What is DNS ?
Domain Name System (DNS) serves as the internet’s directory system. It functions akin to an address translator, converting easily recognizable domain names (such as google.com) into numeric IP addresses, facilitating seamless communication between computers across the network. This system enables users to input a website’s name and promptly connects them to the precise server responsible for hosting that particular site.
Imagine you want to visit a website, let’s say “example.com”. When you type this domain name into your browser, the DNS works behind the scenes by translating “example.com” into the corresponding IP address (like 192.0.2.1), guiding your request to the correct server that hosts the “example.com” website. This process allows you to access the desired website seamlessly.
Structure of DNS
Root Level: at the top is the root DNS server, managing the internet’s main directory.
Top-Level Domains (TLDs): positioned directly below the root, are served by TLD servers (e.g., .com, .org, .net). These encompass various TLD types, such as generic TLDs (gTLDs) like .com and .org.
Domain: a domain refers to a general term describing an area or space within the internet that can include a single website, a group of related websites, or a network of computers under a common administration or purpose.
Subdomain: a subdomain is a segment of a larger domain, allowing for further categorization or organization of websites or resources. It precedes the primary domain name in a URL and is separated by a dot. For instance, in “blog.example.com,” “blog” is the subdomain of “example.com.”
Your inquiry moves through this hierarchy until it locates the IP address linked to the desired domain name. This structure is known as the Fully Qualified Domain Name (FQDN), representing a full and complete domain name.
Fully Qualified Domain Name (FQDN) is a specific type of domain name that provides the complete and precise address of a specific location or resource on the internet. It includes the host or computer name, the domain name, and the top-level domain (TLD). For example, “www.example.com” is an FQDN where “www” is the host name, “example” is the domain name, and “.com” is the TLD.
Types of DNS queries
There are primarily two types of DNS queries:
Recursive Query: DNS resolver seeking assistance from another server (like your ISP’s DNS server) tto locate the IP address for a domain name. This server thoroughly resolves the query by engaging with other DNS servers if necessary, and subsequently furnishes the comprehensive answer back to your resolver.
For example, when you type “www.example.com” in your browser, your device’s DNS resolver (like your ISP’s DNS server) sends a recursive query to find the IP address for “www.example.com.” The DNS resolver will contact other DNS servers as needed (root, TLD, authoritative servers) to obtain the complete IP address and return it to your device, allowing you to access the website.
Iterative Query: DNS resolver queries another DNS server (like the root or authoritative server) for the IP address of a domain name. Instead of providing the complete answer, the queried server gives the best information it has or refers the resolver to another server higher up in the hierarchy. The resolver continues the process until it gets a complete answer or reaches the authoritative server responsible for the domain.
For example, let’s say your DNS resolver wants to find the IP address for “www.example.com,” and it queries a root DNS server. The root server doesn’t have the exact IP address but refers the resolver to a TLD server responsible for “.com” domains. The resolver then queries the TLD server, which points it to the authoritative DNS server for “example.com.” Finally, the resolver queries the authoritative server, which provides the IP address for “www.example.com.” Each step along the way involves iterative queries where the queried server directs the resolver to another server closer to the needed information.
Some key terminologies related to DNS
Authoritative DNS Server: A specialized server responsible for storing and providing the official DNS records for a specific domain. It holds the definitive information about a domain name, including the IP addresses associated with it. When a DNS resolver needs to find information about a domain, it queries the Authoritative DNS server for that domain. These servers are designated as the final source for providing DNS information about a particular domain. For example, if someone queries the DNS server for the domain “example.com”, the Authoritative DNS server for “example.com” will provide the answer. This DNS server will have the most up-to-date information about the domain’s DNS records, such as its IP address, mail server information, and other DNS records. The term “Authoritative DNS Server” and “Authoritative Name Server” are used interchangeably.
Examples of Authoritative DNS Servers:
- Google Public DNS: This is a widely used public DNS service that can act as an authoritative server for certain domains.
