What is DNS (Domain Name System)?

Learn via video courses
Topics Covered

Overview

Similar to how a phone's contacts list matches names to numbers, the domain name system is a naming database that locates and translates internet domain names to their unique IP addresses. DNS is used in various internet activities to swiftly discover an IP address to connect to and access content. DNS is important because, for humans, it's tough to remember numeric values compared to alphabetic values. DNS maps a domain of a website to its respective IP address.

What is DNS in Computer Networks?

The Domain Name System (DNS) is a method for mapping alphabetic names to numeric IP addresses on the Internet, similar to how a phone book maps a person's name to a phone number. A DNS query is made when a web address (URL) is typed into a browser to obtain the IP address of a web server associated with that name. The DNS directory is distributed worldwide to account for the millions of domain names listed and accessed daily. A domain name can correspond to more than one IP address if various users look for the same website simultaneously. If 100 people search for scaler.com at the same time, each receives a different IP address from separate servers. If a domain name only had one server and one IP address, all 100 individuals would be waiting in line to access the site.

DNS contains various servers that cover the alphabetic domains to its numeric IP. The resolution process of the DNS can either be iterative or recursive.

1. Recursive DNS Service

In this type, if the DNS resolver only communicates to the root servers and the remaining servers were communicated recursively by the root server. The root server sends the output (IP in this case) to the DNS resolver. Recursive DNS Service

2. Iterative DNS Service

In this type, the DNS resolver can directly communicate and receive input from the servers at different levels. Iterative DNS Service

How Does DNS Work?

DNS is concerned with translating a domain name into an IP address. To learn how this process works, look at the following steps. working of dns

  1. If you type scaler.com into a web browser, the query is transmitted over the Internet and received by a DNS resolver.
  2. The DNS resolver then queries a DNS root nameserver.
  3. After then, the root server responds to the DNS resolver with the address of a TLD DNS server (such as .com or .net), which keeps the information for the resolver's domains. Our request for scaler.com is directed to the .com top-level domain (TLD).
  4. The DNS resolver then requests the .com TLD after receiving the address of the TLD by the root server.
  5. The IP address of the domain nameserver, scaler.com, is then returned by the TLD server.
  6. Finally, the DNS resolver sends a query to the domain's nameserver.
  7. The nameserver returns the IP address, for scaler.com, to the resolver.
  8. The DNS resolver then returns the IP address of the domain that was requested originally to the web browser.
  9. An HTTP request is sent to the IP address by the browser.
  10. The server returns the webpage to be rendered in the browser at that IP.
  11. Finally, after all the processes mentioned above, the user can now view the web page on their machine.

DNS Structure

In Request for Comments (RFC) 1035, the Internet Engineering Task Force (IETF) lays out the requirements for implementing domain names. In most cases, the domain name is included in the URL. Labels are the components that make up a domain name. Each segment of the domain hierarchy denotes a subdivision and is read from right to left.

Each label on the TLD's left side designates a different subdomain of the domain to the right. For example, "scaler" is a subdomain of .com, and "www." is a subdomain of techtarget.com in the URL www.scaler.com. Each label can have up to 63 characters, and there can be up to 127 levels of subdomains. Up to 253 characters can be used in the overall domain character length. Labels do not start with a hyphen and can not have entirely numeric TLD names.

DNS Server Types

To complete a DNS resolution, different types of servers are used. The order in which a query passes through the four name servers is listed below. They can either supply the requested domain name or refer you to alternative name servers.

DNS Resolver

An application, such as a web browser, sends DNS queries to the recursive server. It's the user's first resource, and it either provides the response to the query if it has it cached, or it goes to the next-level server if it doesn't. Before answering the client, this server may undergo multiple iterations of querying.

Root Name Server

If the recursive server does not have the answer cached, it first sends a query to this server. The root name server is a directory of all the servers that will hold the requested information. The Internet Corporation for Assigned Names and Numbers (ICANN), specifically the Internet Assigned Numbers Authority, is in charge of these servers.

Top-Level Domain Server

A TLD nameserver keeps track of all domain names with the same domain extension, such as .com, .net, or whatever comes after the last dot in a URL. For example, a '.com' TLD nameserver includes information for every website that ends in '.com'. If a user searched for scaler.com, the DNS resolver would submit a query to a .com TLD nameserver, which would answer by referring to the authoritative nameserver for that domain.

Authoritative name server

A DNS resolver will be directed to an authoritative nameserver when it receives a response from a TLD nameserver. The resolver's final stage in the path for an IP address is usually the authoritative nameserver. The server contains information specific to the domain name it serves (e.g., scaler.com). If the authoritative name server has access to the requested record, it will return the requested hostname's IP address to the DNS Recursor (the librarian) who initiated the request.

Types of DNS Queries

In DNS resolution, generally, three types of queries occur. Combining these queries results in optimal DNS resolution, which reduces the distance traveled to resolve the domain to its respective IP. These queries are described below.

