What is DNS and How Does it Work? Part 1

by | Jan 11, 2023 | Web Hosting Tips | 0 comments

DNS 31464 1

DNS (Domain Name System) is a system that most people struggle to understand and leaves them with unanswered questions. We will try to explain everything related to DNS in this blog post, which is divided into two parts, and you will find all you need to know about it. Let’s get started!

Part 1: This section includes:

  • What is DNS?
  • An overview of DNS’s history
  • What is a DNS server?
  • How does DNS work?
  • How can I modify my DNS?
  • What types of files are required for DNS servers?
  • What exactly are DNS record types?
  • What is DNS recursion?
  • What is reverse DNS?
  • What is Open DNS?
  • DNS caching: What is it and where does it take place?
  • What is the difference between authoritative and recursive DNS servers?
  • DNS servers and IP addresses
  • What are the different types of DNS queries
Contents hide
1. What is DNS?
2. An overview of DNS’s history
3. What is a DNS server?
3.1. DNS resolver (Internet Service Provider)
3.2. Root server
3.3. TLD name server (top level domain server)
3.4. Authorized name server
4. How does DNS work?
5. How can I modify my DNS?
6. What types of files are required for DNS servers?
7. What exactly are DNS record types?
8. What is DNS recursion?
9. What is reverse DNS?
10. What is Open DNS?
11. DNS caching: What is it and where does it take place?
12. What is the difference between authoritative and recursive DNS servers?
13. DNS servers and IP addresses
14. What are the different types of DNS queries?
14.1. Recursive query
14.2. Iterative query

What is DNS?

The internet’s phone book is DNS. In other words, we can compare the DNS system to a massive phone book that stores IP addresses and domain names. With the help of this system, we can access websites by typing catchy domain names instead of IP addresses into our browsers to connect. The DNS system helps us avoid memorizing long and complicated strings of numbers that are IP addresses.

An overview of DNS’s history

Even though the Domain Name System “officially” started in 1984 with the publication of RFC 920, the core of the new system was first described in RFC 882 and RFC 883 in 1983. To develop the new naming and addressing scheme in a rapidly expanding operational network environment, the ARPAnet (the forerunner to the modern Internet) served as a testbed of experimentation from 1984 to 1987. As alphabetic names are much simpler to remember than semantically meaningless numeric addresses, their introduction to the ARPANET soon after its founding greatly improved usability. 

Over time, the DNS has undergone several improvements. The NOTIFY mechanisms and Incremental Zone Transfer IXFR were the first two significant ones. Another noteworthy update was DNSSEC, which added a layer of security. It is an addition to the DNS’s security features that safeguard users from DNS attacks. So, that was the DNS history in a nutshell. A more than 30-year-old technology that we cannot live without. It will continue to improve and provide us with an excellent Internet experience.

What is a DNS server?

The DNS server is placed between people and computers to facilitate communication. DNS servers automatically translate website names entered into the browser address bar into these numbers so that the servers can load the appropriate web pages. It saves us from memorizing long IP addresses (and even more complex alphanumeric ones in the IPV6 system).

A DNS server is a computer server that keeps a database of hostnames and public IP addresses that it uses to resolve or translate hostnames to IP addresses when necessary. DNS servers use unique protocols to communicate with one another while running specialized software. The DNS server starts searching for the website address you want to visit when you type it into your browser. By distributing a DNS query to numerous servers, each of which translates a different portion of the domain name you entered and there are four types of DNS servers in the web page loading process.

  • DNS resolver (Internet Service Provider)

The first component to request the IP address of a domain name that we enter in the browser is the DNS Resolver. Unless you set up a different configuration, the DNS Resolver will be your Internet Service Provider (Vodafone, Plusnet etc.). Consequently, you can consider the DNS resolver to be your Internet gateway.

  • Root server

Only 13 Root Name servers are available globally. They divide the world into zones and control each of them. All other DNS servers send data to the Root DNS server, indicating which domain name is on which server and which IP address. Furthermore, a large number of Mirror DNS Servers, also known as Root DNS servers, are distributed across various regions and rely on this system to function.