- Corporate DNS Servers: Many large corporations operate their own authoritative DNS servers to manage their internal and external domains.
- Internet Service Provider (ISP) DNS Servers: ISPs often run authoritative DNS servers for domains they host or manage.
Local DNS Server: our ISPs and organizations operate personalized servers that store DNS records to expedite access by caching the information.
Forwarder: a configuration within the DNS server that enables it to redirect DNS queries it can’t solve internally to another DNS server. This function proves beneficial when the local DNS server lacks the requested details in its cache or zone files and must seek answers from other DNS servers.
For instance, if a DNS server is unable to resolve a query for a domain that is not in its zone file or cache, it can be configured to forward the request to another DNS server, such as a root DNS server or an ISP DNS server.
Forward Lookup Zone: a DNS zone housing details about associations between domain names and IP addresses. It serves the purpose of resolving DNS queries where the client seeks the IP address linked to a particular domain name.
For example, if a client requests the IP address of the domain “example.com”, the DNS server will look up the information in its Forward Lookup Zone for the “example.com” domain. If the information is not found, the DNS server can be configured to use a forwarder to resolve the query.
Conditional Forwarder: Allows a DNS server to forward queries for a specific domain to a different DNS server based on certain conditions. Conditional forwarder forwards queries only for a specified domain name or domain names. This is useful in scenarios where a particular DNS domain or a group of domains is hosted on a different DNS server, and queries for those domains need to be forwarded to that specific DNS server.
For example, suppose an organization has two separate Active Directory domains, each with its own DNS infrastructure. If one of the domains needs to resolve queries for resources in the other domain, a conditional forwarder can be set up to forward queries for that domain to the appropriate DNS server.
Reverse Lookup Zone: functions by associating IP addresses with domain names through PTR records (Pointer Records). When a client sends a request to resolve an IP address to a domain name, the DNS server will look up the IP address in the reverse lookup zone to find the corresponding domain name.
DNS Zone: A DNS zone refers to a segment of the DNS namespace controlled either by an individual entity or a designated DNS server. It contains the DNS records for a particular part of the domain hierarchy. Zones are used to efficiently manage and organize DNS information for domains or subdomains.
For example, “example.com” can be a DNS zone, containing all the DNS records (like A, CNAME, MX records) for that domain. If “sub.example.com” exists, it might be managed as a separate DNS zone within the larger “example.com” zone.
Primary Zone: Refers to a zone that’s directly editable and maintainable by a particular DNS server. It’s the original and definitive source for the DNS records of a domain or a subdomain. The primary zone can be modified and updated directly on the server where it’s hosted.
An authoritative DNS server can host multiple zones, and among these zones, it can have primary zones. Essentially, an authoritative DNS server hosts the authoritative information for various domains or zones, and within its configuration, it may have primary zones that it manages and updates directly. These primary zones contain the authoritative DNS records for those specific domains and are considered the main source for that DNS data.
After the DNS records in the primary zone have been updated, the changes are propagated to other DNS servers that have a copy of the zone. This process is called zone transfer, and it ensures that all DNS servers have an up-to-date copy of the primary zone.
Secondary Zone: A read-only copy of a primary zone’s DNS records hosted on a different DNS server. This secondary server regularly synchronizes its data with the primary server, ensuring it has up-to-date information. Secondary zones provide fault tolerance and load balancing by allowing multiple servers to respond to DNS queries for the same domain. If the primary server is unavailable, the secondary server can still respond to DNS queries using the synchronized data it holds.
For example, suppose an organization has a primary DNS server that hosts a primary zone for the domain “example.com”. A secondary DNS server can be configured to host a secondary zone for the same domain. The secondary DNS server periodically requests a copy of the DNS resource records from the primary DNS server through zone transfer. If the primary DNS server becomes unavailable, the secondary DNS server can still respond to DNS queries for the domain using the DNS resource records it obtained through zone transfer. However, if the organization has a limited budget or resources, it may not be feasible to maintain two physical servers for DNS. In this case, the organization may consider setting up the secondary zone on a virtual machine (VM) running on the same physical server as the primary zone. This configuration can provide some level of redundancy and fault tolerance, as long as the VM is running on a separate hardware partition or is hosted on a different physical storage device. Alternatively, the organization may consider outsourcing its secondary DNS service to a third-party provider or using a cloud-based DNS service.
