TLDR:
The Domain Name System, or DNS, is one of the very basic technologies that converts the human-readable website address, say www.example.com, into a machine-readable IP address like 145.1.1.12.
Every time a user types a URL in the browser, a complicated resolution process starts with several servers and caches to find the right IP address.
That would actually mean checking the various caches-it would be the browser, OS, router-before querying different types of DNS servers, such as local, root, TLD, and authoritative, for locating the website.
Introduction:
Ever wondered how it works when you type a website's URL in your browser and voilà, the site opens up?Well, behind the curtains, it's a sophisticated process where the browser is trying to get the IP address of the website through various steps and servers.
DNS(Domain Name System):
DNS a technology that translates a human-readable domain names (e.g. example.com - address of web-server where the site is actually hosted) into machine-understandable IP address(145.1.1.12), as computers and Network devices are only capable of interacting with IP address.
Anatomy of an URL:
Before understanding DNS, lets first try to understand anatomy of an URL from the DNS point-of-view.
example.com.
Root Domain:
- Generally, whenever user types the address in the address bar of a browser, the browser by default puts a dot (.) at the end of the URL and this dot (.) at the end of the URL is the Root Domain. The Root Domains are generally invisible and are the starting point for all the DNS queries.
Top Level Domain(TLD):
- The next is the Top-Level Domain in our example it is
.com. These domains have certain categories like .org, .net,etc. It also includes country specific domains like .in,.au, .uk,etc.
- The next is the Top-Level Domain in our example it is
Second Level Domain/Parent Domain(SLD/PD):
- Moving towards left we have Second Level Domain or Parent Domain, these are the actual identity of an organisation or website, in our example it is “example”. Generally, when a user registers a domain, he/she is actually registering a SLD along with TLD.
Sub-Domain/Third Level Domain:
- These appear on the left of the Second Level Domain. In our example it is “www”. Sub-domains are considered as branches of main domain mainly used to organise different services or sections of a website.
DNS Components: The Pillars
Local DNS Server(DNS Resolver):
- When a user types a URL, the resolver starts the DNS look up process on behalf of the client, we can say that it acts as a client intermediary between client and DNS hierarchy.
Root Name Server:
- These servers remain top of the DNS hierarchy. There are in total 13 root server clusters(labelled A to M) distributed world wide. These server redirects queries to TLD (Top Level Domain) name servers.
TLD(Top Level Domain) Name Server:
- These servers manage domains under specific top-level domain e.g.
.com,.org, etc. and are responsible for directing the queries to the authoritative name servers for the requested domain.
- These servers manage domains under specific top-level domain e.g.
Authoritative Name Server:
- These servers form the final step in the DNS query lookup. They are responsible for providing the exact IP address for requested domain or sub-domain.
DNS Cache:
- DNS Cache stores resolved DNS queries locally or on intermediate servers for faster lookups.
DNS Resolution: Following Digital BreadCrumbs
When a user types www.example.com , an interesting process begins:
Browser Cache Lookup:
- The browser checks its cache to check whether it has IP address of the requested address from the previous request to minimise the DNS overhead.
OS Cache Lookup:
- If the browser is not able to find IP address in its local cache, the request is forwarded to OS, where OS checks its local cache for the IP address.
Router Cache Lookup:
- If IP address is not found in OS cache, the request is then forwarded to the router, where router tries to find corresponding IP address it it’s own cache and routing tables.
Local DNS Lookup:
- If router also is not able to find IP address in it’s own cache, the request is forwarded to configure DNS (provided by Local ISP or Public DNS as 1.1.1.1 - cloudflare public dns or 8.8.8.8 - google public dns) where DNS looks for the corresponding IP address in it’s IP tables and cache.
Root Name Server Lookup:
- If IP address is still not found with Local DNS, the Local DNS forwards the request to Root Name Server, which directs the request to TLD(Top Level Domain) name servers for
.com.
- If IP address is still not found with Local DNS, the Local DNS forwards the request to Root Name Server, which directs the request to TLD(Top Level Domain) name servers for
Top Level Domain Name Server Lookup (TLD):
- The Local DNS queries the TLD for
example.comand gets redirected to authoritative name servers.
- The Local DNS queries the TLD for
Authoritative Name Server Lookup:
- The Authoritative Name Server returns the exact IP address for the requested website address.
This is entire process of finding IP address and going through all the name servers is called recursive resolution.