  • TLD name server (top level domain server)

TLDs (Top-Level Domains) are the extensions at the end of domain names. All domain names are classified according to their extension, such as “. COM,” “. NET,” and so on. The use of extensions such as “.org” is the first step in determining which organization is associated with a domain name. Every TLD has its name servers, which can be used to look up domain names associated with that TLD. TLDs enable website visitors to quickly identify the type of website they are visiting, making it easier to find the information they seek.

  • Authorized name server

An authorized name server is a server that is listed in the domain name system (DNS) records for a domain as an authoritative source for information about that domain. When a client computer looks up a domain name, it first contacts one of the root name servers to find the authoritative name servers for that domain. The root name server responds with the IP addresses of the authorized name servers for the domain, and the client computer then contacts one of those name servers to get information about the domain. Here are some examples of authorized name servers:

  • ns1.example.com
  • ns2.example.com
  • ns3.example.com
  • ns4.example.com

How does DNS work?

DNS is a way to match up human-readable website names with the numerical addresses that computers use to communicate.

Here’s how it works:

  1. When you type a domain name into your web browser, your computer sends a request to a DNS server to resolve the domain name to an IP address.
  2. The DNS server looks up the IP address for the domain name and sends it back to your computer.
  3. The website displays in your browser after your computer uses the IP address to connect to the web server hosting the domain name.

Without DNS servers, we would have to remember the numerical IP addresses for every website we wanted to visit, which would be both inconvenient and difficult.

How can I modify my DNS?

You must log into your router’s configuration page to change your Domain Name System (DNS) settings. Typically, you can do this by going to your router’s IP address in a web browser and entering the necessary login information. Keep in mind that depending on your router and its firmware, the precise steps to modify your DNS settings may change. If you’re not sure what to do, you might want to refer to your router’s instructions or ask the manufacturer for guidance.

Here we will show you how to change the DNS settings on both Windows and macOS devices:

Modifying the DNS on windows devices:

  • Control Panel > Network and Internet > Network Connections
  • Right-click on the active connection tool for your internet connection.
  • Click Properties.
  • In the drop-down menu, select Internet Protocol Version 4 and click Properties.
  • Enter the DNS server addresses you want to use in the following DNS server addresses section and press the OK button to exit.
  • Restart your computer and complete the process.

Modifying the DNS on a MacOS device:

  • Internet connection settings > Wi-Fi > Network preferences > Options
  • In the bottom right corner, scroll down to Advanced.
  • Click the DNS tab.
  • By pressing the + button in the lower left corner and then the OK button, enter your DNS address.
  • Restart your computer and complete the process.

What types of files are required for DNS servers?

Domain Name System (DNS) servers frequently use a variety of file types, including:

  1. Zone files: These files contain the DNS records for a particular domain. They define the resources available within a domain, such as web servers, mail servers, and name servers.
  2. Configuration files: These files contain the settings and options for the DNS server software. They define how the server should behave and how it should respond to queries.
  3. Hosts files: These files contain a mapping of hostnames to IP addresses. They allow you to bypass the DNS resolution process for a specific domain or hostname.
  4. Cache files: These files contain a record of recently resolved DNS queries. By enabling the DNS server to return the IP address of a domain or hostname from its cache rather than having to make a new query, they can be used to speed up the DNS resolution procedure.
  5. Log files: These files contain a record of DNS queries and responses. They can be used to troubleshoot issues with DNS resolution and monitor the performance of the DNS server.

What exactly are DNS record types?

DNS records are the basic building blocks of the DNS system. They contain instructions on how to configure a specific domain or subdomain. Some common DNS record types include:

  • A (Address) record: It maps a domain name to an IP address.
  • AAAA (Quad A) record: It maps a domain name to an IPv6 address.
  • CNAME (Canonical Name) record: Maps a domain name to another domain name.
  • MX (Mail Exchange) record: It specifies the mail server responsible for a domain.
  • NS (Name Server) record: It delegates a subdomain to a set of name servers.
  • PTR (Pointer) record: Maps an IP address to a domain name (used for reverse DNS lookups).
  • The SOA (Start of Authority) record: It specifies a domain’s primary name server as well as other information about the domain’s namespace.
  • TXT (Text) record: Allows you to associate arbitrary text with a domain or subdomain.

