Dns concept. Video: Protecting Incoming Internet Traffic, Configuring Norton ConnectSafe

14.06.2019 Internet, Wi-Fi, local networks

What is DNS, how it works, and how to specify or change DNS servers for a domain - 3.5 out of 5 based on 2 votes

DNS - (Domain Names System) Domain Name System - is a network service on the servers of which domain names are mapped to the numerical values of their IP addresses.

Let's take a closer look at what DNS is, how it works and how it works

The Internet is an IP network and each computer on this network has a specific personal number, which is called an IP address. But since it is not convenient to use digital addressing, it was decided to use the alphabetic spelling of addresses. Therefore, when visiting any sites on the Internet, you enter not numbers, but letters. But the problem is that computers can only perceive digital information, that is, a sequence of ones and zeros, and absolutely cannot understand literal information.

That is why a special service was created on the Internet that translates the alphabetic spelling of addresses into numbers and this service is called DNS (Domain Name System).

DNS service is a huge database that contains information about the correspondence of a specific domain name to a specific IP address. Visually, it can be depicted as follows:

There is a huge number of domain names on the Internet, and every day there are more and more of them, so you can imagine how huge the database of this service is. It is not reasonable and practically impossible to store such a large amount of information on one server.

But since the Internet consists of subnets, it was decided to split this database and place a certain size of it in each of the subnets. It contains the correspondence of IP addresses to domain names only for computers included in this subnet.

What is NS server

The server that contains all the information about the correspondence of domain names in a particular subnet is called the NS server, stands for Name Server or name server. Let's look at an example of converting a domain name to an IP address based on a simplified network.

As you can see, this network has a computer with the alfa domain with an IP address of 192.55.11.25 and a computer with beta domains with an IP address of 192.55.11.26, and the DNS server itself, which also has a corresponding IP address. Now suppose the situation that the beta computer needs to contact the alfa computer, but it does not know its IP address only the domain name. However, he knows the IP address of the DNS server to which he is referring to find out the IP address of the alfa server. The NS server searches its database and finds the IP address that corresponds to the domain name alfa and transfers it to the beta computer. The beta computer, having received an IP address, uses it to contact the beta computer.

As you know, all domain names have their own hierarchical structure and are divided into .ru domain zones. com and others. For more details, see the material. So, each domain zone has its own NS server containing information about the IP addresses of those domains that are included in a specific domain zone. Thus, this huge database is divided into smaller ones.

DNS setup

How can I change and specify the DNS server for the domain.

In order for your site to load when you enter the address of your site into the address bar of the browser, you need to associate the domain name of the site with the hosting. To do this, we must inform the DNS service to which NS server we need to contact, so that it, in turn, looks in its database and tells which server (hosting) to contact the browser.

The DNS server record looks like this:

ns1.vashhosting.ru
ns2.vashhosting.ru

You can find these addresses:

in the letter that the hosting provider sends you immediately after ordering the hosting;
in the hosting control panel, for example, in the domains section;
by contacting the hosting support service.

Now about where you need to specify them. These DNS server addresses must be specified to the domain that you are going to use as the address of your site. Therefore, go to the site of the domain name registrar where you registered your domain. In domain management, look for DNS servers or DNS server management / Delegation, the name may differ depending on the registrar. For example, at the domain name registrar that I use to register my domains, go to the "My domains" section >> mark the desired domain and select "Change DNS servers" from the drop-down list.

After entering this section, a form will open in the fields of which you must enter the appropriate DNS servers. To do this, in my case, you need to uncheck the box "Use registrar names" and then specify ns1.vashhosting.ru in the DNS1 field, and ns2.vashhosting.ru in the DNS2 field. IP addresses can be omitted, therefore some hosting providers do not issue them. After filling in the fields, click the "Change" button.

After that, you need to wait a while until the DNS servers are mapped. This can take from several hours to a whole day. Therefore, as soon as you specify them, your site will not load.

