Did you know that you can locate anything on Earth using a pair of geographic coordinates? For example, the coordinates for the Chase Center in San Francisco, the home ground for Golden State Warriors is 37.7680° N, 122.3879° W.

For an average person, these coordinates aren’t helpful and they would need directions including landmarks and street names to reach the destination. But if you enter these coordinates into your GPS navigation apps such as Google Maps or Waze, it will give you the directions to the Chase Center.

This is similar to what the Domain Name System (DNS) does. It translates human-readable addresses (or domain names) to machine-readable IP addresses (or coordinates).

In this blog post, we explore the basics of DNS, including what it is, how it works, how it is used, as well as DNS caching and DNS record types.

This blog post will answer the following questions about DNS:

1. What is DNS?

2. How does DNS work?

3. How does DNS resolve domain names to IP addresses?

4. What is DNS caching?

5. How does DNS work with email hosting?

6. What are DNS record types and how are they used?

All devices connected to the Internet find and communicate with other devices using Internet Protocol addresses, or IP addresses. But when you want to access a website, you open a web browser and type the name such as google.com or amazon.com instead of the IP address.

IP addresses are not user-friendly because they are difficult to remember. To remedy this, DNS translates the human-readable website names (such as "google.com" or "amazon.com") into numerical IP addresses, which the computers can understand.

DNS is a decentralized, hierarchical naming system that associates domain names with IP addresses and other forms of information. This repository of information, called the DNS directory, is stored in special servers called DNS servers.

There are a large number of DNS servers located across the world and these servers are interconnected and frequently communicate to synchronize directory information and create redundancy.

The work that a DNS does occurs behind the scenes and does not require any interaction from the user’s computer other than the initial request. When you type a website name into a browser, the computer sends a request to a DNS server, which looks up the IP address of that website and sends it back. And the computer uses that IP address to connect to the website.

But first, the DNS query must pass through different components. The following four DNS servers are involved in loading a webpage:

The DNS recursor (also known as a recursive resolver) is a server that receives queries from applications such as web browsers and checks if it already has the IP address for the site saved. If not, it makes additional requests to other DNS servers to fulfill the client’s DNS query.

A root nameserver is the first stop in a recursive resolver’s quest for DNS records (we will explain DNS records a little later). It takes a DNS recursor’s query containing a domain name and based on the extension of the domain (.com, .org, etc.), directs the DNS recursor to a top-level domain (TLD) nameserver.

There are thirteen types of root nameservers, each with multiple copies all over the world to provide speedy responses to queries. These root nameservers are overseen by the nonprofit organization called the Internet Corporation for Assigned Names and Numbers (ICANN).

A TLD nameserver is a server that keeps a record of all the domain names that share a common domain extension, i.e. the set of characters that comes after the last dot in a URL. Examples of domain extensions include .com, .org, etc.

So, when you search for itjones.com, the query will be sent to a .com TLD nameserver, which would in turn respond by pointing to the next server in the chain, i.e. the authoritative nameserver.

TLD nameservers are managed by a branch of ICANN called the Internet Assigned Numbers Authority (IANA). TLD servers are divided into two primary groups:

• Generic top-level domains

  These include generic TLDs such as .com, .org, .net, .edu, and .gov.

• Country code top-level domains

  These include country or state-specific TLDs such as .us, .uk, .in, etc.

The authoritative nameserver is generally the last step in the journey that goes from a domain name to an IP address. The authoritative nameserver contains information specific to the domain name it serves and responds to the request of the recursive resolver, providing the IP address of that server found in the DNS A record.

If the domain has an alias, i.e. a CNAME, the authoritative nameserver provides the alias domain and the DNS recursor will have to perform a new DNS lookup to find the IP address.

In order to access a website and load it on your web browser, your browser needs the IP address associated with that website. The process by which your browser takes the domain name of the website and translates it into its corresponding IP address is called domain name resolution.

A website can have both IPv4 and IPv6 addresses. The IPv4 address is found in the form of a DNS A record, while the IPv6 address is found in a DNS AAAA record. Both IP addresses will be necessary for the DNS resolution of a domain name.

The DNS resolution process typically consists of the following steps:

1. OS Recursive Query to DNS Resolver

Every operating system (OS), such as Windows, macOS, Linux, etc. has its own built-in DNS resolver, which is used by all applications running on the device. So, when you type a web address into the search bar of a browser, the browser sends a request to the operating system's DNS resolver, which in turn sends a recursive query to the appropriate DNS servers on the Internet.

A “recursive query” is a client request that must be responded to with either the sought response or an error message. So in our case, when our browser raises a recursive DNS query, through the system’s DNS resolver, for a website, the expected response will be either the IP address associated with the website name or uniform resource locator (URL) or an error message stating that the website does not exist.

If the device’s cache already has the IP address of the requested website, the domain name resolution ends here as the browser will be able to load the website using the stored IP address. But if there is no information about the website in the cache, the domain name resolution process will continue.

2. DNS Resolver Query to the Root Server

The DNS resolution process starts with an iterative query to the root server. The resolver queries one of the root DNS servers for the IP of the requested site. The expected response for this query can be an IP address, the location of an authoritative name server, or an error.

