Domain Name System
How DNS resolution works, from local caches through root and authoritative servers, with essential record types and query behavior.
DNS is used to translate human-readable names (like xyz.com) into computer-readable IP addresses (like 1.2.3.4).
When we browse the internet, we search using names such as Amazon, Google, or Cloudflare. These names are resolved into IP addresses using the DNS server provided by your ISP, typically your home router or modem.
The request is processed something like this.
-
When a PC needs to resolve a domain name, the local DNS resolver checks its cache. If it doesn’t have the answer, it forwards the request to a public DNS server like 1.1.1.1, 8.8.8.8, or whatever DNS your ISP provides.
-
The public DNS server checks its own cache. If the answer is not found, it forwards the query to a root DNS server.
-
The root server doesn’t store actual domain records but knows who does. For a request like
cybersaif.ca, the root server responds with the IP address of the Top-Level Domain (TLD) server for .ca.
-
The public DNS server then queries the .ca TLD server. This TLD server holds information about the registrar for
cybersaif.ca.The registrar is the organization (like Google Domains or AWS Route 53) where your domain is registered. They hold the records that map your domain name to your website’s IP address.
-
The DNS server then queries the authoritative DNS server, and receives the final IP address for
cybersaif.ca.
Types of DNS servers
- There are several types of DNS servers that are used worldwide:
- DNS root server
- Authoritative name server
- Non-authoritative name server
- Caching server
- Forwarding server
- Resolver
| Server Type | Description |
|---|---|
| DNS Root Server | The root servers of the DNS are responsible for the top-level domains (TLDs). As the last instance, they are only requested if the name server does not respond. Thus, a root server is a central interface between users and content on the Internet, as it links domain names and IP addresses. The Internet Corporation for Assigned Names and Numbers (ICANN) coordinates the work of the root name servers. There are 13 such root server clusters around the globe. |
| Authoritative Nameserver | Authoritative name servers hold authority for a particular DNS zone. They only answer queries for their area of responsibility, and their information is considered authoritative. If an authoritative name server cannot answer a client’s query, the root name server helps direct the resolution process. Based on the country, company, or organization, authoritative name servers provide answers to recursive DNS servers, assisting in locating the specific web server(s). |
| Non-authoritative Nameserver | Non-authoritative name servers are not responsible for a particular DNS zone. Instead, they obtain and store DNS information from other name servers through recursive or iterative DNS queries and respond using cached data. |
| Caching DNS Server | Caching DNS servers temporarily store information obtained from other name servers for a specified period. The authoritative name server determines the duration of this storage through the DNS Time to Live (TTL) value. |
| Forwarding Server | Forwarding servers perform a single function: they forward DNS queries to another DNS server instead of resolving them directly. |
| Resolver | Resolvers are not authoritative DNS servers. Instead, they perform DNS name resolution locally on a computer or router by querying other DNS servers as needed. |
DNS Records
Different DNS records are used for the DNS queries, which all have various tasks
| DNS Record | Description |
|---|---|
| A | Returns the IPv4 address associated with the requested domain name. |
| AAAA | Returns the IPv6 address associated with the requested domain name. |
| MX | Returns the mail servers responsible for receiving email for the domain. |
| NS | Returns the authoritative DNS servers (nameservers) for the domain. |
| TXT | Stores arbitrary text-based information. Common uses include verifying ownership for services such as Google Search Console, validating SSL certificates, and publishing SPF, DKIM, and DMARC records to authenticate email and protect against spam and spoofing. |
| CNAME | Creates an alias for another domain name. For example, if www.google.eu should resolve to the same IP address as google.eu, you would create an A record for google.eu and a CNAME record for www.google.eu pointing to it. |
| PTR | Used for reverse DNS lookups, mapping an IP address back to its corresponding domain name. |
| SOA | The Start of Authority (SOA) record provides administrative information about a DNS zone, including the primary authoritative nameserver, the administrator’s email address, the zone’s serial number, and timing parameters used for zone transfers and caching. |
Iterative DNS Query vs. Recursive DNS Query
Let’s say a user wants to visit cybersaif.ca:
-
Iterative Query In an iterative DNS query, the user sends a request to their local DNS resolver for the IP address of
cybersaif.ca. If the resolver does not have the IP address, it will return the address of another DNS server instead. The user’s client will then query this new DNS server, and this process will continue until it receives the correct IP address forcybersaif.ca, rather than another DNS server’s address. -
Recursive Query In a recursive DNS query, when the user requests
cybersaif.ca, and the local DNS resolver does not have the answer, it automatically queries another DNS server. If that server does not have the information, it will query yet another server. This process goes on until the correct IP address ofcybersaif.caidentified.
Authoritative vs. Non-authoritative Responses
An authoritative response occurs when a reply to a query comes from an authorized DNS server. For example, if I purchase a domain name from Squarespace, Squarespace is an authorized DNS server. If I query name.com and receive a response from Squarespace, that response is considered authoritative. However, if the response to my query for name.com comes from my local DNS resolver or my ISP’s DNS resolver, one that has cached the information, then that response is considered non-authoritative.
Glue Record
Glue records are special DNS records used for authoritative nameservers. For example, when querying squarespace.com, your request first goes to the root servers and then to the top-level domain (TLD) server. Ultimately, it reaches the authoritative nameserver, which for Squarespace could be ns0.squarespace.com.
When I try to visit Squarespace, my request goes to this nameserver, ns0. However, to resolve ns0, the parent domain first needs to be resolved, which is again squarespace.com. This creates a potential loop because the system needs to know the IP address of ns0.squarespace.com to resolve it. To prevent this loop, glue records are provided to TLDs, which include the IP addresses of nameservers like ns0.squarespace.com.
Primary Zone vs Secondary Zone vs Stub Zone
In a Primary Zone, DNS records are stored with read/write permissions, allowing for the creation and modification of records directly on the primary DNS server.
A Secondary Zone holds a read-only copy of the DNS records that are transferred from the Primary Zone. It cannot be modified directly; any updates must come from the primary server.
Stub Zone: It holds a limited set of DNS records, also with read-only permissions. It typically includes records like the SOA (Start of Authority) and NS (Name Server) records to identify the authoritative servers for the zone.
Split DNS
Split DNS configuration involves setting up a DNS server that contains DNS records for internal services, these records are not available to the public.
To resolve queries for internal resources, like wk1.hr.int.adatum.com, you must configure your computer with an internal DNS server’s address.
This setup helps protect sensitive internal resources by preventing public access to those domain names.
Windows Internet Name Service (WINS)
It is a legacy feature used to resolve the NetBIOS names into IP addresses. NetBIOS is another Microsoft protocol that allows the discovery and communication of devices on the same network. So, I believe WINS was also used within a LAN.