The domain name system (DNS) is a naming database in which internet domain names are located and translated into Internet Protocol (IP) addresses. The domain name system maps the name people use to locate a website to the IP address that a computer uses to locate that website.
For example, if someone types "example.com" into a web browser, a server behind the scenes maps that name to the corresponding IP address. An IP address is similar in structure to 203.0.113.72.
Web browsing and most other internet activities rely on DNS to quickly provide the information necessary to connect users to remote hosts. DNS mapping is distributed throughout the internet in a hierarchy of authority. Access providers and enterprises, as well as governments, universities and other organizations, typically have their own assigned ranges of IP addresses and an assigned domain name. They also typically run DNS servers to manage the mapping of those names to those addresses. Most Uniform Resource Locators (URLs) are built around the domain name of the web server that takes client requests.
DNS servers convert URLs and domain names into IP addresses that computers can understand and use. They translate what a user types into a browser into something the machine can use to find a webpage. This process of translation and lookup is called DNS resolution.
The basic process of a DNS resolution follows these steps:
The entire process querying the various servers takes a fraction of a second and is usually imperceptible to the user.
DNS servers answer questions from both inside and outside their own domains. When a server receives a request from outside the domain for information about a name or address inside the domain, it provides the authoritative answer.
When a server gets a request from within its domain for a name or address outside that domain, it forwards the request to another server, usually one managed by its ISP.
The domain name is usually contained in a URL. A domain name is made of multiple parts, called labels. The domain hierarchy is read from right to left with each section denoting a subdivision.
The TLD appears after the period in the domain name. Examples of top-level domains include .com, .org and .edu, but there are many others. Some may denote a country code or geographic location, such as .us for the United States or .ca for Canada.
Each label on the left-hand side of the TLD denotes another subdomain of the domain to the right. For example, in the URL www.techtarget.com, "techtarget" is a subdomain of .com, and "www." is a subdomain of techtarget.com.
There can be up to 127 levels of subdomains, and each label can have up to 63 characters. The total domain character length can have up to 253 characters. Other rules include not starting or ending labels with hyphens and not having a fully numeric TLD name.
The Internet Engineering Task Force (IETF) has specified rules about implementing domain names in Request for Comments (RFC) 1035.
There are several server types involved in completing a DNS resolution. The following list describes the four name servers in the order a query passes through them. They provide the domain name being sought or referrals to other name servers.
A simple way of looking at the process is the recursive server primarily asks on behalf of the user and the authoritative server primarily answers the user query. The root and TLD servers handle the query as it travels from the recursive server to the proper authority.
The following types of DNS queries are the main ones that take place at different points in the DNS resolution:
In the basic DNS process, a client makes a recursive query to the recursive resolver, which then makes a series of iterative queries that result in referrals to the next iterative query. Eventually, the query goes to the authoritative server, which, if the recursive resolver knows it will find the answer there, makes a nonrecursive query to retrieve it. The information is then stored on the recursive resolver -- see "DNS caching" section -- so that a nonrecursive query can retrieve it in the future.
DNS records are the information a query seeks. Depending on the query, client or application, different information is required. Some records are required, such as the A record.
There are many DNS record types, each with their own purpose in denoting how a query should be treated. Common DNS records are the following:
Servers can cache the A records, or IP addresses, they receive from DNS queries for a set amount of time. Caching promotes efficiency, enabling servers to respond quickly the next time a request for the same IP address comes in.
For example, if everyone in an office needs to access the same training video on a particular website on the same day, the local DNS server would only have to resolve the name once, and then it can serve all the other requests out of its cache. The length of time the record is held -- also known as the time to live (TTL) -- is set by administrators and depends on various factors. Longer time periods decrease the load on servers, and shorter ones ensure the most accurate responses.
The goal of DNS caching is to reduce the time it takes to get an answer to a DNS query. Caching enables DNS to store previous answers to queries closer to clients and get that same information to them faster the next time it is queried.
DNS data can be cached in a number of places. Some common ones include the following:
DNS does have a few vulnerabilities that have been discovered over time. DNS cache poisoning is one such vulnerability. In DNS cache poisoning, data is distributed to caching resolvers, posing as an authoritative origin server. The data can then present false information and can affect TTL. Actual application requests can also be redirected to a malicious host network.
An individual with malicious intent can create a dangerous website with a misleading title and try to convince users that the website is real, giving the hacker access to the user's information. By replacing a character in a domain name with a similar looking character -- such as replacing the number 1 with the letter l, which may look similar -- a user could be fooled into selecting a false link. This is commonly exploited with phishing attacks.
Individuals can use DNS Security Extensions for security. They support cryptographically signed responses.
In the 1970s, all hostnames and their corresponding numerical addresses were contained in a single file called "HOSTS.TXT" and were maintained by Elizabeth Feinler from the Stanford Research Institute. This was known as the Advanced Research Projects Agency Network, or ARPANET, directory, and Feinler manually assigned numerical addresses to domain names. Adding a new name to the directory required a phone call to Feinler.
By the 1980s, this system became too inefficient to maintain. In 1983, the domain name system was created to distribute what was initially one centralized file with every address in it across multiple servers and locations.
In 1986, IETF listed DNS as one of the original internet standards. That organization published two documents -- RFC 1034 and RFC 1035 -- that described the DNS protocol and outlined the types of data it was able to carry.
Since then, DNS has been consistently updated and expanded to accommodate the increasingly complex internet. Today, large ubiquitous information technology companies, like Microsoft and Google, offer their own DNS hosting services.
Learn how organizations can use Microsoft's Azure DNS zones to improve networking control and efficiency in their cloud implementations.
26 Aug 2021