What’s DNS
DNS, or the Domain Name System, is a hierarchical and distributed naming system that translates human-readable domain names (like example.com) into the numerical IP addresses (like 192.0.2.1) that computers use to communicate with each other on the Internet
Main Functions
- Name resolution: Translating domain names to IP addresses so web browsers can load Internet resources
- Distributed database: Storing information associated with domain names in a distributed manner
- Fault tolerance: Providing a distributed and fault-tolerant service to avoid a single point of failure
How it Works
When a user enters a domain name into a web browser, the following happens:
- The browser sends a DNS query to a recursive resolver, which is responsible for making additional requests to find the IP address.
- The recursive resolver first checks its cache for the IP address. If not found, it queries the root nameservers.
- The root nameservers provide a referral to the appropriate top-level domain (TLD) nameservers (e.g. .com).
- The recursive resolver queries the TLD nameservers, which provide a referral to the authoritative nameservers for that domain.
- The recursive resolver queries the authoritative nameservers, which provide the final IP address.
- The recursive resolver sends the IP address back to the browser, which can then connect to the website.
DNS Server Types
- Recursive DNS resolver: Resolves domain names by querying other DNS servers. Caches results for improved performance
- Root nameservers: Top-level authority for the DNS hierarchy. Directs queries to the correct top-level domain (TLD) nameservers.
- top-level domain (TLD) nameservers: Responsible for a specific TLD (e.g.,
.com
,.org
,.net
). Directs queries to the authoritative nameserver for a domain name. - Authoritative nameservers: Stores DNS records for a domain name and provides the correct IP address or DNS records when queried.
DNS Components
The main components of the DNS system are:
- Domain names: Human-readable names like example.com
- IP addresses: Machine-readable numbers that identify devices on the Internet
- Nameservers: Servers that store DNS records and respond to queries
- Root nameservers: The top-level servers in the DNS hierarchy
- Top-level domain (TLD) nameservers: Servers for top-level domains like .com, .org, etc.
- Authoritative nameservers: Servers that have the definitive answer for a domain name
- Resolvers: Programs that initiate and manage the DNS lookup process
- Recursive resolvers: Resolvers that handle the full query process
- DNS records: Data stored in nameservers that maps domain names to IP addresses and other information
Why it’s Important
- Simplifies Web Navigation: Users can remember domain names instead of IP addresses
- Enable distributed hosting: Multiple servers can host the same domain name
- Provide load balancing: Allows routing traffic to different servers based on load or location
- Enable content delivery networks (CDNs): Allows serving content from servers geographically close to the user
Record Types
DNS records are essential components of the Domain Name System (DNS), serving various functions in the resolution of domain names to IP addresses. Here are the most commonly used types of DNS records:
- A Record (Address Record): Links a domain name to its corresponding IPv4 address, allowing browsers to route user requests to the correct server.
- AAAA Record: Similar to the A Record but specifically for IPv6 addresses, facilitating routing on networks that utilize the newer IP format.
- CNAME Record (Canonical Name Record): Used to alias one domain name to another. This is useful for managing multiple domain names that point to the same IP address without needing separate A or AAAA records for each.
- MX Record (Mail Exchange Record): Specifies the mail server responsible for receiving email messages on behalf of a domain, thus routing emails to the correct server.
- TXT Record (Text Record): Provides text information to external sources. Common uses include verifying domain ownership and implementing email security measures like SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail).
- NS Record (Name Server Record): Indicates the authoritative name servers for a particular domain, essential for delegating subdomains to specific name servers.
- PTR Record (Pointer Record): Primarily used for reverse DNS lookups, allowing a query of an IP address to retrieve its associated hostname.
- SRV Record (Service Record): Identifies the location of servers for specific services, specifying the port number and hostname of servers offering services like VOIP or IMAP.
- SOA Record (Start of Authority Record): Contains essential domain information, including the primary name server, the email of the domain administrator, and various timers related to refreshing the zone.
DNS Queries Types
DNS queries can be categorized into three main types: recursive, iterative, and non-recursive. Each type has distinct characteristics and operational procedures.
- Recursive Query: In a recursive query, the DNS resolver is tasked with obtaining the final answer for the client. If the resolver does not have the answer in its cache, it will perform the necessary queries to various DNS servers, starting from the root server down to the authoritative server, and return the final result to the client. This type of query ensures that the client receives a complete answer without having to make multiple requests itself.
- Iterative Query: An iterative query allows the DNS client to request the best answer from the DNS server. If the server has the information in its cache, it will respond directly. If not, it will provide a referral to another DNS server that might have the answer. The client then must repeat the query with the referred server. This type of query involves more client-side processing and is less efficient than recursive queries.
- Non-Recursive Query: In a non-recursive query, the DNS server is expected to provide an answer directly from its cache or database. If it cannot find the information, it will return an empty response rather than querying other servers. This type of query is typically used when the resolver already knows the answer and can respond immediately.
Popular Providers
- Cloudflare
- Google DNS
- Route53
- Azure DNS