All language subtitles for 1. DNS Explained Part 1

af Afrikaans
ak Akan
sq Albanian
am Amharic
ar Arabic
hy Armenian
az Azerbaijani
eu Basque
be Belarusian
bem Bemba
bn Bengali
bh Bihari
bs Bosnian
br Breton
bg Bulgarian
km Cambodian
ca Catalan
chr Cherokee
ny Chichewa
zh-CN Chinese (Simplified)
zh-TW Chinese (Traditional)
co Corsican
hr Croatian
cs Czech
da Danish
nl Dutch
en English
eo Esperanto
et Estonian
ee Ewe
fo Faroese
tl Filipino
fi Finnish
fr French
fy Frisian
gaa Ga
gl Galician
ka Georgian
de German
el Greek
gn Guarani
gu Gujarati
ht Haitian Creole
ha Hausa
haw Hawaiian
iw Hebrew
hi Hindi
hu Hungarian
is Icelandic
ig Igbo
id Indonesian
ia Interlingua
ga Irish
it Italian
ja Japanese
jw Javanese
kn Kannada
kk Kazakh
rw Kinyarwanda
rn Kirundi
kg Kongo
ko Korean
kri Krio (Sierra Leone)
ku Kurdish
ckb Kurdish (SoranĂ®)
ky Kyrgyz
lo Laothian
la Latin
lv Latvian
ln Lingala
lt Lithuanian
loz Lozi
lg Luganda
ach Luo
mk Macedonian
mg Malagasy
ms Malay
ml Malayalam
mt Maltese
mi Maori
mr Marathi
mfe Mauritian Creole
mo Moldavian
mn Mongolian
sr-ME Montenegrin
ne Nepali
pcm Nigerian Pidgin
nso Northern Sotho
no Norwegian
nn Norwegian (Nynorsk)
oc Occitan
or Oriya
om Oromo
ps Pashto
fa Persian
pl Polish
pt-BR Portuguese (Brazil)
pt-PT Portuguese (Portugal)
pa Punjabi
qu Quechua
ro Romanian
rm Romansh
nyn Runyakitara
ru Russian
gd Scots Gaelic
sr Serbian
sh Serbo-Croatian
st Sesotho
tn Setswana
crs Seychellois Creole
sn Shona
sd Sindhi
si Sinhalese
sk Slovak
sl Slovenian
so Somali
es Spanish
es-419 Spanish (Latin American)
su Sundanese
sw Swahili
sv Swedish
tg Tajik
ta Tamil
tt Tatar
te Telugu
th Thai
ti Tigrinya
to Tonga
lua Tshiluba
tum Tumbuka
tr Turkish
tk Turkmen
tw Twi
ug Uighur
uk Ukrainian
ur Urdu
uz Uzbek
vi Vietnamese
cy Welsh
wo Wolof
xh Xhosa
yi Yiddish
yo Yoruba
zu Zulu
Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,180 --> 00:00:02,780 What is DNS or domain name system. 2 00:00:02,880 --> 00:00:09,390 In this video I'm going to explain it in a lot of detail but before we get there Alexa N.S. look up 3 00:00:09,420 --> 00:00:10,620 Amazon.com. 4 00:00:10,610 --> 00:00:18,190 The DNS lookout for Amazon dot com is 176 dot 32 dot 103 dot 205. 5 00:00:18,270 --> 00:00:21,450 That is an example of what a DNS does. 6 00:00:21,450 --> 00:00:28,350 It's essentially resolving a name typically a domain name to an IP address. 7 00:00:40,510 --> 00:00:52,290 N S look up a Google dot com DNS look up for Google dot com is 172 dot 217 dot 164 dot 142. 8 00:00:52,420 --> 00:00:56,920 We as humans don't communicate easily using IP addresses. 9 00:00:56,920 --> 00:00:58,670 We use domain names. 10 00:00:58,870 --> 00:01:04,840 So if I told you to go to Google's IP address you probably don't even remember what the IP address was 11 00:01:05,080 --> 00:01:13,390 but you'll remember what Google dot com is so DNS essentially resolves a human readable name such as 12 00:01:13,390 --> 00:01:18,330 Google dot com or Amazon.com to a machine readable IP address. 13 00:01:18,340 --> 00:01:25,480 Machines don't use names they use IP addresses in IP version 4 we use dotted decimal notation IP addresses 14 00:01:25,480 --> 00:01:33,710 such as 1 9 2 1 6 8 wandered 1 IP 6 uses IP addresses such as 2001 colon colon 1 2 3. 15 00:01:33,730 --> 00:01:37,040 There are many IP addresses out there and many Web sites. 16 00:01:37,120 --> 00:01:44,620 It's much easier to remember a domain name once again like Facebook dot com or Amazon.com rather than 17 00:01:44,620 --> 00:01:46,900 the IP address of a server. 18 00:01:46,990 --> 00:01:53,380 And to further complicate it like in my example depending where you're on the world a domain name may 19 00:01:53,380 --> 00:01:56,600 resolve to a different IP address for load balancing. 