer. – Léo Léopold Hertz 준영 Jun 25 '09 at 13:55
  • The trailing . is important. Putting a trailing dot on the name causes your resolver to not add anything to the name in attempting to resolve the address. "www." will simply cause your resolver to ask the root nameservers for the address of the TLD www. If you ask for www, your local resolver will append whatever domains are in your search list, in the order they're specified in the config file (depends on the OS). – chris Jun 25 '09 at 14:04
1

A couple things that you could use some pointers on:

  1. FQDN is Fully Qualified Domain Name, or the WHOLE domain.
  2. www in most cases is an (A) record for that domain. (Zones CAN be created where A records can be used... for instance if i created zone1 in mysite.com and added a webserver it would most likely look like: www.zone1.mysite.com.
  3. mysite is the second leve domain and com is the top-level domain.

TCP/IP controllers can be setup to 'search' domains. You will most likley find this in organizations who have elimited their NetBios traffic and Wins servers all together and search a domain name suffixs to find hosts.

So if I automatically had my DNS settings in my TCP/IP controllers set correctly, with mysite.com as the primary suffix and configured to search that... than attepted to perform the resolution of www,

I would get two answers if the DNS server had this (A) record in its tables.

I would get the FQDN www.mysite.com and the IP address!

Jason B Shrout
  • 394
  • 2
  • 9
  • @Jason: What do you mean by "TCP/IP controllers can be setup to 'search' domains? -- Could you give an example how I can setup a TCP/IP controller to search domains? -- I would like to search domains which has DISALLOW in robots.txt. – Léo Léopold Hertz 준영 Jun 25 '09 at 01:25
  • The robots.txt file is really a seperate issue and does not involve DNS. a DISALLOW in the robots.txt file is performed on a web server and this prevents sites such as google.com from using their site crawlers to index webpages. If you have your own DNS server, such as microsoft or BIND - You will be able to perform search queries against it. It depends on your OS as to how to configure the controller to do so. – Jason B Shrout Jun 25 '09 at 01:35
  • In order to search domains on windows, Double click on the desired Local Area Network controller, Click 'Properties'. Select 'Internet Protocol (TCP/IP)' and click 'Properties'. Than click 'Advanced' and select the DNS tab. Now if you add an entry for the 'DNS suffix for this connection' such as mydomain.com and also above that have selected 'Append primary and connection specific DNS Suffixes' and Check 'Append parent suffixes of the primary DNS suffix' it will search your domain without specificying the whole FQDN. – Jason B Shrout Jun 25 '09 at 01:42
  • If you are using a linux flavor system, than all you need to is edit your resolve.conf file (which lists the IP of the DNS servers to use) and at the top of that add an entry such as 'search mydomain.com' it will automatically search your dns server without needing to specifiy the whole domain. – Jason B Shrout Jun 25 '09 at 01:43
1

A FQDn refers to a DNS name with everything required to unambiguously resolve it. There are alot of answers about resolv.conf (I'm suprised that host files haven't gotten a mention yet) which have nothing to do with an FQDN. An FQDN does not require anything but a dns lookup to resolve the proper IP address. Any other shortcuts, suffix lists, or a hostname look staff that types the Ip in for you have no bearing on what an FQDN is.

so: myserver - not an FQDN even if you can ping it and it resolves to myserver.mydomain.com www.mydomain.com- is an FQDN because it can be resolved all the way from the top level domain (com) down to the host name (www). Even if the server's hostname is myserver, www.mydomain.com could be set to resolve to myserver www.myserver.mydomain.com -is also an FQDN. an FQDN can (AND MUST) contain all the subdomains required to resolve from the top of the namespace to the individual host

Jim B
  • 24,081
  • 4
  • 36
  • 60