Overview:
Domain Name System (DNS) resolves hostnames, such as http://www.example.com, to IP address. By default, DNS operates on port 53.
Everything that is connected to the Internet has an IP address. From your smartphone to a company’s web server. All these systems find and communicate with one another by using IP addresses.
However, when you use your device and open up a web browser to go to a website, you don’t have to remember the IP address. Instead, you can enter a domain name like google.com.
This is because DNS can translate an easy to remember names like google.com to IP addresses like 192.0.0.1 that are lot more harder to remember. Everyone calls it the phone book of the internet.
A DNS server is a computer system with a database containing the public IP addresses associated with the names of the websites.
Whenever a DNS server finds the IP address that matches the domain name, browsers take the address and use it to send data to content delivery network (CDN) edge servers or origin servers. That way the information on the website server can be accessed by the user.
DNS Hierarchy:
Below chart shows you the DNS hierarchy, also known as domain name space, which is composed of 5 elements.
1) Root Level
2) Top Level Domains
3) Second Level Domains
4) Sub-Domain
5) Host
This is simply an inverted tree structure that helps resolve a domain name. The resolution process starts at the root level and works its way down until it resolves into an IP address.
Root server contains a global list of the top level domains and sits at the top. It is the first step in resolving a domain name. It answers requests for records in the root zone and answers other requests by returning a list of the authoritative name servers for the appropriate top-level domain (TLD).
Let’s talk about an example. When you type in a domain name in your browser, it first contacts recursive DNS servers located throughout the world. Many people will use the recursive DNS servers managed by their Internet Service Provider. Recursive DNS query is something that occurs when a client requests information from a DNS server that is set to query subsequent DNS servers until a definitive answer is returned to the client. If the recursive DNS server doesn’t have that information, it connects to another type of DNS server to continue the search until it finds out.
Usually the information is cached, but if the recursive DNS nameserver did not already have a DNS record cached in its system, it will need to ask for help from the authoritative DNS hierarchy to get the answer.
DNS cache exists to streamline the DNS lookup process that resolves a domain name to an IP address and almost all browsers automatically create it. However, to ensure a high security level, it is cleaned out regularly. This is to ensure that if the web page has changed the location of its web server in the time since its IP address was cached, it doesn’t grab an inaccurate IP address. This also lessens attacks like DNS poisoning or DNS spoofing.
Now back to authoritative DNS. An authoritative DNS server is a regional phone book that matches IP addresses with domain names. Authoritative DNS nameservers are responsible for providing answers to recursive DNS nameservers about where specific websites can be found.
There are authoritative DNS servers that cover different regions. Authoritative DNS servers do two things. First, it stores lists of domain names and their associated IP addresses. Second, it responds to requests from a recursive DNS server about the correct IP address assigned to a domain name. After getting the answer, the recursive DNS server sends that information back to the computer that requested it.
Each part of a domain like http://www.example.com has a specific authoritative DNS nameserver. The root domain nameservers will know the IP addresses of the authoritative nameservers that handle DNS queries for the Top Level Domains like “.com”, “.edu”, or “.gov”.
Now you understand why DNS is a critical service. If a DNS server for a zone is not working and cached information has expired, the domain becomes inaccessible. This is why DNS is organized with a hierarchical structure from root level down to be managed independently. Also, each zone has at least two DNS servers to ensure redundancy and DNS zone transfer is used. Zone transfer is simply the passing of DNS information from one name server to a secondary name server.
DNS records:
Record files, also known as zone files, are instructions that live in authoritative DNS servers. These files provide information about a domain like who the admin is to what IP address is associated with that domain. Think of it as a product review page with all the information about that product or a brochure.
Lets go over a list of common DNS records
- A record – The record that holds the IPv4 address.
- AAAA record – The record that contains the IPv6 address.
- CNAME record – Record that contains subdomain that links to another domain, does NOT provide an IP address.
- MX record – Record that directs email to a email server.
- TXT record – Text box used by admins. These records are often used for security.
- NS record – Record that contains the name server for a DNS entry.
- SOA record – Record that contains admin information about a domain.
- SRV record – Record that specifies a port for specific services.
- PTR record – Record for reverse-lookups.
Let’s dive into details regarding these records. When you buy and start hosting your website on your server, you will need to find out what type of address it has on it. If the server has an IPv4 address then you need to add an A record to your domain name. If the server has an IPv6 address, then you need to add an AAAA record. A record is required to resolve a fully qualified domain name. This is required to basically connect your server’s IP address to a domain name. You can do this by contacting your domain registrar and sending them the IP address of the web server you are hosting and request them to add a host record. You can also do it by yourself if you have access to the hosting control panel by adding the correct record and pointing it to the IP address.