20 00:01:56,710 --> 00:02:04,060 So if I'm in the UK and I ping Google dot com I may get a different result to you if you in the US or 21 00:02:04,060 --> 00:02:06,370 in Singapore or somewhere else in the world. 22 00:02:06,430 --> 00:02:13,090 It's much easier to remember the domain name than it is to remember an IP address but machines use IP 23 00:02:13,090 --> 00:02:18,620 addresses and traffic is routed across the Internet using IP addresses not names. 24 00:02:18,640 --> 00:02:25,390 DNS is a fundamental building block in networks today without a DNS internet wouldn't really work very 25 00:02:25,390 --> 00:02:29,380 well because very few of us are going to remember IP addresses. 26 00:02:29,380 --> 00:02:37,090 Now as an analogy DNS is like a telephone book taking a name converting it to a telephone number. 27 00:02:37,090 --> 00:02:43,540 But in this case taking a domain name and converting it to an IP address in the bad old days I'd have 28 00:02:43,540 --> 00:02:49,740 to look up someone's number in a book and then I'd have to manually dial their telephone number. 29 00:02:49,900 --> 00:02:55,810 But I don't think any of us do that these days on a phone like an iPhone today we're not going to manually 30 00:02:55,840 --> 00:03:02,230 type a number like this and then dial it we're going to go to our contacts and search for a contact 31 00:03:02,650 --> 00:03:05,920 and then just press on the contact to call the person. 32 00:03:05,920 --> 00:03:09,370 I mean a lot of us probably don't even know our own telephone numbers these days. 33 00:03:09,370 --> 00:03:14,080 We don't know the telephone numbers of other people because we simply look them up in a directory on 34 00:03:14,080 --> 00:03:14,800 our phone. 35 00:03:14,830 --> 00:03:16,610 Now this is a local directory. 36 00:03:16,720 --> 00:03:22,460 We can do something very similar on a P.C. by using what's called a hosts file. 37 00:03:22,570 --> 00:03:26,380 That is the most basic version of so-called DNS. 38 00:03:26,380 --> 00:03:32,560 No it's not DNS but it's a local lookup so you could create your own version of DNS locally on your 39 00:03:32,560 --> 00:03:35,750 P.C. by editing the hosts file. 40 00:03:35,800 --> 00:03:41,470 Taking that a step further companies may have a local DNS server that resolves and names within the 41 00:03:41,470 --> 00:03:48,790 organization but on the public Internet we have distributed DNS systems that allow us to resolve names 42 00:03:48,790 --> 00:03:51,660 such as Google Facebook etc.. 43 00:03:51,870 --> 00:03:56,920 Now it's all very good and while talking about DNS but I want to show you practically how it works I'm 44 00:03:56,920 --> 00:04:03,660 going to show you why shock captures I'm going to show you how to setup a DNS server on a Cisco rider. 45 00:04:03,730 --> 00:04:06,380 How to set it up on a country server. 46 00:04:06,430 --> 00:04:11,310 I'll show you basically how you can manipulate a DNS to do anything that you want. 47 00:04:11,380 --> 00:04:14,250 You need to be careful that you use trusted DNS servers. 48 00:04:14,260 --> 00:04:17,050 Don't just trust any DNS server out there. 49 00:04:17,050 --> 00:04:24,520 DNS can be intercepted and you can manipulate the DNS servers used by pieces to get them to go to the 50 00:04:24,520 --> 00:04:26,170 incorrect domain. 