There are 13 root servers named A through M, each operated by a different organization. Their overall management is overseen by IANA. Each server has a large number of copies distributed across the globe. These servers are also strategically located around the world so that they can be accessed quickly and efficiently by DNS resolvers from any part of the globe.

The servers are designed for high availability and redundancy. This enables a large number of users to simultaneously access the servers and ensures continued operation even in the case of failures.

3. Root Server Response

As we mentioned earlier, root servers hold the locations of all TLDs. so when it receives a query, it returns the location of the TLD servers. Say the query is for “google.com”, the root server will respond with a list of locations of the .com generic TLD servers listed as nameserver or NS records.

4. DNS Resolver Query to the TLD Server

Next, the DNS resolver sends an iterative query to the generic TLD server seeking the authoritative nameserver for the domain name, i.e. google.com in our example. For domain extensions such as .us, .in, .uk, etc, the DNS resolver would have to query country code TLD servers.

5. TLD Server Response

Each TLD server maintains a list of all of the authoritative nameservers for each domain that it holds. When it receives a DNS resolver query, it responds with a list of all of the domain’s NS records. In our example, the .com TLD will respond with a list of all of google.com’s nameserver records.

6. DNS Resolver Query to the Nameserver

The DNS resolver then queries one of the nameservers from the list it received in the previous step. In our example, the DNS resolver queries one of Google’s nameservers for the IP of google.com.

7. Nameserver Response

The authoritative nameserver then responds with the IP address of the domain name in question or with an error indicating that the domain name does not exist. In the case of a subdomain, it responds with a referral to the next level of the nameserver. The queried nameserver will respond with an A address record for IPv4 or AAAA address record for IPv6.

8. DNS Resolver Response to OS

The DNS resolver, having finished the recursion process, responds to the operating system with the IP address of the domain.

9. Browser Starts TCP Handshake

The operating system then provides the IP address to the browser, which initiates the Transmission Control Protocol (TCP) connection to begin loading the website.

The DNS resolution process is long and complicated since it involves four sets of DNS servers, namely, DNS recursor, Root nameserver, TLD nameserver, and authoritative nameserver. There’s a lot going on and the process can often take time to complete. This is not ideal from a user experience standpoint.

Therefore, a technique called DNS caching is used to improve the loading time of websites. DNS caching is the process of storing DNS query results in the DNS resolver's local cache. When a DNS resolver receives a domain name query, it first checks its cache to see if it already has the required information. If the DNS resolver has a cached copy of the query result, it can provide it to the browser or other application without having to contact other DNS servers.

DNS caching lessens the number of queries that need to be sent to other DNS servers, greatly reducing the time taken to resolve a domain name. It also reduces network load by trimming down the amount of traffic that needs to be sent to other DNS servers.

Usually, the cache expires after a certain time that is set in the DNS records by the authoritative nameserver. This ensures that the record remains accurate in case of any changes.

When an email is sent to a specific email address, the sending email server uses DNS to determine the IP address of the mail server that handles email for that domain name. It accomplishes this by sending an MX query (Mail eXchanger) to the DNS server, which returns the mail server's IP address. The sending email server then uses the IP address to connect to the mail server and deliver the email.

To host email services for a domain, the domain owner must register the domain name and create DNS records that link the domain name to the email server's IP address. Typically, these records are created and maintained by the domain registrar or hosting company. The MX records, like the A or AAAA records that point to the IP address of a web server, point to the IP address of an email server.

DNS records are the foundation of the DNS system. They are used to associate domain names with IP addresses and other information required for domain name resolution. There are several types of DNS records, each with its own purpose and function.

The most common types of DNS records are:

An A record or Address record is used to associate a domain with an IPv4 address. It is used to connect domain names to services such as web servers and mail servers that use IPv4 addresses.

An AAAA or Quad-A record is used to associate a domain with an IPv6 address. It is also used to connect domain names to services such as web servers and mail servers that use IPv6 addresses.

An MX record or Mail Exchanger record specifies the mail servers that handle email for a domain and is used to route email to the correct mail server for the domain.

NS records or Name Server records specify the nameservers that are authoritative for a domain. They are used to direct DNS queries to the correct name servers for the domain.

CNAME records or Canonical Name records map an alias domain name to the real (canonical) domain name. Multiple domain names can be associated with a single IP address using CNAME records.

TXT records or Text records contain text that can be used for various purposes, such as storing SPF (Sender Policy Framework) data or other information.

Each record type serves a distinct purpose in the domain name resolution process, ensuring that domain names are resolved to IP addresses and that email and other services are delivered to the correct servers. They all work together to keep the DNS system efficient, reliable, and secure.

Conclusion

DNS is a critical component of the internet infrastructure because it allows web and email services to be accessed by domain names rather than IP addresses, making them easier to remember and use.


A good grasp of DNS, its working, and the domain name resolution process is critical for managing and securing a network. So if you are looking for experts to help you with your network management, feel free to click the button below to schedule a call with our specialist network engineers.

If you liked the blog, please share it with your friends