How to specify your DNS servers for a domain

Sometimes you need to specify your DNS servers, i.e. DNS servers that are located in the same domain. Almost everyone has their own DNS server service. In this case, for example, for this site, ns1..site is specified as the DNS server.

In this case, the following points must be taken into account:

1. If you specify your DNS servers for a domain located in RU, SU, RF zones, then it is imperative to indicate its IP address for each DNS server. Moreover, each specified IP address must differ by at least one digit; it is not permissible to indicate the same IP address.

2. If the DNS servers that you specify for your domain name are located in another domain, for example, if you specify DNS servers like 1ns.vash-sait.ru or 2ns.vash-sait.ru for the domain, then you do not need to specify the IP addresses ...

3. If you specify your DNS servers for an international domain, then these DNS servers must be registered in advance in the international NSI Registry. It is not possible to indicate them without registration in this database. When registering with the NSI Registry, you will need to enter the IP addresses for each DNS server. Therefore, when specifying DNS servers for a domain, there is no need to specify IP addresses.

Attaching the IP address to the domain

To attach an IP address to a domain, you need to go to the DNS records setup. How to do this will depend on your hosting control panel. For example, in ISPmanager you need to go to the "Domain names" section, then double-click on the required domain name and specify or edit the following three records (to create a record, click on the "New" icon, to change, click on the required record):

For the first entry in the "Name" field, specify www, in the "Type" drop-down list, select A (Internet v4 address), and in the "Address" field, specify the required IP address.

For the second entry in the "Name" field, specify @ (dog), in the "Type" drop-down list, select A (Internet v4 address), and in the "Address" field, specify the required IP address.

For the third entry in the "Name" field, specify * (asterisk), in the "Type" drop-down list, select A (Internet v4 address), and in the "Address" field, specify the required IP address.

Video: How DNS Works

Material prepared by the project:

The Internet is a collection of local computer networks that are located in all countries of the world. As a rule, such communication lines contact each other, observing uniform rules called protocols. Such conditions are accepted by all parties on a voluntary basis, because there is not yet a single government regulation that would force them to be used.

What is DNS?

DNS is one of the most important sets of rules. The name stands for "Domain Name System". DNS should be thought of as containing information about network devices: IP address, information for routing mail messages, machine name.

The very first domain system for BSD-Unix appeared 30 years ago. Berkley Internet continues to be a part of most Unix systems to this day.

DNS server - what is it?

Any computer on the Internet has the status of a client. It can also play the role of a server in parallel.

When there is a need to speed up the name resolution process, a DNS server comes to the rescue. What is it, you ask?

A DNS server is a computer that translates symbolic names to IP addresses and vice versa.

If the computer is a client, the network programs use the gethostbyaddr function to determine the name of the machine from its network contact information. The gethostbyname option allows you to find out the IP address of the device.

If the device is used as a DNS server, then this indicates the registration of at least one domain on the machine.

The DNS server responds to requests from the domains bound to it and forwards them, if necessary, to other computers from the foreign zone.

DNS addresses on the Internet

Proceeding from the fact that DNS is every computer needs to be identified in it. That is why network devices are assigned their own unique names, which consist of letters separated by dots.

That is, a DNS address is a unique combination of the real computer name and domain contact information.

Basic Domain Name System Concepts

The structure of the DNS is in the form of a tree-like hierarchy, consisting of nodes and other elements, which you will now learn about.

The root zone is located at the top. It can be configured on various mirrors that contain server data and are responsible for the DNS domain. This happens on computers located all over the world.

Numerous root zone servers handle any request, even non-recursive ones. We have already repeated this mysterious word more than once, which means that the time has come to explain what its essence is.

A zone can be called absolutely any part of the tree-like domain name system. This is a solid and indivisible sector on the map. Allocation of several branches into one zone allows you to delegate responsibility for a given part of the tree to another organization or person.

Each realm necessarily contains a component such as a DNS service. This allows you to store the data you have to be responsible for locally.

