Does HTTP get method rely on port 53 for DNS resolution?

domain-name-system

Something to keep in mind with regard to HTTP is that all of the communication between the browser and web server takes place over TCP, which uses IP addresses. The name resolution as you said happens first, because without the IP address, no communication can take place.

So the Internet works fine, and you can even access web sites without DNS, even if you don't have names in your hosts file, as long as you know the IP address.

Now, to contradict what I just said a little bit, since your question is specifically about HTTP, the truth is that some web sites will not work if you try to access them directly by IP address.

This could be for many reasons but one of the most common is that the web server actually hosts many different websites on a single IP, and then differentiates requests to those sites based on the requested host name.

This is done as part of the HTTP request by adding a Host: header. The browser uses the name you give in the address bar to fill in this header during the request, but strictly speaking this has nothing to do with DNS.

One other way that browsing by IP can be problematic is on HTTPS sites because the certificates are issued to certain host names. This won't prevent them from working, but the certificate can't be verified by the browser since the name doesn't match and you'll get a warning.


Strictly speaking, the hostname resolution process is out of scope of the HTTP specification. In practice, though, it is nearly always done using DNS over UDP port 53.

In special cases, alternate name resolution mechanisms may be used:

  • Windows clients will check a local Hosts file, then DNS, then do NetBIOS name resolution.
  • OX X clients will also use multicast DNS (UDP port 5353) to resolve .local addresses.
  • Linux / Unix systems will use /etc/nsswitch.conf to determine the hostname resolution order. Alternate mechanisms include LDAP and NIS.

System administrators often choose to block DNS at the firewall to force all clients inside the organization to use a local DNS server. This helps control the risk of DNS cache poisoning attacks.


default settings for nsswitch will look up /etc/hosts (files) first then try dns. So if the host is listed in /etc/hosts and you block port 53 udp/tcp then it will still get the correct ip and work. If the host is not in /etc/hosts you will not get an IP

Related

Is there a reason to use internal DNS over 8.8.8.8?
Become own domain registrar
How is possible that the web site is down but the traceroute is ok?
Which parts to skimp on when buying a server? [closed]
Wordpress on AS/400 [closed]
*nix OS that is easy to update to latest software
What are some free utilities for securely wiping data from a floppy disk? [closed]
What is the optimum number of admins to server? [closed]
How to specify the log file for memcached on RHEL / CentOS
AirPods: listen to audio + record video + use microphones?
Using ImageMagick's identify to determine DPI of a document
FaceTime Photos must be enabled on both devices to use this feature