Note that modifications cannot be directly applied to a secondary DNS server. Upon creating a secondary zone, its name must match that of an established primary zone. Also, only one server can host a primary zone but multiple servers can host secondary zones.
Stub Zone: A stub zone in DNS contains only essential information about a domain, primarily the name server records for that zone. It’s like a trimmed-down version of a zone and typically includes NS (name server) and SOA (start of authority) records. Stub zones are used to forward DNS queries to authoritative name servers for specific domains, enabling efficient resolution of names within those zones without storing the entire set of DNS records locally.
Let’s say you have a company with two offices in different locations, each with its own DNS servers. The headquarters’ DNS server hosts the primary zone for “company.com” with all the detailed DNS records (A, CNAME, MX records). Now, the secondary DNS server in the branch office might host a secondary zone for “company.com.” This secondary zone contains a replicated copy of the primary zone’s data, ensuring that if the headquarters’ DNS server goes down, the branch office can still resolve names within “company.com” using its synchronized data.
On the other hand, if you implement a stub zone for a specific domain like “partners.company.com,” it might contain just the essential NS and SOA records pointing to the authoritative DNS servers responsible for “partners.company.com.” This allows your DNS server to efficiently forward queries for that specific zone to the authoritative servers without storing all the records for “partners.company.com” locally.
DNS Resource Records
DNS Resource Records are the building blocks of the Domain Name System (DNS). They contain specific information within a DNS database, associating different types of data with domain names. Each record type serves a distinct purpose in mapping domain names to corresponding data, facilitating the translation of human-readable domain names to machine-readable IP addresses and other crucial information used for internet communication.
There are two methods to add resource record into a zone:
Static: static method involves a manual entry of DNS recored details by an administrators, static DNS record do not expire until we remove them. Static records have no time stamp by default.
Dynamic: dynamic method permit computers within the domain to self-register or update their DNS records. Alternatively, DHCP can manage DNS updates on behalf of the client when a computer acquires a new IP address through a lease. Configuration of both client computers and DHCP servers is necessary to enable this functionality.
Some popular DNS Resource Records
Host A (ipv4 )
A type of resource record used to map a hostname (such as www.example.com) to an IP address. (To be continue)
If you are using Windows Server, when setting up an A record within a forward lookup zone, you’re defining the link between a hostname (e.g., “www”) and its respective IPv4 address (e.g., “192.168.1.1”). This record facilitates DNS resolution by ensuring that queries for that specific hostname receive the designated IP address as the response. For example, if you create an A record for “www” in the “example.com” forward lookup zone with the IP address “192.168.1.1,” it means that whenever someone requests the IP address of “www.example.com,” the DNS server will respond with “192.168.1.1.”
Host AAAA (ipv6)
The AAAA record, also known as the IPv6 address record, is a type of DNS record used to map a domain name to an IPv6 address. It functions similarly to the A record used for IPv4 addresses.
Canonical Name (CNAME)
Canonical Name (CNAME) is a record that holds an alternative name (alias) for another record, allowing you to access the same resource using a different name while preserving a single host record. This record is useful if the host is accessible from the public network and you would like to hide the true host name of a particular device. Note that CNAME record must indicate a different domain name; it cannot direct to an IP address.
Imaging you have a server with the hostname “server.example.com” hosting both a website (“example.com”) and an FTP service (“ftp.example.com”). Instead of creating separate A records for both, you can set up a CNAME record where “ftp.example.com” is a canonical name for “server.example.com”. This way, both the website and FTP service can be accessed using different names but point to the same server, simplifying management by maintaining a single host record.