51 00:04:26,170 --> 00:04:31,810 Fortunately today a lot of browsers like Chrome have a whole list of certificates preloaded on them 52 00:04:32,140 --> 00:04:38,860 so you'll get a warning if you end up going to an incorrect domain such as Microsoft dot com or Cisco 53 00:04:38,860 --> 00:04:40,420 dot com. 54 00:04:40,470 --> 00:04:45,650 Okay so in this topology I've got a Windows 10 computer it's connected to a Cisco switch which in turn 55 00:04:45,650 --> 00:04:49,920 is connected to a Cisco rather which connects us to the Internet. 56 00:04:49,940 --> 00:04:52,430 This topology is running in Genesis 3. 57 00:04:52,520 --> 00:04:58,850 I'm hosting this entire topology on my computer so forgive me if the fan goes a bit crazy. 58 00:04:58,940 --> 00:05:01,820 It's all running locally on my Mac. 59 00:05:01,820 --> 00:05:06,960 I also have an a bunch too P.C. which will configure as a DNS server. 60 00:05:06,980 --> 00:05:09,920 Okay firstly let's have a look at the Windows computer. 61 00:05:10,010 --> 00:05:11,060 Here's my windows. 62 00:05:11,070 --> 00:05:14,480 P.S. I'll open up a seam deep prompt. 63 00:05:14,480 --> 00:05:16,120 Make this a bit bigger. 64 00:05:16,300 --> 00:05:24,590 IP config shows me that this is the IP address of the P.C. IP version 4 default gateways 10 1 1 2 5 65 00:05:24,590 --> 00:05:31,240 4 and I should at this point be able to paying my default gateway which I can default gateway. 66 00:05:31,240 --> 00:05:36,540 Is this Cisco with IP address once again 10 1 1 2 5 4. 67 00:05:36,590 --> 00:05:43,500 The switch is a lever to switch it's not really doing anything except giving connectivity in the network. 68 00:05:43,500 --> 00:05:54,300 So back on the P.C. IP config slash all shows us that the CPC has to DNS servers configured 8 8 8 8 69 00:05:54,320 --> 00:05:56,710 8 and wandered wandered wandered 1. 70 00:05:56,780 --> 00:06:04,760 In other words Google and CloudFlare are the two DNS servers configured on the P.C. so I'll start a 71 00:06:04,760 --> 00:06:11,080 wire shock capture between the P.C. and the switch so that we can see what's actually going on. 72 00:06:11,420 --> 00:06:17,510 Windows sends a lot of traffic into the network so as you can see here a bunch of traffic is being sent 73 00:06:17,570 --> 00:06:21,260 by that Windows computer out into the network. 74 00:06:21,260 --> 00:06:29,950 But I'm going to filter for DNS and then back on the P.C. what I'll do is ping a domain such as David 75 00:06:29,950 --> 00:06:31,460 Bumble dot com. 76 00:06:31,690 --> 00:06:39,170 And notice we get a reply from this IP address 2 1 7 160 0 sixty nine. 77 00:06:39,190 --> 00:06:47,140 Now the CBO spiking on my P.C. here the throughput through a Cisco switch and a Cisco broad are running 78 00:06:47,140 --> 00:06:54,460 in June 3 may be a bit slow but the point is is that I am getting replies back to that domain and if 79 00:06:54,460 --> 00:07:02,170 we have a look at the Y shock capture what you'll notice is we can see that this IP address 10 1 1 1 80 00:07:02,230 --> 00:07:10,510 cent a DNS request 2 8 8 8 8 8 for domain David Bumble dot com. 81 00:07:10,510 --> 00:07:18,460 So just to confirm on the P.C. once again IP config shows us that this is the IP address of the P.C. 82 00:07:19,500 --> 00:07:28,420 the P.C. send a request to the DNS server notice the query is for David Bumble dot com. 83 00:07:28,430 --> 00:07:37,790 It's a record a record is a domain name in IP version 4 could triple A is a domain name in IP version 84 00:07:37,790 --> 00:07:38,560 6. 85 00:07:38,660 --> 00:07:48,960 So the P.C. is asking the DNS server what the IP address is of the domain name now going back a step 86 00:07:49,380 --> 00:07:57,010 at a layer 2 in the OS model or TTP IP model if you prefer we have Ethernet to. 87 00:07:57,100 --> 00:08:02,850 That's because this network is using ethernet so it's an ethernet connection from the windows P.C. to 88 00:08:02,850 --> 00:08:09,930 the Ethernet switch the source mac addresses the P.C. destination MAC address is the broader basically 89 00:08:09,930 --> 00:08:15,060 the traffic is being switched from the P.C. to the broader because that's how it gets onto the Internet. 