Priya

Learning DNS (Domain Name System) with visual guide

Learning DNS (Domain Name System) with visual guide

Priya Jain's photo
Priya Jain
·

11 min read

Table of contents

Hey Folks 👋🏻,

I'm writing this article to share my learning of the #100DaysOfCode challenge where I’m learning Must known things as a developer. This article is all about my Week 2 (Day 08- Day 14) learning where I am exploring a topic that is directly or indirectly consulted by nearly every application that connects to the Internet.

If you also want to learn the most common things which every developer knows you can check out my Week 1 article about Regular expressions.

Introduction

Our voice enables us to communicate verbally with others, but this isn’t enough to communicate. Two people need to understand the common language. Likewise, transport protocol enables data to flow between applications. But it’s not enough application to work together. Some communication rules are required.

Each independent set of communication rules forms a protocol, and the collection of all such protocols constitutes the application layer.

Today will learn about Domain Name System (DNS) protocol which is used to convert a domain name into an IP address. You’ll learn:

  • Why there is a need to assign names to online addresses.

  • How domains are universally understood.

    And many more ...

What is DNS ?

Suppose you want to call your friend. Each time you want to call your friend you have to remember his phone number before calling. How hard it would be 😞. Now think of the phonebook (or contacts app). In your contacts application once you store the phone number of any friend. You don’t need to remember your friend's phone number anymore.

Likewise, if you have a to remember IP address of all webpage how impractical it would be to refer to hosts using big numbers ☹️. In the early days of the Internet, Engineers realized it and create a Domain name system (DNS) that gives the IP address of any domain name. "example.com", is something that's easy for us to remember and type in.

IP addresses are how computers identify other computers on the Internet. IP addresses aren't particularly human-friendly, though. Who wants to memorize an address like 74.125.20.113.

dns-query.png

Why do we need DNS?

All information on the internet is sent using packets. Every network as a source and destination IP address. And here is the twist, Network packets *aren’t sent using domain names.

To connect to a server you need to find its IP. In 1983, DNS was built to make it easier to lookup IP addresses. Since then basics of DNS works haven’t changed.

4 Types of DNS servers

All DNS servers fall into one of four categories: Recursive resolvers, root nameservers, TLD nameservers, and authoritative nameservers.

  1. DNS recursive resolver

    aka nameserver, DNS server, Recursive resolver, Resolver

    • A recursive resolver (also known as a DNS recursor) is the first stop in a DNS query.
    • After receiving a DNS query from a web client, a recursive resolver will either respond with cached data, or send a request to a root nameserver, followed by another request to a TLD nameserver, and then one last request to an authoritative nameserver.

    • After receiving a response from the authoritative nameserver containing the requested IP address, the recursive resolver then sends a response to the client.

      Recursion is the process a procedure goes through when one of the steps of the procedure involves invoking the procedure itself. A procedure that goes through recursion is said to be 'Recursive'.

  2. Root nameservers

    • In total, there are 13 main DNS root servers, each of which is named with the letters 'A' to 'M'. They all have an IPv4 address and most have an IPv6 address. Managing the root server is ICANN's responsibility.
    • They store the address of the TLD nameservers.

    Most of their IP addresses haven’t changed in 20 years.

    ICANN - The root nameservers are overseen by a nonprofit called the Internet Corporation for Assigned Names and Numbers.

  3. TLD nameservers
    • TLD nameserver contains information for every website that ends in .com .
    • Generic top-level domains : .com, .org, .net, .edu, and .gov
    • Country code top-level domains: .in, .uk, .us, and .jp
    • They store the addresses of authoritative.

  4. Authoritative nameservers

    aka nameserver, DNS server

    This is the only one you can control directly. It’s where you set DNS records for your domain ( A, TXT, MX, etc).

    Suppose your domain has DNS records: DNS query includes:

    name → example.com,

    type of record → A (This is Explained in detail 👇🏼),

    value → 127.66.122.88,

    TTL (time to live) → 300.