Each DNS record serves a purpose and specific function within the DNS system.

What is DNS recursion?

DNS (Domain Name System) recursion is the process by which a DNS server resolves a DNS query by querying other DNS servers on behalf of the initiating client. A human-friendly domain name (like www.example.com) transforms using this technique into an IP address that computers can use to recognize and communicate with one another.

When a DNS client (such as a web browser) wants to resolve a domain name, it sends a request to its configured DNS server. If the DNS server is unable to resolve the domain name using its cache or local configuration, it will start the recursion process to find the answer.

The DNS server will first determine whether the domain name is a fully-qualified domain name (FQDN) and if not, it will append the suffix of the domain for which it is authoritative and search again.

If the DNS server cannot find the solution in its cache or local configuration, it will forward the request to one of the root name servers. The root name server will reply with the address of a top-level domain (TLD) DNS server (such as .com or .org) that is authoritative for the domain in question. The DNS server will then send a request to the TLD DNS server, which will respond with the address of the next-level DNS server that is authoritative for the domain (such as example.com).

This process will continue until the DNS server reaches the authoritative DNS server for the domain and receives the IP address associated with the domain name in the original query. The DNS server will then store this data and return the IP address to the initial client.

Recursion is crucial because it allows DNS servers to automatically query other servers and resolve domain names without requiring manual configuration of the DNS hierarchy for every domain.

It might be necessary to disable the DNS recursion feature if such a threat exists. Let’s see how this procedure works:

  • You need to enter the DNS manager tool by typing DNS in the search tab of our Windows server.
  • Right-click DNS Server.
  • Properties > Advanced
  • Check the Disable recursion option (which also disables forwarders) and press the OK button.
  • Then right-click DNS Server again.
  • All tasks > Restart 

When the restart procedure is finished, the DNS Recursion feature will be disabled.

What is reverse DNS?

Reverse DNS, also known as “reverse DNS resolution” or “reverse DNS lookup,” is the process of determining the domain name associated with a given IP address. In contrast, “forward” DNS resolution is used to identify the IP address connected to a specific domain name.

Reverse DNS enables network administrators to determine the hostname connected to a specific IP address by mapping an IP address to a domain name. This procedure can help with network troubleshooting, blocking unwanted traffic, and locating the origin of spam or other malicious activity.

To perform a reverse DNS lookup, a client requests a DNS server containing the IP address for which it wants to determine the hostname. The server then looks up the PTR (pointer) record associated with that IP address, which contains the corresponding hostname.

A unique class of DNS zone known as a “reverse zone” is used to implement reverse DNS. A reverse zone is a specific zone in the domain name system that maps IP addresses to domain names. It is responsible for resolving reverse DNS queries. This zone is responsible for associating the IP address with the domain name.

It’s important to note that not all IP addresses have associated reverse DNS entries. Some IP addresses may be assigned to devices that are not connected to the Internet and thus do not require a reverse DNS entry.

What is Open DNS?

OpenDNS is a company that provides free and paid DNS (Domain Name System) services, which converts human-friendly domain names (like www.example.com) into IP addresses that computers can understand (like 192.0.2.1). By using OpenDNS servers to resolve domain names, users can benefit from features such as faster internet speeds, increased security, and the ability to block unwanted websites.

The company’s free DNS service, OpenDNS Home, allows users to change their DNS settings on their home router or computer to point to OpenDNS servers. 

The main benefits of OpenDNS are:

  • faster browsing by caching DNS lookups
  • ability to block an unwanted website ( adult content, phishing, etc.) by their category
  • logging of access to your network

They also have a paid service named OpenDNS Umbrella for Enterprises which offers more control, granularity, and reporting for IT teams to protect the organization.

It is important to note that using OpenDNS or any other third-party DNS service will not encrypt your internet traffic and will not hide your IP address. In order to encrypt your traffic, you should use a VPN (Virtual Private Network) or other similar technologies.

