I was trying to explain to some one how in a fairly top level way the internet works and had a hard time going it this morning it hit me everyone know how to call someone and Generally how phones work so i started writing.
DNS(domain name server):
You get a phone and a phone number for your company and no one knows that number but everyone know your company’s name. So to tell everyone your phone# you call up the company that makes the phone books (authoritative name server and registar) and say my companies phone# is XXX XXX XXXX and to inform the phone operators of this. It takes some time for that company to print the updated list and send it to the operators(dns recurser) around the world. So when someone calls the operator (a known phone number by many many people but not all) and asks for company Y the operator says they should call XXX XXX XXXX to talk to you. However if someone from a different city calls their operator (could be a different number entirely) The operator will check their records and say “hold on for a second let me get that information for you” and call the next towns or even the state operator (root server) (sometimes 2 or 3 other towns) and ask “do you know the phone number for Y?” If they don’t which will do the same as the first operator and ask around, until one of them calls your cities operator and get the phone number of your company. this information will get passed all the way back to the original operator and then the client that made the original request. When each operator got that number they wrote it down to ad to their lisk to known numbers for the next time someone asks for company Y.DDNS: same situation as before but instead you had the cheaper option to not always keep the same phone number and so it will change at random(ish) depending on your phone company (dhcp server) but they will tell the receptionist (gateway router) that number when she calls in to ask for the new number in the morning, could be the same as yesterday but could be different. But she will never tell you (local server) what that number is and will only tell you your extension, unless you go read her notes (network status) so to get around this you call a friend that has caller ID (whats my number) and they tell you the number they see on their end. so you call up the phone book company and tell them your new number so the operator can be told of the change
DDNS (dynamic domain name server)
Same situation as before but instead you had the cheaper option to not always keep the same phone number and share one in a pool of rotating phone numbers. And so it will change at randomish intervals depending on your phone company’s policies. The phone company will tell the receptionist (gateway router) that number when she calls in to ask if she has a new number in the morning, could be the same as yesterday but could be different. The receptionist will never tell you (the local server) what that number is and will only tell you your phones extension, unless you go read her notes (network status). So to get around this you call a friend that has caller ID (whats my number) and they tell you the number they see on their end. After that you call up the phone book company (registar) and tell them your new number so the operators can be told of the new change.
DHCP ( Dynamic Host Configuration Protocol )
Basically the IT guy who manages the phone numbers to each department or in terms of public numbers the phone company managing and assigning a phone number.
NAT (network address translation)
You (the server software) are working for a company (subnet) and have a specific extension (port) in your department which has its own internal phone number (server and hardware IP ). You can be reached at lets say extension 443 and someone is calling the phone number they got from their operator and expects to talk to someone at extension 443 to get the information needed. When the client calls they say to the receptionist (router / firewall) “I need to talk to 443” the client cant directly call those internal department phone numbers. The receptionist was told by her manager if someone asks for 443 to forward the call to the department’s leader( firewall) who yells to the room “who has 443?” you (the server software) answers “I do” so they route the call to you who can then openly talk(packets) to the client. If you are sick (server offline) no one answers however the client keeps asking for information and no one responds. so the client hangs up after a while(time out).
Port forwarding:
Same as before someone is calling asking to talk to 443 but your department leader (firewall) hates that number and wont let anyone use it (blocked port) so they give you a different extension like 993 for no reason. the receptionist is told that when she calls a department to say “this client wants to talk to 993” even though they originally asked to talk to 443.
Firewalls:
(in a very general sense)
Outgoing port blocking:
Just as before someone is calling 443 the receptionist calls your department but because the team lead (firewall) hates 443 he broke the microphone so when you answer the routed call you can hear everything the client says and you keep responding but they cant hear anything back so they hang up (time out). And at each one of the previous steps there is a leader(firewall) who can shutdown the call or send it to a different person along the way if they don’t like something about it (iptables rules).
Incoming port blocking:
when a client calls in to speak to extension 022 The firewall tells the client to fuck off (REJECT), He can also not tell anyone that there ever was a call (DROP), or he can send the client to somewhere else entirely(NAT).