As for the domain, this is just a branch of the DNS tree structure, a private node that has more than one device under its authority.

There are a huge number of domains on the Internet, and all of them, except for the root one, are subject to superior elements.

DNS servers

Secondary DNS Server is one of the main computers. It copies all files stored on the primary server. Its main difference is that the data comes from the main server, and not from the zone configuration files. The secondary DNS server can share information with other computers of the same level. Any request for the hosts of the authoritative server will be forwarded either to it or to the master.

The number of secondary servers is not limited. There can be as many of them as you like. Notifications about changes or expansion of the zone are received regularly, but here it all depends on the settings set by the administrator.

Zone transfer is most often carried out by copying. There are two mechanisms for duplicating information: full and incremental.

DNS caching server

DNS Unlocker - what is this program?

This is an add-on module that is often included when installing freeware programs. It is extremely detrimental to the performance and efficiency of a personal computer.

This is a program that can destroy the system or render it inactive. This is a virus that spreads with lightning speed all over the world. After the first intrusion into the system, DNS Unlocker begins to operate in a way that is invisible to users. The module gradually installs on the computer malicious and dangerous codes that lead to the emergence of system threats. In addition, the virus module automatically disables the antivirus, so that nothing could protect important files and documents that the program is slowly approaching.

How to determine if your computer is infected with malware

What are the signs that your PC is infected with DNS Unlocker? You already know what this program is. Let's start examining the signals that indicate that your data is at risk.

The emergence of unknown windows. If you start to see pop-up ads while using your computer, take the issue seriously. This is one of the signs that a virus module has infected your system.
Decline in PC performance. Recently, your PC has started to perform very slowly standard actions that used to take seconds? Check the performance of the machine. If this indicator has dropped rapidly, then it's time to check the system and remove DNS Unlocker.
Emergency operation of the system. If recently your computer has started to freeze very often, this may also indicate the presence of a virus module.
Redirect to another web page. DNS Unlocker is a virus module that can change browser settings. This manifests itself in redirecting to other resources. The look of the home page and the default search engine may also change.
New icons. Unknown shortcuts may appear on your desktop containing links to malicious and dangerous websites.
Hardware disputes. This case is characterized by the shutdown of the printer and other devices without your direct intervention. You can choose some settings, and the computer will react to your commands in a completely different way, or not at all. This situation may also indicate a system infection.
Missing important files. While working with applications, your system may report a critical error - missing important data. It is likely that the virus module works. Having penetrated into the system, he is able to get into its settings and delete important files, without which the correct operation of applications becomes impossible.

Dangerous effects of DNS Unlocker on the Windows operating system

A malicious add-on can change your browser settings. We are talking about the default search engine, home page, all kinds of redirects to dangerous third-party resources.
When you open your browser, you will see an unfamiliar web page instead of recent tabs.
Various pop-ups and will interfere with the workflow. And clicking on links from them is an additional threat to your computer.
The My Computer shortcut is replaced with a different icon with a link to an extraneous malicious resource.
Once infiltrated, the virus makes it vulnerable by placing bogus system utilities and toolbars.
The search engine of the browser begins to give inaccurate results, and this will greatly harm, especially when it comes to finding official information.
DNS Unlocker changes the default OS settings and also disables the task manager.
Applications start to work very slowly and only periodically respond to user requests.
Like most viruses, DNS Unlocker will get to your confidential data: name, passwords. Also, the program will open all your photos and personal files.
Some users claim that a malicious module is capable of blocking access to the desktop and demanding a payment to open it.
It is quite logical that DNS Unlocker blocks antiviruses, because it wants to remain unnoticed for as long as possible and distribute dangerous code.

Therefore, it is very important to identify the malicious module and remove it as early as possible. Only such a drastic measure will save your computer from losing important data.

The main function of the DNS server (Domain Name System) is the translation of domain names into IP, as well as translation from IP addresses to domain names. In general, the entire world wide web is a network of IP, where all PCs have a specific personal number - an identifier called IP - "IP".