Canonical name (CNAME) is a type of DNS database record that indicates that a domain name is the nickname or alias for another domain name. This is essential when running multiple services from a single IP address. For example, when it is hosting a website and a file transfer protocol (FTP) service for transferring data. FTP server will have ftp.example.com as a canonical name. When the DNS server searches the DNS records for ftp.example.com, it will trigger another DNS lookup to example.com, thus restarting the query using CNAME. It then returns the IP address for example.com via its A or AAAA record. This is done because IP addresses change frequently. Only the DNS A or AAAA record for the root website example.com needs to be updated, since CNAME records aren’t pointed to the IP but to the domain name.
This is why CNAME records must point to a domain and not an IP address. A domain with a CNAME record can either point to another domain with a CNAME record or to a domain with an A or AAAA record.
When would CNAME be used?
1). To point several websites owned by a single entity or organization to its primary website
2). To provide a separate hostname for different network services like File Transfer Protocol (FTP) or email, pointing each hostname to the root domain
3). To provide subdomains for each customer on a single service provider’s domain and use the CNAME to point the subdomain to the customer’s root domain; and
4). To register the same domain in several countries and point each country-specific version to the main domain.
DNS mail exchange (MX) record is a record which directs email to a mail server. The MX record indicates how email messages should be routed in accordance with Simple Mail Transfer Protocol. Just like CNAME records, an MX record must always point to another domain.
Message transfer agent (MTA) software is responsible for querying MX records. When a user sends an email, the MTA sends a DNS query to identify the mail servers for the email recipients. Then the MTA establishes an SMTP connection with those mail servers.
DNS text (TXT) record is simply a fillable cell that a domain administrator can type into. Two of the most important uses for DNS TXT records are email spam prevention and domain ownership verification.
Nameserver is a server that handles queries regarding the location of the domain name’s various services. It defines your domain’s current DNS provider. You can check this using whois lookup tool.
When you make a request for anything related to the domain name, it gets sent to the name server. Usually there’s multiple name servers. In response, the DNS server sends back the IP address. This works for the Web Site, Mail Servers, and anything else based on the domain name.
The SOA record defines the beginning of the authoritative DNS zone and specifies the global parameters for the zone.
SOA is a set of data that provides critical resources for the Domain Name System that helps to validate domains on the Internet. It is not possible for your zone to work without that information.
SOA record has serial number, primary name server, DNS admin email, refresh rate, retry rate, expire time, and default TTL. Serial number is the revision number of the zone file. Primary name server is the host name for the primary DNS server for the zone. Admin email is the email responsible for administering the domain’s zone file. Refresh rate is the time in seconds that a secondary DNS server waits before querying the primary DNS server’s SOA record to check for changes. Retry rate is time in seconds that a secondary server waits before retrying a failed zone transfer Expire time is time in seconds that a secondary server will keep trying to complete a zone transfer. Lastly, default TTL is minimum time to live value that applies to all resource records in the zone file.
All DNS zones need an SOA record in order to conform to IETF standards. SOA records are also important for zone transfers.
Then we have the DNS service (SRV) record which specifies a host and port for specific services such as voice over IP (VoIP) or instant messaging. Most other DNS records only specify a server or an IP address, but SRV records include a port at that IP address as well. Some Internet protocols require the use of SRV records in order to function.
Lastly, we have a pointer record. Think of this one as the reverse version of A or AAAA records. A DNS pointer record (PTR for short) provides the domain name associated with an IP address and not the other way around. DNS PTR records are used in reverse DNS lookups. This is when a user submits a query that starts with the IP address and looks up the domain name. Think of it as having a phone number, but you don’t know who that person is.
In a real-world scenario, one will always use external DNS otherwise known as DNS facilities of Internet service provider (ISP) rather than having its own internal DNS server. However, if the company operates a large and complex network, it might have internal DNS.
There are numerous DNS providers like Google that offer Cloud DNS. DNS might be critical in environments in which the Internet is heavily used. If you go that route, you need to know Domain Name System Security Extensions (DNSSEC), which is a suite of IETF specifications for securing certain kinds of information provided by DNS. When it was first designed, DNS did not include any security features. DNSSEC is used to add security features to DNS.
HansITAcademy 
You must be logged in to post a comment.