Pointer (PTR)
Pointer (PTR) record is a type of DNS record used to map an IP address to a domain name. It’s the opposite of a typical DNS lookup, associating an IP address with a corresponding domain name, primarily used in reverse DNS lookups to verify the validity of an IP address by checking its associated domain name.
PTR record is useful for specific scenarios where you only know the IP address and wish to determine the hostname associated with it.
Mail Exchanger (MX)
Mail Exchanger (MX) record is a type of DNS record that specifies the mail server responsible for receiving and handling email messages on behalf of a domain. It points to the server designated to process incoming emails for a particular domain, ensuring proper email delivery by directing messages to the correct mail server.
Every MX record includes a preference value that signifies its priority level. This feature enables the distribution of email traffic across various mail servers when multiple MX records exist. When an individual sends an email to an address within a domain, their email server checks the DNS for MX records and delivers the message to the mail server possessing the highest priority.
Let’s say you have a domain “example.com” and you want to set up mail services for it.
MX Record 1:
_Domain: example.com
_Points to: mailserver1.example.com
_Priority: 10
MX Record 2:
_Domain: example.com
_Points to: mailserver2.example.com
_Priority: 20
These MX records indicate that incoming emails for “example.com” should be directed to “mailserver1.example.com” first (since it has a lower priority of 10) and if that server is unavailable, the emails should be sent to “mailserver2.example.com” (with a priority of 20).
When someone sends an email to an address ending in “@example.com,” their email server checks the MX records of “example.com” to determine where to deliver the message based on the priority specified in the MX records.
Service Location (SRV)
Service Location (SRV) records are DNS records used to specify information about services available on a network. They provide details such as the service’s protocol, domain name, port number, and priority, enabling devices to locate and connect to specific services, like instant messaging, voice over IP (VoIP), or other network services.
Name Server (NS)
Name Server (NS) records are DNS records that designate the authoritative name servers for a specific domain. They indicate which DNS servers are responsible for storing and providing information about that domain, directing DNS queries to the appropriate servers for resolution.
Let’s say you have a domain “example.com,” and you want to use specific DNS servers to manage its DNS records. You’d create NS records like this:
NS Record 1:
Domain: example.com. Points to: ns1.exampledns.com
NS Record 2:
Domain: example.com. Points to: ns2.exampledns.com
These NS records indicate that the authoritative DNS servers for “example.com” are “ns1.exampledns.com” and “ns2.exampledns.com”. When someone queries DNS information for “example.com,” they are directed to these specified name servers to obtain the required information about that domain.
Start of Authority (SOA)
The Start of Authority (SOA) record is a crucial DNS entry that holds vital details about a DNS zone. It includes information about the main name server for the zone, the email contact of the responsible individual, and different timing settings essential for managing the zone.
TXT Record
TXT Record is a DNS entry utilized to store miscellaneous text information within a DNS zone. It’s frequently employed to offer details about a domain, validate domains for services such as email or web services, or retain other explanatory text data. TXT records are incredibly versatile and have multiple uses: authentication, verification, information storage, and service discovery within the Domain Name System
Email Authentication: TXT records are often used for SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting, and Conformance) records. These records help prevent email spoofing and authenticate email sources.
Verification and Ownership: TXT records are used to verify domain ownership for services like Google Workspace, Microsoft 365, or other domain management platforms. They might ask you to add a specific TXT record to your domain’s DNS to prove ownership.
Informational Purposes: They can contain any arbitrary text information relevant to a domain. For instance, they might store details about services, policies, contact information, or any other descriptive data.
Service Discovery: In complex networks or cloud environments, might use TXT records for service discovery and advertising. This helps devices or applications locate specific services on the network.
Conclusion
In a nutshell, the Domain Name System (DNS) is like the internet’s directory, helping your devices find websites by translating human-readable names into computer-friendly codes. This post covered the main components of DNS and aims to equip readers with foundational knowledge. DNS might seem complex, but knowing its basics is like having a map for navigating the online world!