However, it has historically developed that addresses from letter designations are used, for example, https: // site /. And the main difficulty is that computers are only capable of processing numbers. This reason was a consequence of the introduction in the global network of a special service that translates addresses with letter designation into numbers, which was given the name "DNS server".

What are DNS servers for?

In fact, DNS servers have a large amount of information to map specific domain names to specific IPs.

It happens that the DNS server does not work, that is, the server does not respond to requests. At the same time, absolutely all the elements of the network and the computer with the user's modem are in perfect working order, as well as the user disciplined and responsibly monitors his account balance, that is, “paid” for the Internet.

In this case, it can be very offensive that due to some "minor" failures of the network settings, the computer was left without the possibility of free surfing in the global information space. Below are detailed instructions on how to quickly resolve the indicated problem with the DNS server.

Why are there difficulties with the DNS server and with whom does it happen?

Most often, modem users who do not want to connect through a cable connection experience difficulties. When a wireless connection is not used, such difficulties appear only in one case, this is when manually adjusting the Internet settings or due to a virus infection.

However, the most common reason for the appearance of difficulties in practice is the carelessness of the owner of the router, who, during the settings, simply skips some points of the manual or executes them in the wrong order.

Problem solving procedure

If the reason is a failure in settings or incorrect functioning of the network card, then you must perform the following actions:

Restart the router. This is one of the simplest and best tricks that allows you to remove many small errors when failures occur while the modem is working. Such a simple event will allow you to return the device to its initial state.
Check the settings to see if the DNS server is entered correctly. To this end, you need to enter "Local Area Connection Properties", where to find "Internet Protocol v4". The correct DNS server address is written in the user's contract with the Internet provider.
Update the software of the computer components, or rather its network card. This update is sometimes effective in resolving hardware driver problems.
Analyze the functionality of the firewall and anti-virus utility. Sometimes there is a closure of Internet access through Wi-Fi or blocking of some "IP" addresses.

When is the DNS server itself a problem?

The above actions are effective only if the Internet provider itself does not have any difficulties. However, due to significant load or technical defects, the provider may not have enough capacity, while the DNS server or even several may not function normally.

Obviously, in these circumstances, digging into the settings and other activities will not give the user a positive effect, since the DNS server does not respond through no fault of the subscriber.

This state of affairs with the DNS server will require the user to perform the following actions:

Notify the provider about what happened and find out the time frame for eliminating problems with the DNS server. However, when the subscriber, for some important reason, needs access to the Internet very urgently, and there is no way to wait, then this action will not be of much benefit. In such emergencies, the following second method is required.
If the user has a DNS client service, then you can use a DNS server from Google.

What is DNS and what is it for

The DNS server stores information about domains. What is it for? The fact is that the computer does not understand our letter designations of network resources. For example, yandex.ru. We call this the site address, and for a computer, it's just a set of characters. But the computer perfectly understands IP addresses and how to access them. IP addresses are represented as four, eight-character binary numbers. For example, 00100010.11110000.00100000.11111110. For convenience, binary IP addresses are written as identical decimal numbers (255.103.0.68).

So, a computer with an IP address can immediately access a resource, but memorizing four-digit addresses would be difficult. Therefore, special servers were invented, which stored the corresponding symbolic designation for each IP-address of the resource. Thus, when you write a website address into the search bar of your browser, the data is sent to the DNS server, which looks for matches against its database. Then DNS sends the required IP address to the computer, and then the browser accesses the network resource directly.

When setting up DNS on a computer, the connection to the network will go through a DNS server, which allows you to protect your computer from viruses, set parental controls, prohibit certain websites, and much more.

How to find out if the DNS server is enabled on a computer

You can find out if the DNS server is enabled on your computer and its address through the "Control Panel".

