MMiscellaneous

DNS: What Is It, What Is It Used For and How It Works

What is DNS
0
Shares
0
0
0
0

As you may know, computers use IP addresses to connect with each other and communicate.

However, humans use and prefer names (such as bytexd.com) to access computers. This is because domain names in spoken language are easier to use and remember than a scary sequence of numbers (e.g., 192.168.1.165).

What would happen if we have to access the computers only using their IP addresses? In that case, you have to memorize tens or even hundreds of these numbers (can a human do that?).

This would not only be error-prone but also very hard or even impossible to use in this fast-growing digital world, where thousands of new domains are added to the Internet each day.

Luckily, we have computer scientist and internet pioneer, Paul Mockapetris for inventing a naming system called Domain Name System (DNS).

The main task of a Domain Name System (DNS) is to translate the domain names of computers into their IP addresses.

In this article we’ll explain what a DNS (Domain Name System) is and how it works.

Table of Contents
  1. What is DNS?
  2. Types of Domain Name Servers
  3. DNS Lookup Process (AKA Name Resolution)
  4. Finding a Book / Treasure Hunt Analogies
  5. Difference Between DNS Recursive Resolver and Recursive Query
  6. Types of DNS Queries
  7. DNS Caching and What It Is
  8. DNS record

What is DNS?

Domain Name System (DNS) is a worldwide distributed database that contains records of domain names and their IP addresses. This database is automatically queried when a client enters a domain name.

In fact, the client’s device contacts a domain name server (or simply a name server) to find the IP address of the computer, where the required website is present. The domain name server is basically a server where DNS information is stored.

The name server will translate the name of the website into its IP address and return this IP address to the client’s device. This process is often known as name resolution.

It can be considered similar to a dictionary, where you look for a word and find the meaning written next to it. Similarly, the user’s device queries a name server to find the IP address of the required computer.

Types of Domain Name Servers

Following four types of Domain Name Servers are involved in DNS:

  • Root Domain Name Server
  • Top-Level Domain (TLD) Name Server
  • Authoritative Domain Name Server
  • Recursive resolver

These name servers are set up and used at different hierarchical levels, so you can say DNS is a set of hierarchical databases.

DNS Lookup Process (AKA Name Resolution)

  1. When a client enters a URL (such as bytexd.com) in the browser, the local name server or recursive resolver gets into action. You can consider the recursive resolver as a middleman between a client and nameserver, who contacts root, TLD, and authoritative nameservers in a sequence, one after the other.
    • After receiving a URL translation request from a browser, a recursive resolver sends its query to a root domain name server.
    • There are 13 types of root domain name servers in the world, which are known to every recursive resolver.
    • (Note: Don’t think that there are only 13 machines in the world, there are 13 types of root name servers).
  2. The root name server checks the top-level domain name server (mentioned as an extension of a domain name). Examples of TLDs are .com, .org, .net, .gov, .edu, .mil, etc. and those ending with country names (like .ca, .my, .uk, .us, .ru). On identifying the TLD, the root server directs the recursive resolver to the relevant TLD name server, as a response.
    • A TLD name server contains information of all domains having the same extension. In the example given above (bytexd.com), the TLD is .com. In other words, this TLD maintains information of all domains ending with .com.
  3. The TLD name server finds the domain that has the authority to provide the required information (hence called authoritative name server). In our example, the authoritative domain is bytexd.
    • This implies that a TLD name server points out the authoritative name server and the recursive resolver is directed towards it.
    • The authoritative name server contains the required information (the IP address of the destination computer), which is provided to the recursive resolver and finally to the client’s device.

Finding a Book / Treasure Hunt Analogies

The entire process of name resolution can be considered analogous to finding a book in a library.

The search normally starts from a librarian (recursive resolver), from which you ask about a particular book.

The librarian guides you to an index (root name server), containing the information of different racks (TLDs) on which groups of books are placed.

The authoritative name server can be considered as a dictionary on a particular rack (TLD), where you can find the meaning of a word.

Another analogy of this process can be a treasure hunt game. In such games when you find a clue, you are directed to the next clue (next server in the DNS chain) until you reach the treasure (the required IP address).

Difference Between DNS Recursive Resolver and Recursive Query

As mentioned above, DNS recursive resolver is a server (computer) that accepts a client’s initial request and processes it by contacting different name servers.

Whereas, a recursive query is a request made to the resolver to find the required IP address.

Types of DNS Queries

Following three types of queries may occur in a DNS lookup process:

  • Recursive query
  • Iterative query
  • Non-recursive query

The name resolution process explained above is an iterative lookup, in which the response is sent back to the resolver each time with the address of the next DNS server in the loop.

In contrast, in a recursive query, a DNS server keeps on querying other servers until it finds the required IP address. In other words, the DNS server doesn’t return to the client until it finds the required IP address.

It sounds good that the root name server will contact all other DNS servers until it resolves the given address. But attackers take advantage of recursive queries on open DNS servers to perform DNS amplification attacks and DNS cache poisoning.

Non-recursive query occurs when the DNS server has the authority to access the DNS record or the record is already present in its cache.

DNS Caching and What It Is

It is important to note that the DNS lookup process explained above doesn’t always happen. Thanks to the caching mechanism. Whenever a name is resolved, both the domain name and its resolved IP address are stored temporarily in a cache.

This cache is maintained at various levels by different servers involved in the lookup process. Starting from the client’s browser and operating system to recursive resolver, authoritative name server, and TLD.

It means the DNS lookup process is only performed for un-cached information and it stops on any level when and where the cached information is found. This avoids further queries to other DNS servers, thus improving the load time of websites and reducing bandwidth and processing consumptions.

DNS records are stored in cache for a particular amount of time set by the TTL (time to live) attribute. After this time, a record is either discarded or refreshed.

DNS record

DNS records are instructions on handling requests about a domain. These records are actually text files, also called zone files, which are stored in authoritative name servers.

It is necessary for all domains to have some DNS records to allow access to their website using a domain name.

The most common types of DNS records are:

  • A record: Type A record holds the IP address of a domain name.Note: Type A record is used to hold IPv4 addresses, for IPv6 AAAA record is used.
  • NS record: The Name Server record holds the IP address of an authoritative domain name server, which means the address of the server that has type A record)
  • CNAME record: This record type holds the Canonical NAME or alias of a domain name (not an IP address). It is mostly used when two domain names are pointing towards a single site.
    • For example, a sub-domain like blog.example.com has a CNAME record of example.com. In this case, example.com is a canonical name of blog.example.com.
    • Note: After resolving example.com first, the page blog.example.com will be displayed to the client (such as in your browser).
  • MX record: This DNS record holds the domain name of the mail server (name right, not an IP address), to which emails will be routed.

DNS servers and records are maintained by the registrar from which you are getting services (e.g., Namecheap, Google Domains, Gandi, Porkbun etc.).

If you have any questions or feedback at all feel free to leave us a comment and we’ll get back to you as soon as we can.

0 Shares:
Share 0
Tweet 0
Pin it 0
Share 0
Share 0
Share 0
Subscribe
Notify of
guest
Receive notifications when your comment receives a reply. (Optional)
Your username will link to your website. (Optional)

0 Comments
Inline Feedbacks
View all comments
— Previous article

How to Concatenate Strings in Bash

Next article —

How to Install Zsh on Linux

You May Also Like