In a hurry? Check out our 2-minute explainer video above.
The Domain Name System (DNS) works magic behind the scenes, helping web servers deliver the right content every time. Yet, few understand the intricacies of how this fantastic system works. Here's a short guide for those curious about how this unseen network of servers works.
What is the Domain Name System?
We all know how websites work. You type a website domain name into your web browser, and it loads a web page – something that seems simple. The Domain Name System, or DNS for short, is a system that converts domain names into IP addresses.
The Internet works by connecting devices through an address that uses numbers instead of letters. Each device has a unique IP address. All of this information sites on DNS servers. The important thing here is that DNS servers eliminate the need for humans to memorize IP addresses.
All you need to know is the domain name of a website, and the DNS does the rest.
What Are DNS Servers?
DNS servers are computers that store a database of domain names and their IP addresses. They are responsible for resolving domain names to IP addresses and maintaining and updating the database of domain names and IP addresses.
These servers are simply computers put to work at a specific job. They are only intended to support the DNS system and don’t need to do anything else. There are two kinds of DNS servers; Authoritative DNS Servers and Recursive DNS Servers.
Authoritative DNS Servers
Authoritative DNS servers are the ones that have the authority to answer queries. When a user types in a domain name and clicks “enter,” their computer sends a query to one of these authoritative DNS servers. These authoritative DNS servers then respond with all the information about that domain or subdomain.
Authoritative nameservers are authoritative for a specific domain or subdomain, so if you want to look up information about google.com, your computer will send its request to an authoritative server for Google's namespace (in this case, Google's primary nameserver).
Suppose there isn't an answer on any of Google's nameservers. In that case, it will send its request off-site by following referrals until it finds an answer somewhere else (which might take several hops), which will often be another company's server hosting services for another website such as Facebook or Blogger).
Recursive DNS Servers
Recursive DNS servers are the backbone of the Internet. Even if you're unaware, your computer uses recursive DNS servers daily to access websites and other resources on the Internet.
After you type a URL in your web browser, that URL goes to the recursive DNS server. The recursive DNS server then examines its cache memory to see whether the IP address for the URL is already stored.
If the IP address information already exists, the recursive DNS server will send the IP address to the browser. You can then see the website for which they typed in the URL.
Recursive DNS servers also provide additional security for Internet users by blocking malicious websites from accessing your computer or mobile device. If you attempt to visit an unsafe website, such as one that contains malware or viruses, the recursive DNS server blocks the request.
How a DNS Lookup Works
When you type a URL in your web browser, the following steps take place:
The user's computer sends a query for the IP address associated with that URL.
The resolver queries its root nameserver for an IP address associated with the TLD (Top-Level Domain) name requested by the client. For example, suppose you try to connect to www.google.com. In that case, the resolver will ask its root server for “com” and receive back a TLD record giving it all possible addresses that could contain records pointing to Google servers on the Internet or intranets connected to it (e.g., 204.232/16).
The resolver then sends requests for each address until it finds one that responds correctly with an A record containing information about how many more hops there are before reaching some machine running Google's web service software (e.g., 74/8).
Once we find the destination server, we just need one more thing from them before sending our request: their public key certificate identifying itself as the right destination.
Types of DNS Queries
There are three types of DNS queries – recursive, iterative, and non-recursive. Recursive queries are the most common type of query. Applications like web browsers or email clients mainly use these queries. However, each query serves a distinct function.
1. Recursive Query
In a recursive query, a DNS client requires that a DNS server (typically a DNS recursive resolver) responds to the client with either the requested resource record or an error message if the resolver can't find the record.
2. Iterative Query
In this situation, the DNS client will allow a DNS server to return its best answer. If the queried DNS server does not have a match for the query name, it will produce a referral to a DNS server authoritative for a lower level of the domain namespace.
The DNS client will then make a query to the referral address. This process continues with additional DNS servers down the query chain until an error or timeout occurs.
3. Non-recursive Query
Typically this will occur when a DNS resolver client queries a DNS server for a record that it has access to either because it's authoritative for the record or because it exists inside of its cache.
What is DNS Caching?
DNS caching occurs when a DNS server stores the results of its query in a local cache. It then sends those cached records to requesting clients instead of sending them back to the authoritative DNS servers.
This process can help speed up Internet browsing because it reduces the number of queries that need to be made by your computer or mobile device. However, in some situations, DNS caching can result in errors you can only resolve by waiting or clearing the cache.
The other alternative is to disable the cache, but it is not a recommended step since it will slow down your web browsing.
DNS is an integral part of the internet and affects your online experience. It enables you to find web pages, email addresses, and other resources by translating their human-friendly names into a numeric IP address.
The DNS service runs on servers that store information about domain names to answer questions from users or systems looking up IP addresses.