Skip to main content

DNS

The Domain Name System (DNS) is a hierarchical and decentralized naming system used to resolve human-readable domain names (like google.com) into machine-readable IP addresses (like 142.250.72.206). This process allows users to access websites and other resources on the internet using easy-to-remember names rather than numerical IP addresses.

Basics​

Name Servers​

Name servers are specialized servers that store DNS records and respond to DNS queries.

  • Root Name Servers: These are the top-level servers that handle requests for the root zone and direct queries to the appropriate TLD (Top-Level Domain) name servers.

    Note

    There are 13 DNS root servers identified by the letters 'a' to 'm' (e.g., a.root-servers.net). Each of these root servers has multiple replicas located around the world, ensuring redundancy, reliability, and low-latency responses using Anycast technology. Any request made to a.root-servers.net is served by the nearest server replica.

  • TLD Name Servers: These servers manage requests for specific top-level domains like .com, .org, and direct queries to the authoritative name servers for the domain.

  • Authoritative Name Servers: These servers hold the actual DNS records for a specific domain and provide definitive answers to DNS queries.

Resource Records​

DNS uses various types of resource records to store information about a domain. Here are some common types:

Record TypeDescriptionExample
AMaps a domain to an IPv4 address.google.com -> 192.0.2.1
AAAAMaps a domain to an IPv6 address.google.com -> 2001:db8::1
CNAMEMaps a domain to another domain (alias).www.google.com -> google.com
NS

Specifies the authoritative name servers for a domain.

google.com -> ns1.google.com
MXSpecifies the mail servers for a domain.gmail.com -> mail.gmail.com

Hierarchical Structure​

DNS Hierarchy

DNS Hierarchy

DNS is organized in a hierarchical structure resembling a tree, with different levels representing parts of the domain name:

  • Root Level: The topmost level, represented by a dot (.), managed by root name servers.

  • TLD Level: The next level, representing top-level domains like .com, .org, .net.

  • Second Level: Domains registered under a TLD, such as example.com.

  • Subdomains: Further subdivisions under a second-level domain, like www.example.com and mail.example.com.

Example: Breaking down the URL www.excalidraw.com.

  • Root Level: .

  • TLD: .com

  • Second Level: excalidraw

  • Subdomain: www.

How DNS Works​

How DNS Works?

DNS Lookup

Step-by-Step DNS Resolution Process​

  1. User Request: The user types www.google.com into their web browser.

  2. Browser Cache: The browser checks its cache to see if it has a recent DNS record for www.google.com. If found and valid, the browser uses it to connect to the web server. If not, the process continues.

  3. OS Cache: If the browser cache misses, the OS checks its DNS cache for a valid record. If found, it is used to establish the connection.

  4. Local DNS Resolver: If the OS cache also misses, the OS sends a DNS query to the configured local DNS resolver (usually provided by the ISP or a custom DNS server like Google DNS at 8.8.8.8). The local resolver checks its cache for the DNS record.

  5. Root Name Servers: If the local resolver cache does not have the record, it queries one of the root name servers. The root server responds with the IP address of the appropriate TLD name server (e.g., for .com domains).

  6. TLD Name Servers: The local resolver queries the TLD name server for the authoritative name server of the domain (e.g., google.com). The TLD server responds with the IP address of the authoritative name server.

  7. Authoritative Name Servers: Finally, the local resolver queries the authoritative name server, which responds with the IP address associated with www.google.com.

  8. Caching: The local resolver caches the DNS record to speed up future requests. The OS and browser also cache the DNS record.

  9. Response to Client: The local resolver sends the DNS record back to the client’s OS, which then forwards it to the browser.

  10. Connection Establishment: The browser now uses the IP address to connect to the web server.

TCP vs UDP in DNS​

  • UDP: UDP is the primary protocol for DNS queries and responses. Most DNS requests are simple and fit within a single UDP packet (512 bytes for standard DNS queries).

  • TCP: TCP is used when DNS responses are too large to fit in a single UDP packet, such as during zone transfers (DNS record transfers) between DNS servers.

Long TTL vs Short TTL​

  • Long TTL:

    • Reduced Load: Fewer queries to authoritative servers, reducing load.

    • Performance: Faster response times due to longer caching.

    • Slow Updates: Changes to DNS records propagate slowly. Cached records are used until TTL expires, potentially showing outdated information.

  • Short TTL:

    • Increased Load: More frequent queries to authoritative servers.

    • Potential Latency: Slightly slower response times as records are fetched more often.

    • Fast Updates: Changes propagate quickly due to frequent cache updates.

  • Flexibility: Useful for environments where DNS records change frequently, like load balancing or failover scenarios.

Advantages of DNS​

  1. Scalable: The hierarchical structure allows efficient management of billions of domain names, with each level handling its portion independently.

  2. Reliable: Multiple redundant authoritative name servers ensure continuous availability, even if one server fails.