DNS: The Domain Name System
DNS is what allows us to type www.example.com instead of using an IP address. Think how difficult browsing the web would be if you had to remember IP addresses for all of the websites that you want to visit.
Basic DNS Process
- You enter a URL (including domain) into a web browser.
- The browser checks if you have a local entry for that domain (e.g. in /etc/hosts on Linux).
- If you don't have a local entry, the host queries a local or remote DNS server to find out the IP address for the server of the domain.
- The browser uses that IP address to exchange IP packets with the server.
- The IP packets sent from the server contain 'HTML' and other assets which are 'rendered' by the browser.
Hosts will usually have a file which specifies hostname - IP address pairings. This is usually checked first and then a query is made to a DNS server.
DNS servers are hierarchical so if the first server that you ask doesn’t have information for that exact domain, it will ask a more senior DNS server.
A host, acting as a DNS resolver, makes a recursive query. A recursive query is when you ask for a full answer to your query or an error but not a partial answer.
For example, if you want ‘blog.example.com’ you either want the IP address for ‘blog.example.com’ or an error message saying that it can’t be found. You don’t want the IP address for just ‘example.com’.
When you ask your DNS server to resolve an address, it will make iterative queries. Iterative DNS queries involve resolving parts of a domain name to get to the full answer.
How Recursive and Iterative DNS Queries Work
- Host asks their local DNS server (DNS1) for blog.example.com.
- DNS1 asks their ISP DNS server (DNS2) for the IP address.
- DNS2 asks a root DNS server where to find the '.com' TLD (Top Level Domain) DNS server (DNS3).
- DNS2 asks the .com TLD (Top Level Domain) name server (DNS3) where the authoritative DNS server for example.com is and gets an answer of DNS4.
- DNS2 asks DNS4 what the IP address for blog.example.com is.
- DNS2 returns the IP address to DNS1.
- DNS1 returns the IP address to the host.
DNS entries will be cached at different stages of this process to make lookups quicker in the future.
IANA (Internet Assigned Numbers Authority) maintains a list of the root servers. Today many people will use public DNS servers instead of relying on their ISP. For example Google's 22.214.171.124 service or Cloudflare's 126.96.36.199 service.
Common types of DNS record are given below.
Also known as a Host record, A Records map hostnames to 32 bit IPv4 addresses.
AAAA records map hostnames to 128 bit IPv6 addresses.
A Canonical Name (CNAME) record gives an alias for another name. A DNS lookup can then be performed against that. For example, ‘www.example.com’ might be an alias for ‘example.com’. Then if you ask for ‘www.example.com’ the DNS server will just tell you to get the IP address for ‘example.com’.
Mail eXchange (MX) records give the IP address(es) of mail servers for a given domain.
Name Server (NS) records give the IP address(es) for the authoritative name servers that service a domain.
Pointer (PTR) DNS records return a name, instead of trying to find an IP address. They are most commonly used for reverse DNS lookups (trying to find a hostname from an IP address).