DNS Explained
Posted on April 15, 2023 by Caleb ‐ 4 min read
Domain Name System (DNS) is an important protocol to the Internet. DNS allows human-readable names like www.example.com to be translated into IP addresses that computers can use to communicate.
How DNS Works
The mapping of domain names to IP addresses is not controlled by a single entity. Instead, DNS relies on a distributed database using many servers worldwide.
When a client such as a device or web browser needs the IP address associated with a domain, it sends a DNS query, also known as a DNS request. Handling a DNS request can involve multiple servers. Here is a high level overview of how this process works:
Recursive resolver - The client’s DNS request is usually sent to a DNS resolver, or recursive resolver. As we will see, to get a final answer to the original DNS request will often require multiple other DNS requests. The recursive resolver performs these extra requests on behalf of the client until it receives a final answer that it can send to the client.
Depending on the domain the client is requesting, the resolver may have a response cached from a previous request that it can immediately send to the client. If the resolver does not have a response cached, it sends a DNS request to a root nameserver.
Root nameserver - Root nameservers do not store information about specific domain names, but contain records for top-level domains (TLDs) like .org, .com, or .ca. If the client is requesting the IP address for www.example.com, a root nameserver will have a record of which servers are responsible for the .com extension.
The root nameserver will send a response to the recursive resolver with addresses for the .com TLD nameservers. The resolver will then send a DNS request to one of these TLD nameservers.
TLD nameserver - TLD nameservers store information about the second level domains beneath them. Like the root nameserver, the TLD nameserver does not have the IP address for www.example.com, but it does have a record for which servers are responsible for www.example.com.
The servers that contain the IP addresses and records for sites like www.example.com are called authoritative nameservers. The TLD nameserver will send a response to the recursive resolver with addresses to the authoritative nameservers for example.com. The resolver will then send a DNS request to one of these authoritative nameservers.
Authoritative nameserver - Authoritative nameservers contain the actual DNS records associated with domain names like example.com. After receiving a DNS request from the recursive resolver for www.example.com, the authoritative nameserver will respond with the associated IP address. The recursive resolver will then send this IP address to the client.
DNS Records
In the section above we looked at how DNS is used when a client needs the IP address associated with a website like www.example.com. In reality, an authoritative nameserver can contain many records associated with a domain. Below are a few examples of DNS record types that may be returned to a client depending on the DNS request that was sent.
- A - An Address record maps a domain name to an IPv4 address. This record points a domain to a specific address where a resource like a website can be reached.
- AAAA - Similar to an A record, a Quad-A record maps a domain name to an IPv6 record.
- CNAME - A Canonincal Name record provides an alias for mapping one domain name to another. This mapping allows a resource to be reached through more than one domain name.
- TXT - A Text record can contain various text information. TXT records are often used to contain configuration or validation settings (e.g. SPF, DKIM, DMARC)
- MX - A Mail Exchange record provides the server that receives email for the domain.
TL;DR (Summary)
DNS is used to resolve names like www.example.com to IP addresses that computers communicate with. A DNS query is first sent from a client to a recursive resolver. The recursive resolver sends queries to nameservers at different levels until it reaches a nameserver that is authoritative for the target domain. The final record is then returned to the original client. A client can request various record types related to the domain they are looking for.