How to install

Video: setting up a DNS server

Why change the DNS server

Of course, your ISP also has its own DNS server, your connection is by default defined through this server. But standard servers are not always the best choice: they can be very slow or not even work at all. Very often, operators' DNS servers do not cope with the load and “crash”. Because of what it is impossible to go online.

In addition, standard DNS servers have only the functions of detecting IP addresses and converting them to characters, but they do not have any filtering function. Third-party DNS servers of large companies (for example, Yandex.DNS) are free from these disadvantages. Their servers are always located in different places, and your connection goes through the closest one. Thanks to this, the speed of loading pages increases.

They have filtering function and carry out parental control function. If you have children, then this is the best option - dubious sites that are not intended for a child's audience will become inaccessible to them.

They have a built-in antivirus and a blacklist of sites. So, fraudulent sites and sites containing malware will be blocked and you will not be able to catch a virus accidentally.

Third party DNS servers allow you to bypass site blocking. Sounds a bit absurd because we said that DNS servers are designed to block unwanted resources. But the fact is that Internet providers are forced to prohibit access to sites banned by Roskomnadzor in their DNS servers. Independent DNS servers Goggle, Yandex and others are not required to do this at all, so various torrent trackers, social networks and other sites will be available for visiting.

How to set up / change DNS

Here you can configure the order in which the DNS servers are accessed. For inexperienced users, it is worth explaining that there is no one such server that would store all existing Internet addresses. There are too many websites out there now, so there are many DNS servers. And if the entered address is not found on one DNS server, the computer turns to the next. So, in Windows, you can configure in what order to access DNS servers.

DNS suffixes can be configured. If you do not know this, then you do not need these settings. DNS suffixes are a very difficult thing to understand and are more important for the providers themselves. In general terms, all urls are divided into subdomains. For example server.domain.com. So, com is the first-level domain, domain is the second, server is the third. In theory, domain.com and sever.domain.com are completely different resources, with different IP addresses and different content. However, server.domain.com is still in the domain.com space, which in turn is in com. The DNS suffix for server is domain.com. Although the IP addresses are different, the server can only be found via domain.com. In Windows, you can customize how suffixes are assigned, which has certain advantages for internal networks. As far as the internet is concerned, the creators of DNS servers have already set up everything they need automatically.

Possible errors and how to fix them

What to do if the server is unresponsive or not found

What should I do if, when I try to access a website, I get the error "Computer settings are configured correctly, but the device or resource (DNS server) is not responding"? It is possible that the DNS service has been disabled on the computer for some reason. The DNS server you are using may have stopped working.

Resolves names incorrectly

If the DNS server does not resolve names or does not resolve names correctly, then there are two possible reasons:

DNS is incorrectly configured... If you have everything configured correctly, then there may be an error in the DNS server itself. Change the DNS server, the problem should be resolved.
Technical problems on the servers of the telecom operator... The solution to the problem is the same: use a different DNS server.

DHCP server: what is it and what are its features

The DHCP server automatically configures the network parameters. Such servers will help in the home network, so as not to configure each connected computer separately. DHCP independently assigns network parameters to the connected device (including the host IP address, gateway IP address, and DNS server).

DHCP and DNS are different things. DNS only processes the request as a symbolic address and passes the corresponding IP address. DHCP is a much more complex and smarter system: it organizes devices on a network, independently allocating IP addresses and their order, creating a network ecosystem.

So, we figured out that DNS servers are designed to transmit the IP address of the requested resource. Third-party DNS servers allow you to speed up the Internet (as opposed to standard ISP servers), protect your connection from viruses and fraudsters, and enable parental control. Setting up a DNS server is a snap, and most problems with it can be resolved by switching to a different DNS server.

The correspondence between domain names and IP addresses can be established both by means of a local host and by means of a centralized service. In the early days of the Internet, a text file named hosts was manually created on each host. This file consisted of a number of lines, each of which contained one IP-address-domain name pair, for example 102.54.94.97 - rhino.acme.com.

