top of page
Programming

What is DNS? How does DNS work? Types of DNS Servers- Backend Development Series

Updated: Dec 9, 2022



Have you ever wondered what happens behind the scenes after you enter a URL in the browser? How does the browser know where to find the data belonging to a website?

The answer is DNS (Domain Name System). Without DNS, the whole internet framework would collapse. The internet is actually computers that are interconnected by lots of wires. The DNS is responsible for mapping these computers with the URLs.


If you are a software developer, a DevOps engineer, or a computer science student, you would need to know about how DNS works and this blog is for you.


Let's dive right in -


What is DNS? - Definition

What is DNS in computer networks?

DNS stands for Domain Name System. It is a system that allows us to find the IP address of a website or server.

DNS is a hierarchical naming system for computers, services, or other resources connected to the Internet or a private network.


The name "DNS" derives from its role as a directory for the Domain Name System (a tree-structured system). The DNS hierarchy consists of domains, which are collections of subdomains (e.g., "example.com" can contain "subdomain1.example.com", "subdomain2.example.com", etc.), and DNS records which map domain names to IP addresses and identify other information about those domains (e.g., which mail servers handle email for that domain).



How does a DNS query work?

The internet as we know it today is actually computers present somewhere in the world, and everything is interconnected using wires. Each computer is identified using a string of numbers called IP addresses. These IP addresses are unique to the computer/machine.


If you want to get data from any one computer, you can connect to it using this IP address. Humans lack the mental capacity to remember so many random strings of numbers which are essentially IP addresses. Humans can remember literature words that have some meaning. This came to be known as domains. Each computer that has an IP address also has an alias to this IP address known as a domain. Similar to IP addresses, this domain is also unique across the globe.


DNS (or Domain Name System) is used to translate this "readable name" or domain into IP addresses.


How does the Domain Name System (DNS) work?

There are 4 types of DNS servers involved in translating the domain name into an IP address.


4 Types of DNS Servers and What happens when an HTTPS request is made?


Steps involved in a DNS Lookup


Let's see what happens when you type a URL in your browser. For example, I will type - https://thegeekyminds.com in my browser.


  • DNS Recursor Resolver - My browser will first check in the operating system if it already knows the IP address corresponding to this URL. The IP address may be stored in the browser cache or somewhere on the computer. If the operating system knows the IP address, the search would end here. If the operating system does not know the IP address, it will ask the DNS Recursor Resolver for the IP address. The DNS Recursor Resolver may or may not have this IP address in memory. If the DNS Recursor Resolver does not have the IP address, it will direct the search to the Root Nameserver.

  • Root Nameserver - The root name server will reply that it knows where to find the IP Address and will direct the DNS Recursor Resolver to TLD nameservers. TLD stands for (Top Level Domain). The DNS Recursor Resolver will store all this information in its cache and go to the "COM" TLD name server.

  • TLD NameServer - The TLD (Top Level Domain) nameserver hosts the last part of a URL. In this case, it hosts the "com" nameserver. The TLD name server will respond that it knows where to find the "geekyminds.com" nameservers and direct this DNS Recursor Resolver to another server known as an authoritative nameserver.


You may be wondering, how the com TLD nameservers know which authoritative servers to use.

The answer is with the help of the domain's registrar.

When you purchase a domain, the registrar is told which authoritative name servers the domain should use. They notify the domain responsible for the top-level domain (registry), and tell them to update their TLD nameservers.


  • Authoritative Nameserver - The authoritative nameserver will definitely know the IP address. The DNS Recursor Resolver's search ends here and it takes this information and stores the information in its cache. Next time when the browser requests this URL, it will check its cache and directly fetch the IP address from there.


The DNS Recursor Resolver gives all this domain's DNS information to the operating system. The operating system then gives this information to the browser. The browser then calls the corresponding IP address and opens the webpage.


While this process seems very lengthy, this process actually takes very less time. DNS was designed to be extremely fast.


DNS Records


What are DNS Records?

DNS records are information on a domain address as to which IP address the domain is mapped to. It also contains some other information about the domain and its servers. Each DNS record also has a Time to Live (TTL) which indicates how long should the DNS server refresh the record. All the domains should have at least one DNS record for the website to be accessible for the domain on the internet.


There are several types of DNS records, Few popular ones of them are :


Frequently used DNS records

  • A record - The "A" in this record means the Address (IP Address). This record stores the IP address of a domain. TTL stands for (Time-to-Live) and is generally stored in seconds,

The A record only stores the ipv4 addresses. If you want to store an ipv6 address, you should use an AAAA record.

  • AAAA record - This record stores the IP addresses in ipv6 format


  • CNAME record - The 'canonical name' (CNAME) record is used as a replacement for an A record. This is used when the main domain uses an alias for a subdomain(s). The content of a CNAME always points to the main domain, not to an IP address.


  • MX record - A DNS 'mail exchange' (MX) record directs email to a mail server. This is the MX record which is used in accordance with the Simple Mail Transfer Protocol (SMTP). Like CNAME records, MX records also point to another domain


  • TXT record - LThe TXT record lets the domain administrator input text into the DNS to be presented as human-readable content. Before this became widespread, it was intended to store notes related to a domain. However, now it is also possible to put data in a machine-readable format. You can have multiple TXT records


  • NS record - The NS record indicates the DNS server for a particular domain and tells the internet where to find information about that domain. Basically, NS records allow external services to get in touch with the system which holds a site's data. A domain can have multiple NS records, which indicates there are both primary and secondary nameservers.


  • SOA record - The way that the Autonomous System Number (ASN) manages IP addresses is a complicated and nuanced process. One of the most important parts of this is the ‘start of authority or SOA record which identifies important information such as details about the administrator, who you should contact in case of an issue, when it was last updated, and how long it should wait between refreshes.


  • SRV record - DNS "services" (SRV) records let you specify which sorts of services you want at a specific port. For example, if you want to host VoIP, instant messaging and other things, you would set up DNS records that point to your server or IP address and indicate the ports for specific services using this. Other DNS records tend to be server or IP-specific.


  • PTR record - A DNS pointer record (PTR for short) provides the domain name associated with an IP address. A DNS PTR record is exactly the opposite of an 'A' record and is used in reverse-DNS lookups.


Risks of DNS



The Domain Name System (DNS) can be a target of cyber attackers. Some of the attacks which are possible:

  • DDoS Attack on the DNS Servers: DDoS stands for (Discrete Denial of Service Attacks). In this, the attacker floods the server with so many requests that the server becomes overloaded and fails to perform requests

  • DNS Spoofing: In this type of attack, the attackers corrupt the cache of the DNS Resolver, direct the incoming traffic to its servers, and perform malicious activities.

  • Lack of Encryption: The whole DNS system does not come with encryption. The devices connected to a local router can get their data spoofed and even manipulated. Since this has a privacy-related risk, certain solutions have come up to mitigate this.


Alternate DNS Servers

The task of DNS lookup is mostly carried out by your ISP. If you want to bypass the DNS provided by your ISP (maybe to go around censorship), you can use free publicly available DNS services. Few of them are



Once you have decided on which DNS server to use, you can configure your system to use a particular DNS provider. To get the exact configuration steps, check out this article.



And that's a wrap! Hi, I am Gourav Dhar, a software developer and I write blogs on Backend Development and System Design. Subscribe to my Newsletter and learn something new every week - https://thegeekyminds.com/subscribe


0 comments

Related Articles