    Their record is cached on lots of servers (local browser, ISP cache, TLD servers) but when that cache expires the only source of truth is your authoritative nameserver. Typically the DNS provider or the DNS registrar (like GoDaddy that offers both DNS registration and hosting). And here we can find the DNS record that maps example.com to the IP address 127.66.122.88.

    In short authoritative Nameserver is responsible for providing answers to a recursive Nameserver with the IP Address of the intended destination.

How DNS works ?

The computer can't store a database of more than 300 million domain names locally, so it goes through a multi-step process to find out the IP address.

Step 1: Check the local cache

• When a user enters the domain (website) name and the browser checks its memory to see if the relevant IP address is already stored. The cache stays small because it kicks out domains you haven't visited in a while or domains that send down expiration dates.

🔍 In the Chrome browser, you can clear the database yourself. Just type chrome://net-internals/#dns in the address bar.

step-1.png

If not in the browser cache, then it’s off to the next step.

Step 2: Asking the ISP cache

Every ISP Resolver provides a domain name resolving service and keeps its own cache. Perhaps you haven't visited a particular website, but your neighbor just did, so the ISP can look up the IP from their visit.

If it's not in the ISP's Resolver cache, then it's off to the next step.

step-2.png

Internet service provider - is an organization that provides services for accessing, using, or participating in the Internet.

Step 3: Asking a root name server

Next, the Recursive resolver start. The Resolver starts by asking the root name servers: “What is IP for .com ?”. The root name server responds with the IP address of a TLD name server that tracks ".com" domains.

step-3.png

Step 4: Asking a .com name server

Next, the Resolver asks .com the TLD (top-level domain) name server: “What is IP for example ?”. The TLD name server responds with the IP address of a hostname server that contains the "example" records.

step-4.png

Step 5: Asking a example.com name server

Finally, the Resolver asks the hostname server: "okay, so where's example.com?" The hostname server(Authoritative nameserver) responds with an exact IP address: “It’s 93.184.216.34”.

step-5.png

Step 6: Sending response to request computer

Browser: ”I am waiting it’s been 20ms...”. Then Resolver responded: “I got the IP! it’s 93.184.216.34 ”.

step-6.png

Step 7: Connecting to server

Now our computer can successfully connect with the computer powering that domain.

step-7.png It sounds like a lot of processes. But it’s not done that often. A lot of info is cached along the way.

DNS records

DNS isn’t just for IP addresses. There are about 30 types of DNS records.

Few common record types:

  • A record - The record that holds the IPv4 address of a domain. Whenever you go to a website. Your browser looks up its A or AAAA record. Eg: example.com127.66.122.88
  • AAAA record - The record that holds the IPv6 address of a domain. Eg: https://example.com2606:2800:220:1:248:1893:25c8:1946

  • CNAME record - Maps one domain or subdomain to another domain, doesn’t provide an IP address directly. Example: You have subdomain ftp.example.com, xyz.example.com you want these subdomains to point to your main domain name example. com. Once the client hits that IP address, the webserver will still handle the URL accordingly. A kind of Alias for another domain.

    If a name has a CNAME record, it’s not allowed to have other records. You can say when a DNS request comes it gives priority to CNAME. Specifically, if a name has an NS record, it can’t have a CNAME record. Every root domain name (eg: example.com , google.co.in ) has NS record, so your root domain name can’t have CNAME record.

  • MX record - Directs mail to an email server. Eg: email.example.com .

  • TXT record - you can store any string. Eg: example.com → “I like coding.” TXT records help prevent email spam.
  • NS record - Stores the authoritative nameserver. Eg: a.iana-servers.net
  • CAA record - Store ‘certification authority authorization’ record. Eg: 0 issue “digicert.com”.

DNS query

A DNS query also known as DNS request, are request made to resolve the domain name to the IP address.

  • DNS requests are called “queries”.
  • Queries have 2 fields
    • name (eg. example.com.). All DNS names end with a dot(.).
    • record type (eg. A). A means IPv4 address.
    • time to live TTL (eg. 30)
    • one or more content fields (like 172.217.13.110)
  • DNS responses can contain many records.
  • Query can divide into 3 types
    • Recursive query: the DNS must provide an answer, whether it’s an IP address or error message.
    • Iterative query: the DNS delivers the best answer it can, by performing multiple queries.
    • Non-recursive query: the DNS provides an answer it already knows or guarantees a direct response.

