Understanding Domain Name and DNS (Domain Name System)

The domain name system (DNS) is a naming database in which internet domain names are located and translated into Internet Protocol (IP) addresses. The domain name system maps the name people use to locate a website to the IP address that a computer uses to locate that website.

For example, if someone types “example.com” into a web browser, a server behind the scenes maps that name to the corresponding IP address. An IP address is similar in structure to 203.0.113.72.

The majority of internet activities, including web browsing, rely on DNS to rapidly deliver the details required to link users to distant hosts. On the internet, DNS mapping is dispersed according to a hierarchy of authority. Governments, universities, and other institutions, as well as access providers and businesses, frequently have their own allotted IP address ranges and domain names. In most cases, they also control the DNS servers that map those names to those addresses. The domain name of the web server that processes client requests serves as the foundation of the majority of uniform resource locators (URLs).

How DNS works

DNS servers convert URLs and domain names into IP addresses that computers can understand and use. They translate what a user types into a browser into something the machine can use to find a webpage. This process of translation and lookup is called DNS resolution.

The basic process of a DNS resolution follows these steps:

  1. The user enters a web address or domain name into a browser.
  2. The browser sends a message, called a recursive DNS query, to the network to find out which IP or network address the domain corresponds to.
  3. The query goes to a recursive DNS server, which is also called a recursive resolver, and is usually managed by the internet service provider (ISP). If the recursive resolver has the address, it will return the address to the user, and the webpage will load.
  4. If the recursive DNS server does not have an answer, it will query a series of other servers in the following order: DNS root name servers, top-level domain (TLD) name servers and authoritative name servers.
  5. Together, the three different server types continue to reroute traffic until they locate a DNS entry that has the requested IP address. The user’s desired website loads after this information is sent to the recursive DNS server. DNS root name servers and TLD servers mostly redirect requests rather than solving problems directly.
  6. The recursive server stores, or caches, the A record for the domain name, which contains the IP address. The next time it receives a request for that domain name, it can respond directly to the user instead of querying other servers.
  7. If the query reaches the authoritative server and it cannot find the information, it returns an error message.

The entire process querying the various servers takes a fraction of a second and is usually imperceptible to the user.

DNS servers answer questions from both inside and outside their own domains. When a server receives a request from outside the domain for information about a name or address inside the domain, it provides the authoritative answer.

When a server gets a request from within its domain for a name or address outside that domain, it forwards the request to another server, usually one managed by its ISP.

diagram of how DNS servers interact

DNS servers talk to each other to answer a query from a client. Some DNS servers will have the necessary information cached and relay that back to the client so they can get online.

DNS structure

The domain name is usually contained in a URL. A domain name is made of multiple parts, called labels. The domain hierarchy is read from right to left with each section denoting a subdivision.

The TLD appears after the period in the domain name. Examples of top-level domains include .com, .org and .edu, but there are many others. Some may denote a country code or geographic location, such as .us for the United States or .ca for Canada.

Each label on the left-hand side of the TLD denotes another subdomain of the domain to the right. For example, in the URL www.techtarget.com, “techtarget” is a subdomain of .com, and “www.” is a subdomain of techtarget.com.

There can be up to 127 levels of subdomains, and each label can have up to 63 characters. The total domain character length can have up to 253 characters. Other rules include not starting or ending labels with hyphens and not having a fully numeric TLD name.

The Internet Engineering Task Force (IETF) has specified rules about implementing domain names in Request for Comments (RFC) 1035. 

DNS server types

There are several server types involved in completing a DNS resolution. The following list describes the four name servers in the order a query passes through them. They provide the domain name being sought or referrals to other name servers.

  1. Recursive server. A web browser is one example of an application that sends DNS requests to the recursive server. It is the initial resource the user accesses, and depending on whether it has the answer to the query cached or not, either supplies it or accesses the next-level server. Before responding to a client’s query, this server may make numerous query iterations.
  2. Root name server. If the recursive server doesn’t have the response cached, it sends a query to this server first. An index of all the servers that will hold the requested information is kept on the root name server. The Internet Corporation for Assigned Names and Numbers (ICANN), more specifically a division of ICANN known as the Internet Assigned Numbers Authority, is in charge of monitoring these servers.
  3. TLD serverThe root server directs the query based on the top-level domain — the .com, .edu or .org in the URL. This is a more specific part of the lookup.
  4. Authoritative name server. The authoritative name server serves as the DNS query’s last safeguard. These servers manage the subdomain portion of the domain name and are completely knowledgeable about a certain domain. These servers hold DNS resource entries, such as the A record, that provide detailed information about a domain. They deliver the required record to the recursive server, which then sends it back to the client and caches it nearby for later lookups.

A simple way of looking at the process is the recursive server primarily asks on behalf of the user and the authoritative server primarily answers the user query. The root and TLD servers handle the query as it travels from the recursive server to the proper authority.

