DNS (Domain Name System) Explained.

The Domain Name System is a hierarchical and distributed name service, that helps translates human readable domain names or websites like www.google.com to machine readable IP addresses (for example: 192.168.10.1).

Lets say, you want to visit google search engine, so you open any web browser and type www.google.com in the address bar and hit enter. DNS server will be contacted to get the IP address of the server (for example: 192.168.10.1) where the website www.google.com is hosted, and will respond with Resource Record and your machine will then connect to the IP address (192.168.10.1) to fetch the content of the website and display it on the web browser.

DNS is the protocol which makes it possible. It involves queries and response. The browser makes a query for a website and the server responds with Resource Record (the location where the website is hosted). DNS eliminates the need of the users to remember the IP address associated with the domain name. Now lets try to understand the function of DNS in details with all the necessary components that makes the DNS works.

Components of DNS.

The DNS has below components

1. Domain Name Space / DNS Naming Space: It logically divides the domains into hierarchical structure (Tree Structure).
2. DNS zone and Resource Records (RR): These are the entries present in the Name Servers that provides specific information about the sub domain.
3. Name Servers: These are the servers which holds the information about the domain logical tree’s structure.
4. Resolvers: These are the middle agent between the Client (Browser / Machine) and the DNS Name Servers. The job of Resolvers is to move the DNS query and response between Name Server and the Client.

DNS Naming Space.

DNS is logically organized in a tree structure comprised of multiple levels. Each node in tree is provided a label which defines its Domain of Authority. Logically dividing the domains into tree structure helps us understand the concept better.

Root Name Servers.

Root Servers or Root Name Servers also referred as dot [ . ] essentially manages domain names for the entire Internet. It contains all the names and IP addresses of all the top-level domains (TLDs) Servers. If any DNS query for www.google.com comes, it will respond with the IP address of the TLS DNS server .com

Many say that there are only 13 Root Name Servers in the world. There are close to 1845 instances of root servers operated by the 12 independent root server operators. But only 13 IP addresses used to query the different Root Name Server networks. To know more on Root Servers and get the location of Root Servers please visit the webpage https://root-servers.org/

Top-Level Domains (TLDs).

Below the Root Name Servers are the TLD Name Servers. Examples are .org .com .edu .in .us

The top level domains are maintained by Internet Assigned Numbers Authority (IANA) and are generally divided into 2 categories, Generic top-level domains (gTLD) and Country-code top-level domains (ccTLD).

• Generic top-level domains (gTLD): examples of gTLD are .com, .org, .net an many more.
• Country-code top-level domains (ccTLD): examples of ccTLD are .in (India), .us (United States), .au (Australia).

To check the complete list of the TLDs please visit the webpage https://www.iana.org/domains/root/db

When the DNS query for www.google.com reaches to Top-Level Domain Name Server, it responds with the location of the Second-Level Domain Name Server google.com

Second-Level Domains.

Below TLD’s there are Second level domains. Example google.com | linkedin.com

The Second-Level Domain Name Server has information about the sub domain for the second level domain ( example www.google.com | mx.google.com ) and are authorized to provide any details (Resource Records) of subdomain.

The Name server for Second-Level Domain is also called as Authoritative Server or Authoritative Name Server.

Country-code second-level domains.

This is an extension to Country-code top-level domains, Many countries implement the combination of Country-code top-level domains with Country-code second-level domains. (example: .co.in | .au.uk | .net.au)

Subdomains.

Subdomains (example: www.google.com | abc.aashu.co.in) are managed by the Authoritative Name Server for the Second-Level Domains. Every subdomain has their own records by which it can be identified over the internet.

DNS Zone.

DNS Zone is a logical entity (logical boundary) that shows which domains and sub domains are managed by a specific organization or Administrator. A zone cannot be associated with a domain name or a single DNS server, a DNS zone may contain multiple subdomains.

For example: google.com has 3 different sub domains.