Domain Registration

DNS doesn’t just replace big numbers with names–it gives people the autonomy to reconfigure their networks. Think of a computer hosting a website. If it relocates, it receives a new IP address. The DNS records of the website can be updated to the new address such that visitors of the website won’t notice the change. This requires DNS to be universal.

8 points for picking a domain registrar

  1. Secure login - Two-factor authentication(2F).
  2. Stability - how many years they are in this business.
  3. Customer Service
  4. Free whois privacy
  5. Not too many upsell
  6. Good renewal policy
  7. Simple transfer - to move your domain to a different registrar
  8. Type should let you pick your TLL, set DNS records, and give the option to change nameservers.

Different ways of DNS lookup

Using DNS module in Node.js

The DNS module enables name resolution. For example, use it to look up the IP addresses of hostnames.

Most common methods:

dns.lookup() uses the operating system facilities to perform name resolution. It may not need to perform any network communication. Parameters

  • hostname: The name of the website on the internet, e.g., google.com, example.org, etc.
  • A callback function that contains the following:
    • error: The error that is returned when the hostname is not valid.
    • address: The IP address of the hostname.
    • family: This is the IP version number, which is 4 or 6, i.e., IP version 4 and 6.
const dns = require('dns');

dns.lookup('example.org', (err, address, family) => {
  console.log('address: %j family: IPv%s', address, family);
});
// address: "93.184.216.34" family: IPv4

DNS Lookup direct tool

A simple DNS lookup tool : https://dns-lookup.jvns.ca/#youtube.com|all-the-records

You can actually trace the steps for resolving a DNS address. Here's one tool for it: https://simpledns.plus/lookup-dg

DNS Lookup using Linux terminal

The dig command in Linux is used to gather DNS information. It stands for Domain Information Groper, and it collects data about Domain Name Servers. The dig command is helpful for troubleshooting DNS problems but is also used to display DNS information.

You need to install dig on Linux

dig Syntax

dig [server] [name] [type]

Example: $ dig google.com

dns-dig.png

Most common DNS questions

Question 1. What's the most common thing we use DNS for?

Find the IP address of the domain

Question 2. What command-line tool can you use to make DNS queries?

$ dig google.com will give you the IP address for google.com

Question 3. is it possible to go the opposite direction -- get the hostname for an IP address?

yes! $ dig -x 172.217.13.174 will do a "reverse DNS lookup" for 172.217.13.174

Question 4. Do DNS servers only store IP addresses?

There are many types of DNS records (A, TXT, MX, AAAA...)

Questions 5. Can a hostname have many IP addresses?

yes! there can be many A records for the same name with different IPs.

Questions 6. When you update an A record, will everyone get your new IP right away?

nope! DNS servers all use caching, so it depends when the cache expires.

Question 7. What decides how long a DNS response gets cached for?

TTL (Time to live). every DNS response has a parameter called the "TTL" ("time to live"). If you set a shorter TTL, you can update your DNS records faster!

Question 8. What's 8.8.8.8?

DNS server hosted by Google. anyone can make DNS queries to it.

Test your learning here:

All questions are from :https://questions.wizardzines.com/dns.html

Conclusion

I hope this article helps you understand DNS and your knowledge about it from ZERO to ONE. It takes 20-120 milliseconds to give the IP address back to us.

  • The first check local cache then check resolver cache. Then how resolver use recursion algorithm till it finds IP.
  • Different types of DNS records help to store different info.
  • The only place where you have control - depend on Domain Registration
  • DNS module help to find an IP address and find is it a valid domain. It supports many methods.

Thank-you for reading this article. Do let me know what you learn from this ? And Give me advice what I can improve?

Happy Coding 👩🏼‍💻

dns100DaysOfCodeWomenWhoTechlearninglearn coding