Lakshyajeet.

Web Internals: DNS

lakshyajeet

In this day and age, when we browse the web it’s easy to forget the complex systems that work behind the scenes to make internet accessible. One such crucial component of the web is DNS or the Domain Name System.

This post will dive into the internals of how a DNS works.

Introduction to DNS

The Domain Name System (DNS) is to put simply—internet’s phonebook. It makes it easier remember a website’s address, for humans it is easier to remember names like example.com instead of IP addresses like 96.7.128.175, but for computers it’s quite the opposite.

So, DNS is the system by which this translation of domain name to IP address and vice versa is made possible.

DNS Lookup

When a user types a name of a website into the address bar of a browser, the browser needs to resolve this address to an IP address to find the appropriate server to communicate with.

1. User makes a request

When a user types a website address in the URL bar the browser needs to translate this address to and IP address.

Before reaching out to the network for this address the browser first checks if the address is in its local cache saved from a previous visit. It the address is not found it moves to the next step.

2. Operation System

If the browser does not have the address the next place checked is the Operating Systems cache.

The OS resolver stores a list of addresses and their IPs in a cache. If the address is still not found it sends the request to the next step

3. DNS Resolver (Recursion Begins)

The DNS Resolver is provided usually by the Internet Service Provider(ISP).

It is the job of this server to fetch and lookup for a domain on behalf of the user.

The Resolver first checks its own cache, it the address is not found it moves to the next step.

4. DNS Root Servers

When a resolver could not resolve and IP it contacts a root server.
Root servers are at the top of DNS server hierarchy.

It is their job to know about which servers hold authoritative records for top level domains (TLD) like .com, .org, .net, etc.

The root server does not itself know the domain’s IP but provides a referral to an appropriate TLD server based on the domain.

5. TLD (Top-Level Domain) Servers

The resolver now queries the TLD server, for example for example.com the .com TLD server will be queried.

The TLD server responds with the authoritative DNS servers for the domain.

6. Authoritative Name Servers

The resolver now queries the Authoritative Name Server for the domain. This authoritative server holds the address to the query domain.

This address is returned back to the resolver and gets added to their cache for further requests.

7. DNS Resolver Responds to the Client

This address is returned back to the user by the resolver. The user’s OS adds this into its cache.

The OS returns this address to the browser, which also stores this into its own cache and connects to the server.

Caching Mechanism

Caching is crucial to make DNS lookup practical, fast and efficient. DNS data is stored at several points during the resolution process including the browser, the operating system, the DNS resolver, and even the authoritative DNS server.

Each DNS record comes with a Time-to-Live (TTL) value, which indicates how long the record can be cached before a new query must be made to refresh it.

Smaller TTL values lead to more frequent queries, while long TTLs reduce the number of requests but might cause delays in reflecting updates.

DNS Records

There are several types of DNS records each with their own function:

  • A Record: Points a domain to an IPv4 address.
  • AAAA Record: Points a domain to an IPv6 address.
  • MX Record: Mail Exchange record, directs email traffic to the correct mail server.
  • CNAME Record: Alias for another domain name typically a subdomain (eg- www could be a subdomain for example.com).
  • NS Record: Specifies the authoritative name servers for the domain.
  • TXT Record: Stores text information, such as domain ownership or security info.

DNS Security (DNSSEC)

While DNS is essential it is also vulnerable to attacks particularly spoofing and poisoning.

DNSSEC (Domain Name System Security Extensions) adds a layer of security by ensuring that DNS responses are authentic and have not been tampered with. It uses cryptographic signatures to protect the integrity of DNS lookups.

Conclusion

DNS is an important part of the internet, it ensures human readable domain names are easily translated into IP addresses. This system is decentralized and highly efficient as it involves caching and has a hierarchical design which reduces time and load on DNS servers.

Leave a Reply

Your email address will not be published. Required fields are marked *