The Local DNS then sends the obtained IP back to the browser via the same chain.
DNS Records: The Documentation of Internet
DNS Record an instruction or configuration in Domain Name System(DNS) that provides information about domain, how they should behave, respond to the queries and help in finding the services associated with the domain.
Anatomy of DNS Record:
Name: example.com Type: A Value: 93.184.216.34 TTL: 3600- Name: Name of the domain or sub-domain to which a particular record applies to.
- Type: Type of record it is like A, AAAA, MX, CNAME, etc.
- Value: Actual data like IP address, hostname, etc.
- TTL(Time To Live): How long a record should be cached.
Types of DNS Records:
A Record (Address Record):
These records forms foundation for routing traffic to servers and are responsible for mapping a domain to IPv4 address.
E.g.:
example.com → 145.1.1.12
AAAA Record:
These records support modern web addressing and are responsible for mapping a domain to IPv6 address.
E.g:
example.com→ 2001:0db8:85a3:0000:0000:8a2e:0370:7334
CNAME Record(Canonical Name Record):
These records maps one domain to another domain simplifying management of domains by allowing multiple domains to a single target.
E.g.:
www.example.com → example.com
MX Record(Mail Exchange Record):
These records specifies mail servers for receiving mails for a particular domain.
E.g.:
example.com → mail.example.com
TXT Record:
These records hold textual information associated with a domain, generally used for authentication and verification process.
E.g: SPF (Sender Policy Framework)
NS Record:
These records are used for identifying authoritative name servers for the domain.
E.g.:
example.com→ns1.example.com
PT Record:
These records are used for mapping an IP address back to a domain (reverse DNS).
E.g.:
145.1.1.1 → example.com
SOA Record(Start of Authority Record):
These records provide administrative information about a domain and are essential for DNS zone management.
Administrative Information Includes: Primary Name Server, Contact Email, Retry, Refresh, Expiry, TTL values,etc.
SRV Record:
These records specify services available for a particular domain.
E.g. :
_sip._tcp.example.com → 10 5 5060 sipserver.example.com
CAA Record(Certificate Authority Authorization):
- These records give information about Certificate Authorities that are allowed to issue certificates to the domain and are responsible for preventing unauthorized SSL certificates.
DNS Security:
To enhance security of DNS extensions like DNSSEC and DNS over https are used:
DNSSEC(DNS Security Extensions):
DNSSEC adds an extra layer of security to prevent DNS spoofing, data tampering, DNS cache poisoning,etc.
DNSSEC generally adds a cryptographic(public-private key pair) signature to DNS records and uses them for validating responses.
- E.g: DNSKEY, RRSIG,DS,etc.
DNS over https and DNS over TLS:
- The queries over the DNS are encrypted improving the privacy and preventing eavesdropping.
Dynamic DNS:
- These DNS dynamically updates records whenever an IP address updates, which prove to be beneficial for residential connection that have dynamic IP addresses.
Load Balancing and Failovers:
- Multiple A or CNAME records can be used to distribute the traffice(Round Robin algorithm) across different data centers ensuring high availability.
DNS Impact and Why it matters:
Scalability: DNS facilitates a global hierarchical system for handling billions of domain across the globe, supporting global content distribution.
Flexibility: Support multiple services like website, authentication, VOIP,etc.
Performance: Supports caching and optimisation to reduce latency.
Security: Supports advanced records like: DNSKEY, RRSIG,etc. and also has DNSSEC adding extra layer of security improving trustworthiness.
Conclusion:
The DNS is the backbone of Internet navigation, allowing smooth connections between users and websites. Then there are several security measures and optimization techniques that, combined with a hierarchical structure, guarantee its reliability and efficiency in accessing the web without compromising the latter for security and performance. DNS knowledge is necessary for those dealing with web development, network administration, or Internet security.
Join the Discussion:
We appreciate your thoughts and experiences with DNS! Kindly use the comment section to ask any questions, share your views, or even how you can apply this in real life.
Engage with Us:
👍 Did you find this article helpful? Give it a like!
💭 Share your experiences with DNS in the comments
🔔 Subscribe to our newsletter for more technical deep dives
Join Us:
Your feedback helps us create better content. Drop a comment below about:
Your experience with DNS configurations
Challenges you've faced with domain resolution
Questions about DNS security
Suggestions for future technical articles