90 00:08:15,330 --> 00:08:21,510 So at least to source MAC address will be the P.C. destination MAC address will be the broader but at 91 00:08:21,510 --> 00:08:29,100 least three IP version 4 source IP addresses the P.C. destination IP address is Google. 92 00:08:29,110 --> 00:08:34,000 Now you may notice that this is a RF C 1918 address. 93 00:08:34,000 --> 00:08:36,790 In other words it's a private IP address it's non-refundable. 94 00:08:36,790 --> 00:08:43,040 On the internet but the router is implementing network address translation or Nat. 95 00:08:43,120 --> 00:08:48,400 This is very typical of what your right at home will be doing. 96 00:08:48,400 --> 00:08:51,100 So notice it's enacting this IP address. 97 00:08:51,160 --> 00:08:58,150 Now it is narrowing it to a another ROIC 1918 address but that's because this road is connected to a 98 00:08:58,150 --> 00:09:01,600 cloud which is actually bridging my P.C. physically. 99 00:09:01,600 --> 00:09:08,110 So this P.C. here onto my physical home network and I have an Internet router that runs this onto the 100 00:09:08,110 --> 00:09:08,860 Internet. 101 00:09:08,950 --> 00:09:11,530 So it's actually being nutted multiple times. 102 00:09:11,530 --> 00:09:19,030 But what's important to point out here is notice the protocol at least for each UDP or user data grand 103 00:09:19,060 --> 00:09:23,550 protocol source port number use this 5 2 7 4 9. 104 00:09:23,560 --> 00:09:26,980 That is what's called any femoral or random port number. 105 00:09:27,160 --> 00:09:32,160 Destination Port numbers 53 which is the well-known port number for DNS. 106 00:09:32,350 --> 00:09:38,830 When a server is configured to host multiple services it's got to serve a purpose. 107 00:09:38,830 --> 00:09:44,840 So it's a server that's acting as let's say a file server when you connect to that server it's going 108 00:09:44,840 --> 00:09:45,880 to give you a file. 109 00:09:46,000 --> 00:09:51,260 But when you connect to it using DNS it's listening on Port 53. 110 00:09:51,430 --> 00:09:57,310 If it's being configured as a DNS server so you send traffic to port 53 the server is listening on Port 111 00:09:57,310 --> 00:10:04,750 53 to running an application like which I'll show you in a moment DNS mosque which is a DNS server application 112 00:10:04,990 --> 00:10:10,300 and then it responds back to that to request on the port number that you chose. 113 00:10:10,300 --> 00:10:15,330 So if you connect to a DNS server like this piece is doing you will use a random port number or ephemeral 114 00:10:15,340 --> 00:10:20,830 port number going to a well-known port number and then it'll reply back from that well-known port number 115 00:10:21,700 --> 00:10:29,530 and we can see that here Google is replying from a source port number 53 going to the port number that 116 00:10:29,530 --> 00:10:33,420 the P.C. chose the Windows 10 piece he chose this port number. 117 00:10:33,430 --> 00:10:41,790 The Google DNS server replies back to that port number so again it's UDP destination port number as 118 00:10:41,790 --> 00:10:43,620 a source port number as this. 119 00:10:43,620 --> 00:10:47,370 Digging deeper into the DNS information we can see. 120 00:10:47,370 --> 00:10:48,440 Domain Name System. 121 00:10:48,450 --> 00:10:49,680 It's a query. 122 00:10:49,680 --> 00:10:53,060 It's a standard query for a name. 123 00:10:53,070 --> 00:10:57,690 We're trying to resolve a name the name that we resolving. 