What is DNS?
Read about the DNS server process that enables you to visit all your favourite websites
Brief Summary
DNS stands for Domain Name System. It’s like a phone book for the internet, and translates domain names into IP addresses so computers can understand them.
DNS stands for Domain name system but is also often referred to as Domain name server. Your computer or mobile device has a much easier time taking you where you want to go on the internet through DNS.
Domain name servers work, metaphorically, just like taxicabs. If you were to get in a taxicab, you’d have to tell the driver your address, or you won’t get to your destination. The same applies to DNS. DNS translates the URL of a website into numbers because computers only understand numbers. So if you type in the URL, the domain name server translates it into an IP address.
When you type in a website’s address, such as www.one.com, your computer needs an IP address to clear a route for you to get to one.com’s website. In order for your computer to gain access to the IP address for one.com, it sends a request to the DNS. Once the request is sent, it’ll match an IP address with the URL you’ve typed in on your browser, and you’re ready to browse the website.
Basically, a domain name server is just like a phone book but for the internet. When you look for a number in the phone book, you don’t automatically look for the number; you look for the name of the person you’re trying to call first.
What does DNS do?
A DNS query must go through various stages. If your computer can find the IP address stored in the cache memory, it does not have to go through all this process. So, after you’ve visited our website for the first time, your computer should store the IP address in the cache memory to skip this process. However, if it’s your first time visiting a website, then this is how DNS works.
DNS resolver
Domain name server requests first go to a Recursive name server, also known as a DNS resolver, a server that your internet provider operates. The recursive name server might already have the IP address you’ve requested stored, so it’ll first check if it can find it. If the recursive name server does not have the IP address stored, it will go to one of several root servers.
Think of this DNS resolver as a librarian trying to find a book for you at the library.
It’s the recursive name server that takes the time to respond to your request and discovers the DNS record. In order to find the DNS records, the DNS resolver sends out multiple requests, as we will see now reading the list.
Root nameserver
These multiple root servers manage top-level domains (TLD) such as .com. There are thirteen sets of these root servers that twelve different organisations operate. Also, these servers use physical hardware worldwide to ensure that all incoming requests are handled and, more importantly, handled quickly.
When the DNS resolver sends a request to the root nameserver, the root nameserver will not be able to respond to the request with the desired IP address. Instead, the root nameserver will direct the request made by the DNS resolver to the TLD nameserver.
Top-level domain name server
With the root nameserver’s help, the DNS resolver will now ask the top-level domain server for the IP address. In this case, it would be .com as you’re trying to check out our website www.one.com to read this article.
Think of the top-level domain name server as a specific category of books at the library—for example, the romantic novels category.
The top-level domain name server stores all address information for top-level domains. When the DNS resolver sends the request for the IP address of one.com, the TLD name server will not know the IP address either. Once again, the TLD name server will direct the DNS resolver to the Authoritative name server as the final step.
Authoritative name server
The DNS resolver will now request the IP address one.com and will ask the authoritative name server, which contains an authoritative list of IP addresses and matching URLs. The authoritative name servers are responsible for keeping track and knowing everything about domains. This authoritative list is updated every time someone buys and registers a new domain.
The authoritative name server is the last stop of the DNS lookup process; it has the final authority. It’s ultimately the authoritative name server that allows the website you want to visit to request and gather the IP address needed to access the said website.
When the authoritative name server receives the request, it’ll respond with an IP address for one.com. This will enable the DNS revolver to tell your computer the IP address, and your computer, in return, can retrieve the one.com web page.
For this process to go quicker, the next time you’re trying to visit the same website, your computer and the recursive name server will cache entries for a while. Thus, your computer will know the correct IP address the next time, or it will be able to get it from the recursive server without going through all the other various requests.
What is my DNS server?
It’s your network provider that establishes your DNS server automatically when you try to connect to the internet. Some websites can help you gain information regarding your network connection. Browserleaks is a good website that enables you to find your DNS server.
If you are having any issues with your DNS, you are welcome to read our article about how to fix a DNS not responding error.
Some things to be aware of
As with everything else on the internet, you need to ensure that you’re protected from hackers and attackers. Below we’re listing some DNS attacks that can unfortunately occur and that you should be aware of:
- DNS reflection attacks
DNS reflection attacks mean that victims of these attacks will receive multiple high-volume messages from DNS resolver servers. These attackers are looking to find large DNS files from DNS resolver servers that’re open; they do this using the victims IP address. Consequently, when the DNS resolver responds to the request, the victim will receive multiple DNS data that overwhelms their machines.
- DNS cache poisoning
DNS cache poisoning can lure users to websites with malicious intent. The attackers do this by falsifying address records into the DNS. Thus, when a victim requests an address resolution for one of these websites that have been poisoned, the DNS will respond with an IP address for a website that the attacker controls, so the attacker will direct it to malicious websites. If the victim happens to end up on one of these websites, they might be tricked into giving up their passwords etc.
- DNS resource exhaustion
A DNS resource exhaustion attack can obstruct the infrastructure of ISP (internet service provider), subsequently blocking the ISP customers from visiting websites on the internet. The attackers do this by using the victim’s name server as the domain’s authoritative server. This will consequently result in an overwhelming amount of requests exhausting the victim’s nameserver.
DNS Security Extension
The Internet Corporation for Assigned Names and Numbers, also known as ICANN, has developed DNS Security Extension to ensure that the communication between the different levels of DNS lookups is more secure.
DNSSec was developed to ensure that attackers cannot disrupt and seize DNS lookups that could negatively result in phishing attacks. The process of DNSSec is that for each level of DNS lookups, you have to digitally sign and confirm that an attacker does not command the request.