1. Recursive Query

A DNS client expects a DNS server (usually a DNS resolver) to respond to a recursive query with either the requested resource record or an error message if the resolver is unable to locate it.

2. Iterative Query

It occurs between the DNS resolver and the nonlocal name servers, like the root, TLD, and authoritative name servers. The root server refers to the recursive server to the TLD, which directs it to an authoritative server. If the authoritative server has the domain name, it passes it on to the recursive server. Iterative requests either result in a response or a referral.

3. Nonrecursive Query

This usually happens when a DNS resolver client requests a record from a DNS server that it has access to, either because it is authorized for the record or because the record is in its cache. DNS servers typically cache DNS records to save unnecessary bandwidth usage and pressure on upstream systems.

Common DNS Record

DNS records are the data that a query is looking for. Different information is required depending on the query, client, or application. Some recordings, such as the A record, are essential. There are various DNS record kinds, each having its unique function in indicating how a query should be handled. The following are some examples of DNS records:

  • A Record stands for address and holds the IP address of a domain.
  • Ns record stands for name server records that specify which authoritative server is responsible for maintaining all information for a specific domain.
  • TXT records enable administrators to enter text into DNS.
  • When there is an alias, canonical name records are utilized instead of an A record. They're used to retry a query with two different domains from the same IP address.

How Does DNS Increase Web Performance?

We live in an era where speed is everything, and everyone wants speed with the maximum possible accuracy. To increase web performance, DNS uses caching to store the set of records or IP addresses received by the DNS queries for a fixed amount of time. Caching improves efficiency by allowing servers to react fast when receiving a request for the same IP address.

To understand better, let us take an example. Suppose you want to revisit scaler topics to read our fantastic articles after reading this article. The IP address of the scaler topics is cached in your browser, and when you search for it the next day, it will get picked by the cache instead of searching in various DNS servers. The time to which the record is held in the cache is called TTL. The time to live (TTL) of a record is determined by administrators and is based on a variety of variables. More extended periods reduce server burden, while shorter periods offer the most precise responses.

Domain Name System Caching

DNS caching aims to shorten the time it takes to receive a response to a DNS query. Caching allows DNS to save past answers to requests closer to clients, allowing them to obtain the same information faster the next time they query it. Caching improves efficiency by allowing servers to react quickly when receiving a request for the same IP address. There are various places where caching is done. Some common ones include the following.

1. Operating System

Many operating systems include stub resolvers, which store DNS data and handle queries before sending them to an external server.

2. Web Browsers

Many web browsers store DNS for a fixed time. Browers allow fast resolution of IP addresses.

3. DNS Resolver

The DNS resolver can also cache the result of a DNS query. Some resolvers may already have some of the records needed to respond, allowing them to skip some steps in the DNS resolution process.

Domain Name System Security

Along with the various features and reliability the DNS provides, it also has some vulnerabilities. Two of the major vulnerabilities are

1. Cache Poisoning

DNS cache poisoning is a misleading assault that diverts traffic away from authorized websites and puts users at risk of malware infestations and data theft. An attacker uses a web server and cache to serve a malicious Hypertext Transfer Protocol (HTTP) response to users in web cache poisoning. DNS resolvers cannot validate the data in their caches, which implies that inaccurate data will remain in the cache until the issue is manually fixed or TTL(time to live) expires.

2. Phishing

It is done to get users’ data by creating a false website of a well-known website with an utterly unauthorized backend. Phishing causes user privacy and financial status as it is intended to harm the end-user.

Domain Name Space

The name of a host is divided into various pieces called domains. These domains are structured in a hierarchical structure so that top-level domains are listed at the top of the hierarchy and low levels are listed at the bottom. When searching for a host, we start our searching in ascending order, i.e., from leaf nodes to root nodes.

Top Level Domains and Country Domains

The TLD servers are divided into two groups by the IANA:

1. Generic Top-level Domains

Some of the most well-known generic TLDs are .com, .org, .net, .edu, and .gov. Also, these domains are not country-specific.

2. Country code top-level domains

Any domains specific to a country or state fall under this category. Some examples of country code top-level domains are .uk, .us, .ru, and .jp.

Dive into the world of computer networking with our Free course designed for beginners. Enroll now and build a strong foundation in networking principles!

Conclusion

  • Similar to how a phone's contacts list matches names to numbers, the domain name system is a naming database that locates and translates internet domain names to their unique IP addresses.
  • There are four types of DNS servers.
    1. DNS Resolver
    2. Root Name Server
    3. Top-Level Domain Server
    4. Authoritative name server
  • A domain name can correspond to more than one IP address. It is one of the main reasons to use DNS.
  • DNS caching aims to shorten the time it takes to receive a response to a DNS query.
  • Phishing and Cache poisoning are two significant system vulnerabilities due to DNS.