How Domain Name System (DNS) Works
Chidiadi Anyanwu
OCI Certified Architect Associate | AZ-900 | HCIA-Datacom | Student at University of Port Harcourt | Polymath
DNS is something the internet lives and breathes on. It is one of the fundamental technologies that makes our present internet possible and usable. In this article, I'll attempt to walk you through the following:
What is DNS?
The last article I wrote was about HTTP, and in there, I said that when you type in a URL like "linkedin.com" into your browser, your computer basically sends a HTTP request to LinkedIn’s?servers. That's an over-simplified description for the sake of not confusing anyone new to networking concepts.
Your computer does not know what "linkedin.com" means. That's gibberish to the computer. What it understands are IP addresses and port numbers. To know the servers to communicate with, it needs to convert the domain name, linkedin.com, to a usable IP address. That is what the Domain Name System (DNS) does.
DNS is a technology that allows computers on a network to resolve domain names to IP addresses. It works more like a phone book with names and numbers, where you only need to remember a person's name to be able to contact him/her.
The DNS Tree
DNS is organized?in an inverted tree structure. To understand it better, we have to go back and take a look at domain names.
A domain name is an easy-to-remember address for a host like a server hosting a website. It is what goes between "https://" and the first slash in a A URL. A domain name has four major parts, from right to left:
The different levels are separated by dots(.) and each level represents a node, or a "label" in the DNS tree. Domains under a domain are referred to as subdomains of the parent. For example, cisco.com.?is a subdomain of com.?Also, edu.ng.?is a subdomain of ng.?and uniport.edu.ng.?is a subdomain of edu.ng.
?
In the DNS database, information for each zone is stored in a zone file in the authoritative server for that zone.
A DNS zone is a part of the domain name-space?that is under the administrative control of one person or company or organization. For example, the domain google.com.?is the root of the zone delegated to Google Inc. Other domains under google.com.?(or subdomains of google.com.) like mail.google.com., docs.google.com., image.google.com. are in the google.com?zone of the domain name-space.
An authoritative name-server?is the name-server?that is trusted to have the valid records for a particular domain name or zone.
The Parts & Pieces
A Domain Name System operates on a server-client model and consists basically of two types of DNS servers: nameservers and resolvers, implemented both in software and dedicated hardware. The nameservers store all the information in a distributed form, each nameserver, storing a part of the information as seen in this article. Resolvers act as middle men between the end devices and nameservers. They query nameservers, forward DNS packets and validate responses.
Classifying by their positions in the DNS hierarchy, nameservers are of the following types:
Classifying by role, nameservers are of the following types:
Resolvers can be:
Root nameservers are the nameservers that reside in the root zone of the DNS. They return the list of authoritative nameservers for the requested TLDs. On the global DNS, there are only 13 logical (or virtual) root name servers with IP addresses, but with the use of anycast addressing, those 13 logical servers consist of 1644 instances as of 4th March, 2023. The 13 root name servers are managed by 12 independent organizations. The root domain contains all the top-level domains.
TLD servers are nameservers that reside in the TLD zone of the DNS. They return the list of authoritative servers for the requested domains under them.
A primary nameserver is the first point of contact of a host. If the primary nameserver is unavailable, the secondary nameserver is queried. It is a standby or backup nameserver containing a copy of the zone files.
Stub resolvers are software that ship with operating systems whose job is to send DNS queries for the applications on the host. Examples are the Windows DNS Client service and the systemd-resolved service on Linux.
Recursive resolvers are resolvers that act as the middleman between end devices (or hosts) and the DNS infrastructure. When a resolver is started up, it looks up the root hints file for the list of root server IP addresses and executes a "priming query" to ensure that they're the correct addresses. When the end user queries the recursive resolver, it checks its cached data, and if the record doesn't exist there, it queries the root nameservers, gets a response with the right TLD servers to query, queries the TLD server, then with the information gotten, queries the right authoritative server. It then returns the answer to its client. This repeated querying is referred to as recursive querying. Hence, the name.
DNS uses UDP port 53 for queries and common tasks, but for things that require large messages, TCP is used as UDP packets cannot contain more than 512 bytes of data.
DNS Forwarding
Let's say you have an internal company network that is connected to the internet. Your internal company network has its own internal domain names. Your internal root nameserver is not exposed to the internet. Now, you want to access the internet, but because your internal computers are configured with the internal root servers as their root servers, they cannot resolve any names on the internet.