You can use one of the following DNS IP addresses to access Open DNS:

208.67.222.222 (resolver1.opendns.com)

208.67.220.220 (resolver2.opendns.com)

DNS caching: What is it and where does it take place?

DNS caching, also known as DNS caching resolution, is a technique to speed up the process of resolving domain names to IP addresses. It works by temporarily storing, or caching, the DNS query results in a local cache so that if the same query is made again in the future, the cached results can be returned quickly without having to perform a new DNS query over the network. Depending on the implementation, DNS caching can take place in several locations:

  1. On the client side: Many operating systems and web browsers maintain their local DNS caches. For example, when you type a URL into your browser’s address bar, the browser first checks its local DNS cache to see if it already has the IP address for that domain name. If it does, it uses that address to connect to the website; if not, it sends a DNS query over the network to resolve the domain name.
  2. On the server side: Some servers, such as DNS and web servers, keep their local DNS caches. This process can help reduce network and external DNS server load by serving cached queries instead of new queries.
  3. On the network level, some routers and firewalls have their caching mechanism that provides similar functionality to the other two methods.

The time that a DNS record is cached is called “Time to Live (TTL)” and is specified in the record in seconds. It can be set low or high based on preference. DNS caching is a necessary mechanism for improving the performance and scalability of the Internet.

How to Perform an NS Lookup in 3 Easy Steps:

  • Press Windows + R at the same time.
  • In the cmd window that appears, type it in and then click the button. 
  • The command window will appear.
  • Type the phrase into the newly opened window and press Enter.
  • Your DNS IP address and, if applicable, the name of your server will appear.

What is the difference between authoritative and recursive DNS servers?

DNS, or the Domain Name System, is a hierarchical and decentralized naming system for computers, services, and other resources connected to the Internet or a private network. It converts human-friendly domain names, such as www.example.com, into IP addresses that machines can understand and use to communicate with each other.

DNS servers are the systems that host and provide information about the DNS namespace. There are two main types of DNS servers: authoritative and recursive.

An authoritative DNS server is a server that has the original information about a domain and its associated DNS records. Authoritative DNS servers are responsible for maintaining the “zone files” that contain the DNS records for a specific domain, such as the IP address of the domain’s web server, mail server, and so on. When a client queries an authoritative server for a specific record, it returns the answer from the zone file.

A recursive DNS server, on the other hand, is a server that is not authoritative for a specific domain but instead is responsible for resolving queries on behalf of clients. When a client sends a query to a recursive server, the server starts querying the root servers to find which top-level domain (TLD) servers are responsible for the domain in question. Once it finds the TLD servers, it will query them for the authoritative DNS server for the domain. Finally, it will query the authoritative server for the specific DNS record. Once it receives the answer, it will return the answer to the client.

In summary, authoritative DNS servers store the actual records for a domain, while recursive DNS servers receive queries from clients and query authoritative servers to resolve the domain name to an IP address.

DNS servers and IP addresses

In the table below, we present some DNS servers and IP addresses.
Source Primary DNS Secondary DNS
Google 8.8.8.8 8.8.4.4
Quad9 9.9.9.9 149.112.112.112
OpenDNS Home 208.67.222.222 208.67.220.220
Cloudflare 1.1.1.1 1.0.0.1
Clean Browsing 185,228,168.9 185,228,169.9
Alternate DNS 76.76.19.19 76.223.122.150
AdGuard DNS 94.140.14.14 94.140.15.15

What are the different types of DNS queries?

There are two types of DNS queries:

  • Recursive Query
  • Iterative Query

Recursive query

Although we usually resolve DNS using our DNS server, not all registration information is stored on our DNS server. When this happens, we receive unknown records from other DNS servers. In a “recursive query,” one DNS server queries another DNS server.

Iterative query

In “iterative query” the DNS server’s records can resolve the query sent to them. The internet is divided into zones by the DNS system. It means that each zone can manage its own records and, when necessary, exchange information with other zones.

In this article, we have discussed the basics of DNS and how it works, but there is still more to explore. In Part 2, we will continue our discussion on DNS, diving deeper into its inner workings. Click here to move on to Part 2.

Submit a Comment

Your email address will not be published. Required fields are marked *