124 00:10:57,690 --> 00:11:05,300 Is David Bumble dot com and the DNS server replies back saying this is the answer. 125 00:11:05,370 --> 00:11:12,290 This domain name has this IP address 2 1 7 160 0 69. 126 00:11:12,300 --> 00:11:17,120 So back on our windows P.S. That is the IP address that we see. 127 00:11:17,850 --> 00:11:22,820 So I could copy that IP address go to a web browser. 128 00:11:23,100 --> 00:11:29,160 If I type the domain name it's going to browse to that server. 129 00:11:29,440 --> 00:11:33,250 So I'm able to connect to the domain using the domain name. 130 00:11:33,600 --> 00:11:40,780 And this depends on the server I should be able to connect to the IP address of the server. 131 00:11:40,890 --> 00:11:43,380 In this example I'm getting a form for error. 132 00:11:43,380 --> 00:11:48,060 Now some servers will not allow you to connect directly on the IP address. 133 00:11:48,060 --> 00:11:55,180 That's typically because multiple domains are hosted on a single IP address Okay I'll stop the Y shock 134 00:11:55,240 --> 00:12:02,350 capture and what I want to show you once again is that DNS is essentially just a resolution of name 135 00:12:02,350 --> 00:12:08,540 to IP address and you can do that directly on your Windows computer. 136 00:12:08,670 --> 00:12:11,760 So in windows I'll open up notepad. 137 00:12:11,760 --> 00:12:13,520 I'll run this as an administrator 138 00:12:17,510 --> 00:12:28,060 before I open a file if I pinged brought a 1 notice we told that that domain name is not found the same 139 00:12:28,060 --> 00:12:31,780 with right of one whom dot com the ping request times out. 140 00:12:31,780 --> 00:12:41,820 I can't ping that domain name but what I could do is open a file and what I'm going to do is go to see 141 00:12:41,820 --> 00:12:49,620 Windows system 32 driver's Etsy and I'm going to open the hosts file. 142 00:12:49,620 --> 00:12:53,490 This is a file on the local Windows computer. 143 00:12:53,670 --> 00:13:02,440 Just zoom in there to make it easier to read and I can edit this so I could say 10 1 1 2 5 4 is right 144 00:13:02,460 --> 00:13:09,790 1 and 10 1 1 1 2 5 4 was write a one whom dot com and save that file. 145 00:13:09,790 --> 00:13:14,860 So I'm editing a local file that maps whose names to IP addresses. 146 00:13:14,860 --> 00:13:23,500 So now when I ping wrote a one notice that works when I ping write a one dot home dot com that also 147 00:13:23,500 --> 00:13:24,350 works. 148 00:13:24,350 --> 00:13:33,190 But if I ping wrote it to that fails because it's not in the hosts file and Google is not replying back 149 00:13:33,190 --> 00:13:34,850 with that information. 150 00:13:34,930 --> 00:13:47,550 So if I said or two like this and save that file now ping or two that resolves name got resolved to 151 00:13:47,550 --> 00:13:48,330 an IP address. 152 00:13:48,330 --> 00:13:55,380 Now in this example the networks a bit unstable sort of pings a timing out they had succeeded. 153 00:13:55,380 --> 00:13:59,500 But the important part is the domain name got resolved. 154 00:13:59,580 --> 00:14:03,150 That name got resolved to an IP address. 155 00:14:03,180 --> 00:14:09,780 If I remove these entries from the hosts file and save it 156 00:14:14,490 --> 00:14:15,870 I'll clear the screen there. 157 00:14:16,080 --> 00:14:28,250 When I ping are one now that's going to timeout because I don't have an entry for that domain name. 158 00:14:28,260 --> 00:14:31,630 That's essentially what a DNS server does. 159 00:14:31,770 --> 00:14:36,360 It takes a domain name and maps it to an IP address. 17363

Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.