Domain Name System
Humans are forgetful, and we can’t remember arbitrary numbers easily, let alone IP addresses.
The DNS allows us to type in
facebook.com, and automagically connect to the servers which are hosting Facebook, without needing to know the IP address!
There are many name servers in the world, and they work together (as a sort of hierarchy) to resolve hostnames into IP addresses.
In fact your computer has its own “server”, a local resolver which your computer first contacts before reaching other DNS servers.
The DNS system is decentralised, as it will not scale well if every single device in the world were to contact the same machine.
DNS servers are not only used to translate hostnames into IP addresses, they can also be used to point to machines with dynamic IP addresses (ie they keep changing). Furthermore, they can be used as load balancers - to direct users to different redundant servers, or perhaps closer servers.
DNS is part of the Application Layer protocol, and uses the UDP protocol. (Though there are developments with DoH - DNS over HTTPS)
Root Servers -> TLDs -> Authoritative Servers
There are 13 root servers throughout the world, that are responsible for pointing to the TLDs
Top-Level Domains (TLD)
These servers are responsible for
.edu, etc domains, as well as country domains
The rest of the servers fall into this category (ie for companies, schools)
Iterative vs Recursive Queries
For iterative queries, servers will tell the client the next server to contact to try to resolve the hostname.
For recursive queries, the servers themselves will try to resolve the hostname to IP addresses (by performing their own queries).
The client will then only need to contact this one server. A possible drawback, is that the client will not have any feedback from the server until it has replied.
To prevent the request for the same host name requiring the DNS server to contact other DNS servers every time; DNS servers cache their results - for a period of time given by a record’s TTL (Time To Live) value (in seconds).
If a domain record changes before the TTL expires, your computer/local dns server may not reflect those changes (Without forcing a flush)
DNS Replies - Authoritative Replies
Sometimes a DNS reply may return DNS records that belong to other DNS servers. When using
dig, you should have a look to see if the
aa (authoritative) flag is set.
DNS records are known as Resource Records.
- DNS Query and Reply messages share the same message format.
- The identification segment is a 16-bit number
- The reply to a query uses the same number
- Flags are used to mark the type and content of the query/reply
- Maps an IP to a hostname
These records are stored to assist troubleshooting tools (traceroute, ping), to validate SMTP servers, load balancing, and for many other purposes.