To anyone reading this and finds it stupid or annoying, this is my first attempt.
This post is meant for beginners who enjoy a poor guy’s attempt at demystifying the web.
What is DNS?
DNS (Domain Name System) - In simple terms, it's basically a group of computers pointing fingers, and it's also a phonebook for the internet
Why should I care?
Well, if it goes down or if you are unable to access it, you can't doomscroll on Instagram, and also not reach this awesome place to read about DNS.
Why is it needed?
Without DNS, you would have to write 172.217.70.138 every time you wanted to Google Cat images.
172.217.70.138is the IP address of google.com
Terminology (In My Own Words)
For anyone who, like me, gets the jargon all mixed up, here's a quick intro/refresher
DNS: Domain Name System (The phonebook)
DNS Resolver: A little thingy on your device that asks,
"Hey, what’s the IP address for this domain?"DNS Server: A server within the DNS that stores the DNS records (A page that includes the mapping of your name (domain) to your address (IP))
DNS Zone: A special place in the DNS world that you manage (your domain and its subdomains)
Domain: The name in the phonebook (your favorite website)
Registrant: This is you when you want to buy a domain
Registrar: This is the business selling you the domain
Register: The organization that maintains the official record that proves you own the domain
The Curiosity
So why am I writing this post?
Actually, this is because I went down a rabbit hole a few days back, and it all began when I thought of buying a domain for myself, and having never done it before, I was curious
I didn't look for who would sell me the domain; instead, I went to a trusted source (ChatGPT) and asked what do I do to buy a domain?
The answer was quite simple:
Go to a registrar
Buy a domain
Point it to a server where your content lives
But that almost seems like magic, so let's break the spell
Breaking DNS into Zones
DNS works in layers (or zones), starting from the top and working its way down to you.
The Root Zone (.)
It all begins here.
This . (dot) is the root zone where everyone must cross to reach their destination
But what does it do?
The root zone doesn’t know where every website lives.
Instead, it knows where Top-Level Domains live. Examples:
.com.org.dev
Top-Level Domains (TLDs)
The .com or .dev and such domains are called the Top-Level Domains
They are managed (not in an evil way, hopefully) by billion-dollar companies like Verisign and Google.
Their job is simple
Point to the authoritative servers for the domains under them.
So where does this end?
It ends with you, I mean your DNS zone.
Here's a quick example with my very own domain: syedfazil.dev
Here's roughly how things go:
I go to
syedfazil.devon my deviceMy device asks its DNS resolver
"What's the IP address of
syedfazil.dev?"
-
The resolver asks a root server:
"Where can I find
.dev?" -
Considering that
.devis managed by Google, the root server responds:"
.devis handled by Google’s TLD servers." -
Now we know where .dev is, so let's ask Google:
"Where is
syedfazil.dev?" Google responds with the nameservers of the registrar that sold the domain to me (in my case, from Porkbun).
Finally, the resolver asks those nameservers for the actual records.
Now, as of writing this blog post, I don't have any IP directly mapped to syedfazil.dev, but porkbun, for the time being, has set its own default page.
But I do have another subdomain mapped to hashnode that is blog.syedfazil.dev
So you might ask, where does it know the address of blog.syedfazil.dev from?
The answer is that we have already reached the end.
My DNS zone ends at syedfazil.dev
So any subdomains (blog, api, www, etc.) that I have will be present here, and voila, you have successfully learnt how domain name resolution works.
A bit of technical stuff for the nerdy folks
There are 13 logical root servers (named A to M) that use anycasting to distribute the load over thousands of servers all over the world
-
anycast, meaning:
- Each “server” is actually many servers
- Spread all over the world
This robust network has survived multiple DDoS attempts
So if you have made it this far, then there's more for you
Can someone else take over my domain?
In theory: Yes
In practice: Most likely not
Here's why
The Internet is a mix of both centralized and decentralized systems
While the TLDs and root servers are managed by a few companies and universities
Your zone can be managed by anyone, including yourself!
But let's say you aren't going to host your server for DNS and give that job to someone who already does it, for example, let's take Google DNS
Here's what you would do
You would go over to your Google Cloud Console account
Create a DNS zone
Get the nameservers from Google, then
Go over to your registrar and tell them that you want to use the Google nameservers for your zone.
Where's the risk?
Anyone can create a DNS zone in Google DNS
If you were to
Go to Google and create a DNS zone for
syedfazil.devbefore me and point it to your IP, andI was dumb enough to delegate it to my zone to Google before I created the zone
Then you would have taken over my domain (temporarily)
But what if you create the DNS zone later?
Well, you can't because there can only be one zone per domain in a nameserver.
So if you really wanted to use Google DNS, then you can ask the good folks at Google to remove the impostor zone by proving ownership of your domain
Why doesn't this happen frequently?
Because what are the chances that someone will create a DNS zone for your domain before you? And even if they did, you can switch the nameserver to someone else, like from Google to Cloudflare
The End
If you have read till the end, then thank you, and I really appreciate your time, and if there's anything that I have gotten wrong, then please feel free to correct me, and if you have any thoughts or questions, please comment
Top comments (0)