DEV Community

Cover image for What is DNS and how does it work
sachindra@work
sachindra@work

Posted on

What is DNS and how does it work

#dns #security #cybersecurity

What is DNS?
The Domain Name System, or DNS, is like the phonebook of the internet. It enables users to connect to websites using human-readable domain names (like ibm.com) instead of having to remember complex numerical IP addresses. DNS translates these domain names into IP addresses.

How DNS Works

  1. User Request:
    When a user types a domain name into a browser, the query is sent to a DNS resolver (often provided by the user's Internet Service Provider).

  2. DNS Resolver Cache:
    The resolver first checks its cache for a stored IP address corresponding to the domain name. If found, it quickly returns the address.

  3. Query the DNS Hierarchy:
    If not in cache, the resolver sends a query to a root DNS server. The root server responds with a referral to the Top-Level Domain (TLD) server for the domain (e.g., ".com").

  4. TLD Server:
    The resolver then queries the TLD server, which responds with the address of the authoritative name server for the domain (such as "ibm.com").

  5. Authoritative DNS Server:
    The resolver queries the authoritative server, which looks up the DNS zone file and returns the IP address for the domain.

  6. Return and Cache:
    The resolver caches the IP address for a time-to-live (TTL) period and returns it to the user's device. The browser or app uses the IP to connect to the web server.

DNS Components

  1. DNS Zones and Zone Files:
    DNS zones are collections of resource records managed by authoritative DNS servers. Zone files contain these records that map between domain names and IP addresses.

  2. Resource Records:

  • A Record: Maps a hostname to an IPv4 address.
  • AAAA Record: Maps a hostname to an IPv6 address.
  • CNAME Record: These records forward one domain or subdomain to another domain. Maps an alias hostname to a canonical name (C-NAME).
  • MX Record: These records resolve to the address of the servers that handle the email for the domain.
  • PTR Record: Used for reverse DNS lookups.
  • NS Record: Indicates authoritative DNS servers for a domain. Indicates which DNS server is authoritative for that domain (i.e. which server contains the actual DNS records)
  • TXT Record: Holds text information for various uses including email verification. Lets an admin store text notes in the record. These records are often used for email security.

Types of DNS Servers
Recursive Resolver (or Recursive DNS Server):
This is the first server to receive a DNS query from a client (like your web browser).

Its job is to find the IP address for the requested domain name by querying other DNS servers on behalf of the client.
Often, this server is provided by your Internet Service Provider (ISP) or a third-party service like Google Public DNS.

Root Name Servers:
These servers are the top of the DNS hierarchy.

When a recursive resolver needs to find the IP address for a new domain, it first contacts a root server to get a list of servers responsible for that domain's top-level domain (like .com or .org).

Top-Level Domain (TLD) Name Servers:
After getting the TLD information from the root server, the recursive resolver then contacts the TLD name server.

The TLD server holds information for all domains with a particular extension (e.g., all .com domains) and points the resolver to the authoritative name server for that specific domain.

Authoritative Name Servers:
This is the final server in the chain and holds the actual IP address for the requested website or domain.

Once the authoritative server provides the IP address to the recursive resolver, the resolver caches the information and sends the IP address to your device, allowing your browser to connect to the website.

DNS Records are nothing but instructions that are stored in authoritative DNS servers and also it’s called as zone file. These records provide important and relevant details about domains and hostnames.

Importance and Security
DNS is essential for the internet's usability, translating human-friendly domains into machine-friendly IP addresses. It also supports email delivery and network troubleshooting. Security measures like DNSSEC (DNS Security Extensions) are implemented to ensure authenticity and protect users from attacks like DNS spoofing.

References:

Top comments (0)