Types of DNS queries

The following types of DNS queries are the main ones that take place at different points in the DNS resolution:

  • Recursive DNS queries are those that take place between the recursive server and the client. The answer provided is either the full name resolution or an error message saying that the name cannot be found. Recursive queries end in either the answer or an error.
  • Iterative DNS queries take place between the recursive resolver, which is a local DNS server, and the nonlocal name servers, like the root, TLD and authoritative name servers. Iterative queries do not demand a name resolution; the name servers may instead respond with a referral. The root server refers the recursive server to the TLD, which refers it to an authoritative server. The authoritative server provides the domain name to the recursive server if it has it. Iterative queries resolve in either an answer or a referral.
  • Nonrecursive queries are those for which the recursive resolver already knows where to get the answer. The answer is either cached on the recursive server or the recursive server knows to skip the root and TLD servers and go directly to a specific authoritative server. It is nonrecursive because there is no need — and, therefore, no request — for any more queries. Nonrecursive queries resolve in the answer. If a recursive resolver has cached an IP address from a previous session and serves that address upon the next request, that is considered a nonrecursive query.

In the fundamental DNS procedure, a client sends a recursive query to the recursive resolver, which sends a sequence of iterative questions that refer to the following iterative query. Once the authoritative server receives the query, it issues a nonrecursive query to retrieve the response if the recursive resolver believes it will be present. The data is then saved on the recursive resolver (see “DNS caching” section) so that it can be recovered in the future by a nonrecursive query. 

Common DNS records

DNS records are the information a query seeks. Depending on the query, client or application, different information is required. Some records are required, such as the A record.

There are many DNS record types, each with their own purpose in denoting how a query should be treated. Common DNS records are the following:

  • A record. This contains a domain’s IP address and stands for “address.” For IPv4 addresses only, A records are used. Instead, IPv6 addresses contain AAAA records, which make advantage of the lengthier format. The majority of websites have just one A record, however some larger sites have numerous, which aids in load balancing by sending several A records to various visitors during periods of high traffic.
  • NS recordThese name server records denote which authoritative server is responsible for having all the information about a given domain. Often, domains have both primary and backup name servers to increase reliability, and multiple NS records are used to direct queries to them.
  • TXT recordTXT records enable administrators to enter text into DNS. The original purpose was to put human-readable notes in DNS, but today, machine-readable notes are often put there. TXT records are used to confirm domain ownership, secure email and counter email spam.
  • CNAME recordCanonical name records are used instead of an A record when there is an alias. They are used to retry the query of the same IP address with two different domains. An example would be in the URL searchsecurity.techtarget.com, where the CNAME would query techtarget.com.
DNS record flow diagram

What is Zone File?

A DNS zone file is a text (.txt) file that stores the information about domain names in a DNS database. 

This file saves all the required details about the domains, including nameservers, DNS records, and more information.

How does DNS increase web performance?

Servers can cache the A records, or IP addresses, they receive from DNS queries for a set amount of time. Caching promotes efficiency, enabling servers to respond quickly the next time a request for the same IP address comes in. 

For instance, the local DNS server would only need to resolve the name once if everyone in the workplace needed to watch the same training video on a certain website on the same day. After that, it could serve any subsequent requests from its cache. The time to live (TTL), often known as the duration of the record, is determined by administrators and is based on a number of variables. Shorter time periods provide the most accurate responses, while longer ones lessen the pressure on servers.

DNS caching

The goal of DNS caching is to reduce the time it takes to get an answer to a DNS query. Caching enables DNS to store previous answers to queries closer to clients and get that same information to them faster the next time it is queried.

DNS data can be cached in a number of places. Some common ones include the following:

  • Browser. Most browsers, like Apple Safari, Google Chrome and Mozilla Firefox, cache DNS data by default for a set amount of time. The browser is the first cache that gets checked when a DNS request gets made, before the request leaves the machine for a local DNS resolver server.
  • Operating system (OS). Many OSes have built-in DNS resolvers called stub resolvers that cache DNS data and handle queries before they are sent to an external server. The OS is usually queried after the browser or other querying application.
  • Recursive resolverThe answer to a DNS query can also be cached on the DNS recursive resolver. Resolvers may have some of the records necessary to return a response and be able to skip some steps in the DNS resolution process. For example, if the resolver has A records but not NS records, the resolver can skip the root server and query the TLD server directly.

DNS security

There are a few flaws in DNS that have been found over time. One such flaw is DNS cache poisoning. Data is delivered to caching resolvers via DNS cache poisoning while acting as an authoritative origin server. The data may then contain inaccurate information and have an impact on TTL. It is also possible for actual application requests to be redirected to a malicious host network.

With the goal of tricking consumers into thinking the website is legitimate, someone with bad intentions can develop a risky website and gain access to their personal data. A user could be tricked into choosing a bogus link by changing a domain name’s character with one that looks similar—for example, replacing the number 1 with the letter l. Phishing scams frequently use this as an opening.

Individuals can use DNS Security Extensions for security. They support cryptographically signed responses.

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *