DNS stands for Domain Name System and it translates and converts human-readable domain names (like websiterating.com) to machine-readable IP addresses (like 126.96.36.199)
What is DNS?
You may have heard of DNS, but do you know what it is? DNS stands for Domain Name System. It is essentially a phonebook that tells you which IP address to contact to find the server hosting the domain name you are looking for.
IP addresses are machine-readable, but they’re not so helpful for humans. That’s why we have domain names. Instead of searching 188.8.131.52, for example, you can search using a domain name, like websiterating.com.
You can store this DNS book on your local ISP's servers, or you can keep it locally on your PC, laptop, tablet, etc. When setting up a new internet connection at home, many people will configure their router so that they use their ISP's DNS mail server by default – this often gets referred to as “automatically using your ISP's DNS.” Let's take a closer look!
How do DNS works?
DNS is the acronym for Domain Name System. The DNS servers are responsible for resolving domain names (website) to IP addresses. There is a file called HOSTS on a computer where it gets what website goes with which IP address; this file is read-only by the user and not by the system.
DNS is a network of distributed databases that contain forward and reverse lookup zones. In DNS, each zone includes a tree of resource records (RR), which gets sequenced according to their ‘weight' and the “time to live” (TTL) values associated with them. When requested, a DNS server provides information about a specific resource by returning a response containing the requested RR.
Types of DNS Service
There are two main types of DNS service:
Recursive DNS Queries come in handy at home. The DNS resolver can configure to send all queries for subdomains or single-level domains to a “trusted” third-party service provider like OpenDNS for resolution instead of trying to resolve the address on its own.
This process is called recursion, and it reduces the number of queries made by a resolver, reducing the load on the DNS servers. Recursive DNS service also includes protection from certain types of attacks, including cache poisoning, where an attacker hijacks your computer by sending it false information about IP addresses, such as those belonging to banks or e-commerce sites like Shopify.
When you visit the site, the computer sends its IP address as usual, but the attacker has its website open instead, making it appear to sign-in on the bogus site.
Recursive DNS is an excellent option for a DNS client with low speeds and unstable connections. The service automatically redirects you to an alternative site when it detects that your ISP's DNS server can't resolve a domain name.
Authoritative DNS servers require manual configuration and provide complete control over all name servers for a domain name. A web hosting provider handles this type of DNS service most of the time, but some companies do manage their DNS.
If you get hosted on a shared server that doesn't have its DNS service, making changes to the authoritative name server can be difficult, if not impossible.
How will DNS Route Traffic To Your Web Application?
Domain Name Servers or DNS is a service that converts human-readable domain names into their corresponding IP addresses. In other words, it's the phonebook of the Internet. For example, Google's public DNS is 184.108.40.206, and if you enter google.com as your address, it'll convert it to an IP address that your browser uses to load Google's homepage.
For example, when you access an online shop like Amazon by typing www.amazon.com into your web browser, DNS will take that address and translate it to the site's actual location on a server somewhere else on the Internet.DNS also helps to use DNS to route traffic to dynamic areas, such as a WordPress site updated by a content management system.
Advantages of DNS
Here are the distinct advantages of DNS:
Implement load balancing
DNS enables you to implement load balancing, where incoming requests spread across multiple servers.
How does it work?
A client request will return an IP address, a frontend server machine configured with load balancing software. The client doesn't know it's talking to a frontend machine, and the users don't see any interruption in service.
DNS can map hostnames to multiple servers for redundancy and high availability.
How does it work?
A client sends a request for the IP address of www.example.com. The DNS server will return several different addresses, each pointing to a different web server. The load balancer will send the request to one of the web servers. If one of the servers fails, then the local DNS server will return another address so that requests are still routed to other web servers within the service group.
DNS can also help for session persistence so that multiple requests from a user always get sent to the same machine in a cluster.
How does it work?
When a user first requests a web page from a cluster, the load balancer maps that user to one of the servers in the collection. All subsequent requests from that user are mapped to the same machine until the session times out or other criteria determine that a different server should be used.
Customized content delivery
DNS can also be used for customized content delivery where geographically dispersed users are routed to their nearest web server.
How does it work?
A client sends a request for the IP address of www.example.com. The DNS server will return a lesson for one or more web servers near that user based on where that user is located or other criteria.
DNS can also be used for backup sites; if one of the servers in a cluster fails, then requests can be routed to a backup location.
How does it work?
A client sends a request for the IP address of www.example.com. The DNS server will return a lesson for one or more web servers near that user based on where that user is located or other criteria. If the leading site is down, the user would be able to get their web pages from one of the backup sites.
DNS can also be used for load distribution within the site.
How does it work?
A client sends a request for the IP address of www.example.com. The DNS server will return an address that is a middleware server on the load balancer. The client doesn't know it's talking to a frontend machine, and the users don't see any interruption in service.
What are the steps in a DNS lookup?
In a DNS lookup, the user types in the domain name, which is queried against the authoritative DNS server for that domain.
This can be a root-server or a TLD (Top Level Domain) such as .com or .net. The authoritative DNS server sends back an answer – either there is no content specified for that query, or it will return the IP address mapped to that query.
If this is a root server, then the client will recursively resolve this until it finds an authoritative DNS server for that TLD and then iterates through all of those results until it finds an answer or gives up.
There are 13 steps in a DNS lookup process:
- Client, using local resolver cache, forwards request to resolving name server
- Resolving name server picks a target (non-authoritative) name server
- Resolving name server issues query to its root hints or top-level domain NS servers
- Root hints or TLD NS servers forward the question to an authoritative DNS server for the appropriate top-level domain (TLD)
- Authoritative DNS server for .com, for example, responds with the answer
- Authoritative server for .com sends a response to resolving name server
- Resolving name server forwards the response to the client
- The client validates the reply and caches it (if possible)
- Once validated, the client sends a response to the application that made the original request
- The client uses local resolver cache to answer subsequent requests for the same domain name if no TTL is specified in reply from the authoritative DNS server.
- If the client does not have a copy of the necessary zone information in its cache, it must find an available name server with a copy of the zone or an NS record that leads to a server that has a copy of the site.
- The client queries the root name servers for the top-level domain (TLD). For example, if the client wants to resolve www.google.com, it will ask one of the root name servers.
- Root servers point you to the name servers that are authoritative for the top-level domain.
What is a DNS resolver?
A DNS resolver is the name given to any software or service that converts domain names into their associated IP address. These IP addresses are needed when accessing a website, email address, or any other network service.
In layman's terms, this is what allows your computer to translate something you can read into a string of numbers and letters. It does the same thing for websites. If you type in www.google.com, your computer will be translating this to a series of numbers and converting it into a request for the website at that location.
The Internet is entirely dependent on DNS resolvers, which allow every single device to access any service at any given time, whether it's Google or your bank checking account details. If you could not access these services within a specific location, the Internet would be an entirely different beast.
Over the years, there must be numerous reports of DNS resolvers being owned by various government agencies, including the NSA and GCHQ. They have used them to track users or intercept details of any online traffic. One thing for sure is that a channel of this nature would be monitored, but whether it's been used is hard to establish.
What are the benefits of using a DNS resolver?
The main benefit of using a DNS resolver is – you guessed it – speed! Most Internet Service Providers (ISPs) provide DNS servers for their users because they're much faster than the servers built into your Operating System.
It is primarily because when you query one of these resolvers, it will often contain a list of several locations in which to access this information, usually far more than an operating system would provide, therefore allowing for it to be found quicker.
What is a DNS record?
DNS records are the type of listing that tells the rest of the Internet how to find your server. Many types of records can be added to a zone file and different types for different purposes, but we will focus on:
- MX (Mail Exchange) – Tells mail servers where to send emails for your domain.
- An (Address) – Maps a hostname/subdomain to an IP Address.
- CNAME (Canonical Name) – Provides a nickname for a canonical host, another name that can be used to refer to a computer.
What is DNS caching?
Caching is the process where a “stub resolver” caches DNS query results, then provides those cached records to other stub resolvers requesting information about the same domain. This speeds up name resolution for all but the first requestor, reducing network load and decreasing latency by keeping frequently queried hostnames in one place (the cache).
A stub resolver can either be a DNS client's operating system or a local recursive name server defined in RFC 1035.
Where does DNS caching occur?
DNS caching occurs at the user level in their web browser. When you (the user) go to a website, your browser takes its information from ISP DNS servers within your local network, not Google's DNS. The request for this information is routed through the local network and only stored temporarily on that internet service provider with internal DNS servers. Your browser then receives the data from that DNS server and displays it to you.
How does caching speed up DNS lookups?
Let's say you have a household with two parents and two children going on vacation. All four of you have a total of 10 devices to pack for your family vacation: a laptop, a phone, an iPod, a tablet for each child, and a Kindle for each parent. Each device has its DNS address that must be looked up every time it is turned on.
If no caching were used, this would require 40 DNS lookups to load your home screen! However, with caching enabled in your router, all ten devices will only request one DNS lookup to start up. Once the browser receives the IP address, it will store it internally for all devices connected to that network.
The next time these ten devices are turned on or restarted, they will receive all of their information from your router's DNS cache instead of requesting a new DNS lookup each time. This can result in significant speed increases.
What is DNS hijakcking?
DNS hijacking is an attack in which the attacker redirects the traffic from a legitimate website to another. The main motive of this attack is to perform phishing and drive traffic towards their products and services.
For DNS hijacking to work, the following things are essential:
- You need one or more Domain names
- You need a website under the domain name for which you want to perform a DNS hijack.
- It would help if you had a web server that is accessible from the Internet, with the necessary permissions to edit A record of your domain name.
The Bottom Line
DNS stands for Domain Name Service, and it's a system that translates domain names into IP addresses. In other words, it helps your browser find the location of a website so you can visit it. If you type “google.com” into your URL bar, DNS is what figures out where to look next so your request reaches Google servers and displays the site you want!