As the Internet grew, hosts files also grew, and building a scalable name resolution solution became a necessity.

This decision was a special service - domain name system (DNS)... DNS is a centralized service based on a distributed database of domain name-to-IP address mappings. The DNS service uses a client-server protocol in its work. It defines DNS servers and DNS clients. DNS servers maintain a distributed base of mappings, and DNS clients contact servers with requests to resolve a domain name to an IP address.

The DNS service uses text files in much the same format as the hosts file, and the administrator prepares these files manually as well. However, DNS relies on a hierarchy of domains, and each DNS server stores only a subset of the network names, not all of the names, as is the case with the hosts files. As the number of nodes in the network grows, the problem of scaling is solved by creating new domains and subdomains of names and adding new servers to the DNS service.

A separate DNS server is created for each domain name. This server can store domain name to IP address mappings for the entire domain, including all of its subdomains. However, in this case, the solution turns out to be poorly scalable, since when adding new subdomains, the load on this server may exceed its capabilities. More often than not, a domain server only stores names that end in the next lower level of the hierarchy than the domain name. (This is similar to the file system directory, which contains records of files and subdirectories directly “entering” it.) It is with this organization of the DNS service that the name resolution load is more or less evenly distributed among all DNS servers on the network. For example, in the first case, the DNS server of the mmtru domain will store mappings for all names ending in mmt.ru: wwwl.zil.mmt.ru, ftp.zil.mmt.ru, mail.mmt.ru, etc. In the second case, this server stores only mappings of names like mail.mmt.ru, www.mmt.ru, and all other mappings must be stored on the DNS server of the zil subdomain.

Each DNS server, in addition to the name mapping table, contains links to the DNS servers of its subdomains. These links link individual DNS servers into a single DNS service. The links represent the IP addresses of the respective servers. To serve the root domain, several duplicate DNS servers are allocated, the IP addresses of which are widely known (they can be found, for example, in InterNIC).

The procedure for resolving a DNS name is in many ways similar to the procedure for the file system to find the address of a file by its symbolic name. Indeed, in both cases, the distinguished name reflects the hierarchical structure of the organization of the corresponding directories - file directories or DNS tables. Here, the domain and domain DNS server are analogous to the file system directory. Domain names, as well as symbolic file names, are characterized by naming independence from physical location.

The procedure for finding a file address by a symbolic name consists in sequential scanning of directories, starting from the root. In this case, the cache and the current directory are pre-checked. To determine the IP address from the domain name, you also need to look at all DNS servers serving the chain of subdomains included in the hostname, starting with the root domain. The essential difference is that the file system is located on one computer, and the DNS service is by its nature distributed.

There are two main schemes for resolving DNS names. In the first variant, the work on finding the IP address is coordinated by the DNS client:

The DNS client contacts the root DNS server with the fully qualified domain name;

The DNS server responds with the address of the next DNS server serving the top-level domain specified in the upper part of the requested name;

The DNS client makes a request to the next DNS server, which sends it to the DNS server of the desired subdomain, and so on, until a DNS server is found that stores the match for the requested name to the IP address. This server gives the final answer to the client.

This communication scheme is called non-recursive or iterative, when the client itself iteratively performs a sequence of requests to different name servers. Since this scheme loads the client with quite complex work, it is rarely used.

The second option implements a recursive procedure:

The DNS client queries the local DNS server, that is, the server that serves the subdomain to which the client's name belongs;

if the local DNS server knows the answer, then it immediately returns it to the client; this may correspond to the case when the requested name is in the same subdomain as the client's name, and it may also correspond to the case when the server has already learned this match for another client and stored it in its cache;

if the local server does not know the answer, then it performs iterative requests to the root server, etc. in the same way as the client did in the first option; having received the answer, he sends it to the client, who all this time was just waiting for it from his local DNS server.

In this scheme, the client delegates work to its server, so the scheme is called indirect or recursive. Almost all DNS clients use a recursive procedure.