In this case, you designate a DNS forwarder so that your DNS servers forward any queries they cannot resolve to the forwarder which then forwards it to the internet and gets a response. The response can then be cached for later use.
DNS Zone File Format
The main DNS information is stored in what is called a zone file. A zone file is a text file (without a file extension) that contains lines of entries known as "resource records" that specify various information about a domain or zone and its associated nameservers.
?The zone file usually starts with the $ORIGIN directive to specify the root of the domain. Any other resource record (RR) in the file that wants to make reference to the root can simply use an empty space or an @ symbol as you would see in the example. They can as well still write the root domain.
You must write the start-of-authority (SOA) RR before any other RR. It has to be the first one. At the most basic level, it consists of the domain name, record class, record type, domain name of server and an email address of the person responsible for managing it. Then a series of numbers which represent the serial number, refresh, retry, expire and default TTL times respectively.
A resource record could be made up of a couple of fields, but at the most bare bones level, it consists of host name, record class, record type, data. For example, take this zone file. This is a resource record.
?
I'm not going into the DNS class types for lack of proper understanding, but when you take away the reserved and unassigned, there are basically 3 defined ones: IN for internet, CH for Chaosnet class and HS for Hesiod class. Chaosnet is an old LAN protocol (I think, just like we have Ethernet today) developed at MIT that may still be in use. It can not be routed with the normal IP traffic, so there's CHAOSnet routing. Hesiod is an old nameservice technology which somehow is still compatible with the present domain name service, so it can store its records in the conventional DNS. It will just use HS as the record class.
DNS Record Types
There are many types of resource records (RR) but we'll just look at A, AAAA, MX and CNAME records here.
A Record:?This is an IPv4 record. It specifies the IPv4 address of a given domain name.
AAAA Record:?This specifies the IPv6 address of a given name. It's actually not that hard to remember because you know that an IPv4 address is 32 bits in length, and an IPv6 address is 128 bits in length, which is 4 times the size of the IPv4 address.
MX Record:?This is a Mail eXchanger record. It points to the IP address of the mail servers for that particular domain, because the mail server is not going to be the same as the web server.
CNAME Record:?A CNAME or canonical name record is one that provides an alias for another domain name. For example, if fight.example.com?has a CNAME record mapped to example.com, the DNS lookup for fight.example.com?will look for the A record of example.com?and return the IP address of the root domain, which is example.com. However, when the server receives that request, it will look at the URL and instead of returning the homepage for example.com, it'll return the appropriate page for fight.example.com. This makes it easy to use one IP address for many subdomains.
DNAME Record:?A delegation name record is almost like the canonical name record, but differs in that instead of pointing to the root of the zone, it can be an alias for a domain name on a different zone of the DNS name tree.
For example, fight.example.com?can have a DNAME mapped to fight.org, which is even under a different TLD. Such that a lookup for fight.example.com?would redirect the user to fight.org. This is not possible with CNAME records as fight.org?is not the root of the example.com?domain.
NS Record:?The nameserver record points to the authoritative nameservers for a zone.
?
What Happens When You Register A Domain Name?
Remember in the beginning when we mentioned that the internet we know and use has 13 root nameservers, and that those servers are managed by 12 organizations. Those root servers are differentiated by letters, not names.
These organizations maintain the severs and keep them running.
For the top-level domains(TLDs), there are 5 types of TLDs:
- Internationalized TLDs (IDNccTLD) which are written in non-Latin characters.
Certain organizations known as registries are responsible for managing the TLDs and maintaining the records of domain names registered under the TLDs they operate. They sign agreements with domain name registrars that sell the domain names to the average user.
The .com?TLD for example is a generic TLD managed by Verisign, Inc. The same company that manages the a?and j?root servers. They then give out permission to domain name registrars like GoDaddy, Namecheap and many others to register new domain names in their zone. So, when you buy a new .com domain like yourwebsitename.com, your domain name registrar sends that information to VeriSign to be registered with them and added to their zone file as a subdomain of their .com?domain.
However, if you create a new .vip?domain like yourclub.vip or yourwebsitename.vip, the information is sent to another company which in this case is Nominet, UK, as they're the ones that manage .vip?TLD.
Thank you for reading. I hope you learnt something new. Don't forget to like this article and subscribe to the newsletter.
Also, subscribe to my Telegram channel for more than just articles.
Graduate, Electronics and Computer Engineering || Multi-Potentialite with Broad Technical Skills || Virtual Executive Assistant
1 年Nice content you got!