What every IT engineer must know about (DNS) Domain Name System

DNS Architecture

Domain Name System (DNS) is a service that translates human-friendly domain names (such as google.com) into machine-readable IP addresses (such as 142.250.192.142). This allows us to easily remember and access websites, rather than having to memorize and type in long strings of numbers. The server that stores this information is known as Nameservers. So, a nameserver is like a database that stores these Domain names and IP address records.

However, there are billions of websites, and no matter how much you optimize a database to hold them, it will still be extremely slow. So, how does DNS functions and how is it so quick that we aren’t even aware of its presence? (Until it ceases to function and everyone hurries to Twitter to report that Facebook or Instagram is down :) )

The process of resolving a domain name to an IP address is carried out by various components within the DNS system, including resolvers, root servers, TLD (top-level domain) servers, and authoritative name servers. DNS works by using a hierarchical system of nameservers, each responsible for a specific portion of the domain name.

When a user types a domain name into their browser, the request is first sent to a resolver. The resolver first checks its cache for the domain name in question. If the domain name is not found in the cache, the resolver sends the query to the root server.

The root server is the top level of the DNS hierarchy and is responsible for knowing the addresses of the top-level domain (TLD) servers. There are only 13 root servers in the world, and their role is to know about the TLD servers. TLD servers, such as .com, .net, .io, .org, .gov, etc, are responsible for managing the second level of the domain name. For example, when a query is made for google.com, the root server will respond with the IP address of the .com TLD server, When the query is for india.gov it will respond with the IP address of .gov TLD server.

The TLD server then receives the query and responds with the IP address of the authoritative nameserver. Authoritative nameservers are the servers that hold the actual IP address of the domain name in question. Authoritative name servers are typically managed by domain registrars such as GoDaddy, Cloudflare, or Route53, etc. The authoritative nameserver will look up the domain name in its host files and return the IP address to the resolver.

The nameservers be like: “I know a guy that knows a guy that can help you.”

In summary, the journey of a DNS query is as follows:

1. The client initiates the query by typing a domain name into the browser.
2. The query is sent to the resolver.
3. The resolver checks its cache for the domain name.
4. If the domain name is found in the cache, the resolver returns the IP address to the client.
5. If the domain name is not found in the cache, the resolver sends the query to the root server.
6. The root server responds with the IP address of the TLD server.
7. The TLD server responds with the IP address of the authoritative nameserver.
8. The authoritative nameserver looks up the domain name in its host files and returns the IP address to the resolver.
9. The resolver returns the IP address to the client.

It’s worth noting that DNS is a decentralized system, meaning that there are many different DNS servers around the world that work together to resolve domain names. Additionally, DNS is also a hierarchical system, meaning that each level of the hierarchy is responsible for a specific portion of the domain name. This helps to distribute the workload and allows the system to scale to handle billions of domain names.

Also, it’s worth to mention that there are two types of DNS queries: Recursive and Iterative. When a DNS resolver makes a recursive query, it expects the DNS server it queries to either respond with an answer or give a referral to another DNS server that can provide the answer. On the other hand, an iterative query allows the DNS resolver to query multiple DNS servers until it gets the answer.

In addition, there are other important components in DNS, such as DNS Security (DNSSEC) which is used to prevent DNS spoofing, and DNS over HTTPS (DoH) which is used to encrypt DNS queries and protect users from eavesdropping and tampering.

Overall, DNS is a fundamental part of the internet that allows us to access websites using easy-to-remember names. Understanding how it works can help us troubleshoot issues and improve our online experience.

And that’s it! That’s the DNS for you. I hope you enjoyed it.