To speed up the lookup of IP addresses, DNS servers widely use the procedure of caching the responses passing through them. In order for the DNS service to respond quickly to changes in the network, responses are cached for a specific amount of time, usually from several hours to several days.

The TCP / IP stack uses three types of addresses: local (also called hardware), IP addresses, and symbolic domain names. All these types of addresses are assigned to the nodes of the composite network independently of each other.

The IP address is 4 bytes long and consists of a network number and a host number. To determine the boundary separating the network number from the node number, two approaches are implemented. The first is based on the concept of an address class, the second is based on the use of masks.

The class of the address is determined by the values of the first few bits of the address. Class A addresses allocate one byte for the network number, and the remaining three bytes for the node number, so they are used in the largest networks. For small networks, class addresses are more suitable WITH, in which the network number is three bytes, and only one byte can be used to number the nodes. Class B addresses occupy an intermediate position.

Another way to determine which part of the address is the network number and which part is the host number is based on the use of a mask. A mask is a number that is paired with an IP address; the binary record of the mask contains ones in those bits that should be interpreted as a network number in the IP address.

Network numbers are assigned either centrally if the network is part of the Internet, or arbitrarily if the network is autonomous.

The process of distributing IP addresses to network nodes can be automated using DHCP.

The mapping between the IP address and the hardware address (most often the MAC address) is done by the ARP Address Resolution Protocol, which looks at the ARP tables for this purpose. If the required address is missing, then a broadcast ARP request is made.

The TCP / IP stack uses the domain symbolic naming system, which has a hierarchical tree structure that allows the use of an arbitrary number of constituent parts in the name. A collection of names in which several major constituent parts are the same form a name domain. Domain names are assigned centrally if the network is part of the Internet, otherwise locally.

The correspondence between domain names and IP-addresses can be established both by means of a local host using the hosts file, or using a centralized DNS service based on a distributed base of domain-name-IP-address mappings.

The IP protocol solves the problem of delivering messages between the nodes of a composite network. IP is a connectionless protocol, so it does not offer any guarantees of reliable message delivery. All issues of ensuring the reliability of data delivery in a composite network in the TCP / IP stack are solved by the TCP protocol, based on the establishment of logical connections between interacting processes.

An IP packet consists of a header and a data field. The maximum packet length is 65,535 bytes. The header is usually 20 bytes long and contains information about the network addresses of the sender and receiver, fragmentation parameters, packet lifetime, checksum and some others. The data field of an IP packet contains higher layer messages such as TCP or UDP.

The appearance of the IP routing table depends on the specific implementation of the router, but despite the rather strong external differences, the tables of all types of routers contain all the key fields required to perform routing.

There are several sources providing routing table entries. First, during initialization, the TCP / IP stack software populates the table with entries for directly connected networks and default routers, as well as entries for special addresses such as 127.0.0.0. Second, the administrator manually adds static entries for specific routes or the default router. Third, routing protocols automatically populate the table with dynamic entries about available routes.

Masks are an effective means of structuring IP networks. Masks allow you to divide one network into several subnets. Equal-length masks are used to divide the network into subnets of equal size, and variable-length masks are used to divide the network into subnets of different sizes. The use of masks modifies the routing algorithm; therefore, in this case, special requirements are imposed on the routing protocols in the network, on the technical characteristics of the routers and their configuration procedures.

Classless Inter-Domain Routing (CIDR) technology plays a significant role in the future of IP networks, which solves two main problems. The first is a more economical use of address space - thanks to CIDR, service providers are able to "cut" blocks of different sizes from the address space allocated to them in strict accordance with the requirements of each client. The second challenge is to reduce the number of entries in the routing tables by combining routes — a single entry in the routing table can represent a large number of networks with a common prefix.

An important feature of IP that distinguishes it from other network protocols is its ability to dynamically fragment packets when they are transmitted between networks with different MTUs. This property has been instrumental in helping IP to dominate complex, concatenated networks.