A2.2.2 Describe the function of servers. (HL only).

A2.2.2 Describe the function of servers. (HL only)

• Types of servers: domain name server (DNS), dynamic host configuration protocol (DHCP), file server, mail server, proxy server, web server

• Factors to consider must include function, scalability, reliability and security.

The big idea

In an IP network, servers are specialised hosts that provide shared services to many clients.
They sit at well-known ports, speak well-defined protocols, and carry the state that lets end-users look up names, obtain addresses, move files, exchange e-mail, browse the Web, or traverse firewalls.

Designing such servers for function, scalability, reliability, and security turns a handful of daemons into the resilient, planet-scale infrastructure we take for granted.

1 Domain Name Server (DNS)

Aspect	Details
Function	Resolves human-readable names to IP addresses. Two logical roles:• Recursive resolver walks the DNS hierarchy on the client’s behalf.• Authoritative server hosts the zone file for a domain. (Cisco Umbrella, Cloudflare)
Scalability	• Anycast lets one IP address map to dozens of geo-scattered instances.• Negative/positive TTL-based caching off-loads repeat queries.• Shard large zones across multiple authoritative nameservers.
Reliability	Multiple NS records and secondary servers ensure that if one site fails the domain stays reachable.
Security	• DNSSEC signs resource-record sets to stop cache poisoning.• Split-horizon DNS hides internal hostnames.• Rate-limiting and response policy zones counter DDoS amplification.

2 Dynamic Host Configuration Protocol (DHCP) server

Aspect	Details
Function	Hands out IP configuration through the four-step DORA exchange (Discover → Offer → Request → Acknowledge) on UDP 67/68. (SynchroNet, netmanias.com)
Scalability	• Relay agents (IP Helper) forward broadcasts across subnets.• Split-scope or active–active fail-over lets two servers share a pool.
Reliability	Lease database replicated between peers; if one node dies, the other still renews addresses.
Security	• Switch DHCP-snooping blocks rogue servers.• Option 82 allows per-port authentication; MAC filtering thwarts spoofing.

3 File server

Aspect	Details
Function	Centralises storage over LAN/WAN protocols—SMB/CIFS for Windows, NFSv3/4 for Unix. (Computer Weekly, GeeksforGeeks)
Scalability	Scale-out NAS clusters stripe data across many nodes; DFS namespaces hide multi-share back ends.
Reliability	RAID, snapshots, synchronous replication, and cold-standby replicas protect data and uptime.
Security	• ACLs & POSIX modes enforce least privilege.• Kerberos or NTLMv2 authenticates sessions; SMB signing and encryption defeat tampering or eavesdropping.• Ransomware protection via immutable snapshots.

4 Mail server

Aspect	Details
Function	Pipeline of services:• SMTP MTA relays mail between domains.• IMAP/POP3 give users mailbox access.• Local MDA stores messages. (SiteGround, Mailtrap)
Scalability	Front-end SMTP proxies perform spam filtering and fan-out to clustered storage back ends; queue spooling evens load spikes.
Reliability	MX records list multiple priorities; mail queues retry for days; shared-nothing replicas keep mailboxes online during maintenance.
Security	• STARTTLS encrypts links; MTA-STS enforces it.• SPF, DKIM, DMARC verify sender identity.• Spam and malware filters, attachment stripping, sandboxing.

5 Proxy server

Aspect	Details
Function	Interposes itself between client and origin:• Forward proxy protects the client (caching, content filters).• Reverse proxy protects the server (load-balancing, TLS off-load, WAF). (Imperva, JSCAPE)
Scalability	Stateless cache tiers can be added horizontally; consistent-hashing keeps hit ratios high.
Reliability	HA pairs with VRRP/keepalived; L4 anycast moves flows to healthy nodes.
Security	• Hides internal IP space; adds request filtering and rate-limits.• TLS termination centralises certificate management.• Forward proxies provide auditing and user authentication.

6 Web server

Aspect	Details
Function	Serves HTTP/HTTPS content—static files, dynamic scripts (CGI, FastCGI), or application back ends. Popular engines: Apache httpd, Nginx, LiteSpeed. (Liquid Web, WIRED)
Scalability	• Stateless design lets you spin up many workers behind a load balancer.• Edge CDNs cache static assets worldwide.• HTTP/2 and HTTP/3 multiplex requests over fewer sockets.
Reliability	Blue-green or canary deployments avoid downtime; health-checks cull failed instances; content mirrored across AZs.
Security	• TLS 1.3, HSTS, and OCSP-stapling secure the channel.• Web Application Firewalls stop injection attacks.• Least-privilege chroot/jails isolate worker processes; automatic patching closes CVEs.

7 Choosing the right server architecture

Environment	Priority	Typical mix
Home / SOHO	Simplicity & low cost	All-in-one router/AP running DNS forwarder, DHCP, and small HTTP/SMB services.
Campus / SME	Reliability & manageability	Dedicated DHCP/DNS pair, clustered file server, single secure proxy, pair of web servers.
Enterprise / Government	High availability, compliance	Geo-redundant anycast DNS, split-scope DHCP fail-over, distributed file clusters, multi-tier mail farm, reverse-proxy DMZ, autoscaled web pods behind CDN.

Take-away

Each server type specialises in one slice of the networking puzzle—naming (DNS), addressing (DHCP), storage (file server), messaging (mail), mediation (proxy), or presentation (web).
By engineering scalability (horizontal replication, caching), reliability (redundant peers, fail-over, RAID), and security (encryption, authentication, hardening) into every tier, administrators turn simple processes into the robust services that power everything from a two-room office to the world’s largest clouds.