DNS Proxy

  • Article

Name resolution is automated in Windows CE by having the DHCP server supply the addresses of DNS servers to DHCP clients during address assignment. This scheme fails for the network, because the DNS server resides either with an ISP or on a corporate network, and the correct DNS server address does not become known until a connection is established. Moreover, a typical network does not have a DNS server configured.

To deal with these characteristics of the network, the DHCP allocator on the gateway device can give the local-area address of the gateway as the DNS server address to DHCP clients. Once the Internet connection is established, the gateway device can forward name-resolution requests to the address of the Internet DNS server obtained for the connection. This DNS proxy makes name resolution transparent from the point of view of devices on the network.

The DNS proxy relays DNS requests to the current public network DNS server for the proxy, and replies as a DNS resolver to the client device on the network. The DNS proxy must also keep track of the state of the public DNS requests and try the next DNS server in the configuration if the previous DNS resolution fails.

When the network already has a DNS server configured, the DNS proxy is still useful. The existing DNS server most likely would be configured to forward Internet name-resolution requests to a DNS server with a static Internet address. This static configuration can fail when the Internet address of the DNS server changes. With automatic name resolution, the existing DNS server can be configured to forward Internet DNS requests to the local-area address of the DNS proxy, and the DNS proxy can handle the task of dynamically finding the Internet DNS server addresses when the Internet connection is established.

The DNS proxy enables clients to send DNS queries over IPv6. The proxy listens for DNS queries on the well-known, site-local address FEC0:0:0:FFFF::1, and then relays those queries to the current public network IPv4 DNS server. This functionality allows IPv6 clients to perform DNS name resolution.

The DNS proxy performs the following functions:

  • Receives DNS inquiries and forwards them to external DNS address on the Internet.
  • May initiate demand-dial when it receives DNS inquiry but has no Internet connection.

The DNS proxy does not require any specific protocol actions. The following list shows the actions the proxy takes when the DNS proxy receives a DNS question message:

  1. It selects a unique new identifier.
  2. It records a tuple that contains the original 16-bit identifier of the message, the newly selected identifier, and the endpoint from which the message originated.
  3. It writes the new identifier in the request.
  4. It transmits the question to the configured DNS server for the proxy.

The following list shows the actions the proxy takes when the DNS proxy receives a DNS response message:

  1. It searches for a tuple associated with the identifier in the response message.
  2. It writes the original identifier in the response message.
  3. It transmits the response to the endpoint from which the question originated.

See Also

Internet Connection Sharing

 Last updated on Thursday, April 08, 2004

© 1992-2003 Microsoft Corporation. All rights reserved.