Beginner's Guide to DNS

The Domain Name System, or DNS for short, is like the internet's phonebook. Every device connected to the internet has an address called an IP Address, which looks like 192.168.1.1 and is often dynamically allocated. There is a type of IP address called a Static Address, assigned to servers and other services. For example, to access a service like Google's Search Engine, you would connect to the IP address 142.250.195.110. This can be overwhelming, but what if it were as simple as typing www.google.com? That's much easier to remember, right? Humans prefer to remember names, while computers understand IP addresses. This is where DNS comes in.

DNS is a hierarchical and decentralized naming system that translates human-readable domain names into IP addresses.

How does DNS works?

Finding the IP address for a service using its human-readable name is called DNS Resolution. This process involves several servers and happens automatically in the background, handled by the browser, so the user doesn't have to do anything. So, what happens when you type a website's address in your browser's address bar and press Enter? Let's find out.

1. The user types example.com in their browser and hits enter. The browser first checks the cache memory to see if the website's IP address is stored there. If it's not, the journey begins. The query travels to the internet and is received by a DNS Resolver.

2. The resolver then begins querying nameservers in a step-by-step process. It first queries the DNS root nameserver.

3. The root server responds with the address of the Top Level Domain (TLD) server (like .com, .net, etc.). In our case, it provides the address of the .com TLD server.The resolver then make a call to the .com TLD server.

4. The TLD servers then respond with the IP address of the Domain’s Nameserver.

5. Lastly the resolver send a query to the Domain’s Nameserver.

6. The Domain Nameserver then reponds with the exact IP address for the example.com to the resolver.

7. The DNS Resolver then responds back to the browser with the IP address of the website requested.

8. The browser then makes HTTPS call to that IP address.

9. The server at that IP address then send the content back to browser to render it for the user.

Server Types

DNS Resolver

The DNS Resolver is the first stop in this DNS lookup process, it is also known as DNS Recursive Resolver. It is a server which acts as a middleman between a client and a DNS nameserver. It is responsible for returning the IP address of the requested website to the browser and also to recursively query all the other nameservers based on their response. When its receives the request from the client it first calls the Root nameserver and then based on the response it calls the TLD server and then finally to the Domain nameserver. After receiving the IP address from the DNS nameserver it responds back to the browser.

Root Nameserver

The root server accepts the call from the DNS resolver which contains the domain name and then responds back by directing the resolver to the TLD server based on the extension of that domain (.com, .net). There are 13 root server know to every recursive resolver and they are spread across the world with multiple copies routed using Anycast routing algorithm. This is maintained by non-profit organization called Internet Corporation for Assigned Names and Numbers (ICANN).

TLD Nameserver

A TLD nameserver maintains information for all the domain names that share a common domain extension, such as .com, .net, or whatever comes after the last dot in a URL. TLD nameservers are maintained by Internet Assigned Numbers Authority (IANA), which is a branch of ICANN. The IANA divides TLDs into two main groups:

1. Generice Top Level Domains - like .com, .gov, .net, .org, .edu

2. Country Code Top Level Domains - like .us, .uk, .in

Authoritative Nameserver

The Authoratative Nameserver is the last stop for the DNS resolver, it contains the specific information of the domain name it serves. It provides the IP address of the server found in the DNS A record. If the domain name has a CNAME record (alias), it responds back with that alias domain and a whole new DNS lookup query starts again for finding the DNS A record for that IP address. If it cannot find a domain’s server address it responds with NXDOMAIN message.

Query Types

There are three types of dns queries. When combined properly it results in optimized and efficient DNS resolution with less distance travelled. In best case, a cached record data will be available which allows the DNS resolver to return a non recursive query.

1. Recursive - In this query, a DNS client requires that a DNS server will respond to the client with either the requested resource record or an error message if the resolver can't find the record.

2. Iterative - In this query, a DNS client provides a hostname, and the DNS Resolver returns the best answer it can. If the DNS resolver has the relevant DNS records in its cache, it returns them.

3. Non-recursive - typically this will occur when a DNS resolver client queries a DNS server for a record that it has access to either because it's authoritative for the record or the record exists inside of its cache.

Record Types

DNS Records also know as Zone files are the instructions that live in a authoritative DNS server and provides information about a domain including what IP address is associated with that domain and how to handle that request.

These request consists of the text files writtein in DNS syntax, which is basically a set to commands that tells the DNS server what to do.

All DNS records have a TTL which stands for time-to-live, and indicates how often a DNS server will refresh that record.

The most commonly used record types are:

1. A Record - Address Record, it holds the IPv4 address of a domain.

2. AAAA Record - Quad-A Record, it holds the IPv6 address of a domain.

3. CNAME Record - Canonical Record, it maps alias name to a domain name, it is used to forward a domain or a subdomain to another domain.

4. MX Record - Mail Exchange Record, it is used to route emails to a mail server.

5. TXT Record - Text Record, it allows admin to store text notes in the record which are used for security purposes.

6. NS Record - Nameserver Record, stores the nameserver for a DNS entry.

7. SRV Record - Service Locator Record, specifies a port for specific services.

8. PTR Record - Pointer Record, provides a domain name in reverse lookups.

DNS Caching

A DNS cache is a temporary database, maintained by a computer's operating system, that contains records of all the recent visits and attempted visits to websites and other internet domains.

In other words, a DNS cache is just a memory of recent DNS lookups that our computer can quickly refer to when it's trying to figure out how to load a website.

The Domain Name System implements a time-to-live (TTL) on every DNS record. TTL specifies the number of seconds the record can be cached by a DNS client or server. When the record is stored in a cache, whatever TTL value came with it gets stored as well. The server continues to update the TTL of the record stored in the cache, counting down every second. When it hits zero, the record is deleted or purged from the cache. At that point, if a query for that record is received, the DNS server has to start the resolution process.

Summary

The Domain Name System (DNS) functions as the internet's phonebook, translating human-readable domain names to IP addresses. When a user enters a domain in their browser, various servers work together to resolve the query to an IP address through a process called DNS Resolution. This involves DNS Resolvers, Root Nameservers, TLD Nameservers, and Authoritative Nameservers. DNS queries can be recursive, iterative, or non-recursive, and different DNS Records like A, AAAA, CNAME, MX, TXT, and others provide essential data about domains. DNS caching temporarily stores DNS lookups to enhance efficiency, governed by a Time-To-Live (TTL) value.