• support.google.com
• mail.google.com
• webtesting.google.com

Let’s say there is a separate team responsible for webtesting.google.com. To provide this team total control of webtesting.google.com we can create a separate DNS zone for webtesting.google.com

Once the webtesting.google.com is moved to a separate DNS zone, the administrator can make changes to the records without waiting for the approval of google.com DNS zone administrator and without impacting the main site google.com

Resource Records (RR).

Each DNS zone consists of multiple Resource Records (RR) which are stored in a zone file. Each Resource Record specifies information about a particular entity / object. For example: MX Record shows to which server the emails needs to be sent to for a specific domain.

Common Resource Record (RR).

1. NS (Name Server) Record: Shows the authoritative DNS servers for a domain.
2. SOA (Start of Authority) Record: Provide the primary source of authority for the domain, including all essential information like the primary DNS server, contact email address, and other settings.
3. A (address) Record: Map the domain names to their associated IP addresses.
4. AAAA (IPv6 Address) Record: Maps a domain name to an IPv6 address.
5. MX (mail exchange) Record: Identify the mail servers responsible for handling email for the domain.
6. CNAME (canonical name) Record: Provide an alias for existing A records.
7. TXT (text) Record: Contain text-based information associated with the domain, such as SPF (Sender Policy Framework) records used for domain ownership validation.

TTL (Time to live) in Resource Record.

There is a property of Resource Record, known as TTL (Time to live). The TTL field shows the limit of how long an RR can be kept in a cache by resolver.

A short TTL value (300 seconds) can be used to minimize caching on resolver and DNS server, high TTL value (86400 seconds / 24 hours) can minimize the DNS traffic to the server.

Name Server (NS).

Name Servers are the program on DNS server which hold information about the domain tree’s structure and Resource Record (RR). A name server can cache a tree structure information. A particular name server has information about the domain space. The name server must concurrently process queries that arrive from resolvers.

Below are the different types of Name Servers.

1. Root Name Servers: It contains the information about the Top Level Domain servers example .org .com .edu .in .us
2. Top Level Domain (TLD) Name Servers: The TLD Name Server contains the information of the Authoritative server for the domain.
3. Authoritative Name Servers: These servers actually handles and responds to the DNS request for a specific domain.
4. Caching Name Servers: These servers cache (Temporarily Store) the DNS response so that if the next time same request comes in, it should be answered without contacting the Authoritative Name Servers. Many times the Caching Name Servers are bundled up with Recursive Name Servers.
5. Recursive Name Servers: It is the middle man between the machine (web browser) which is used to view the website and the original server where the website is actually hosted. Example: the DNS server hosted in the ISP (Internet Service Provider) helps us to open the webpage, by requesting the website on behalf of the machine and gets the response to the machine.

Resolvers.

The user (web browser) access Name Servers through standard programs called Resolvers. The user does not generate DNS queries directly, instead the user makes a request to a resolver, which in turn checks for the webpage in local cache, if not found sends the DNS queries to Name Servers for the webpage.

DNS Queries.

Queries are DNS requests sent to a name server to get the response (Resource Record). The DNS query can use UDP or TCP, so the Server should listed to both port number 53 on TCP and UDP.

Below are the types of DNS queries.

1) Recursive Query.

In Recursive query, the resolver sends the DNS request to the DNS server, If the DNS server does not have the information, then it will query the Root Server and gets the response on behalf of the resolver. Once DNS server gets the response to the original DNS request sent by the resolver, it will then send the DNS response back to the resolver.

Below are the steps involved in getting a webpage for www.google.com using Recursive DNS Query.

2) Non Recursive Query.

In non recursive query, the resolver sends the DNS request to the DNS server, if the DNS server does not have the response then it will refer the resolver to another server, and let the resolver query the server for response.

Below are the steps in getting the webpage for www.google.com using Non Recursive Query.

The DNS is the backbone of the internet, using DNS devices can use domain names and communicate with each other with ease. Understanding the root zone, TLDs, SLDs, and authoritative name servers, helps to understand the working of DNS better.