WHAT IS DNS

The Domain Name System (DNS) is the phonebook of the Internet. Humans access
information online through domain names, like [Link] or [Link]. Web
browsers interact through IP addresses. DNS translates domain names to IP so
browsers can load Internet resources.

Each device connected to the Internet has a unique IP address which other machines
use to find the device. DNS servers eliminate the need for humans to memorize IP
addresses such as [Link] (in IPv4), or more complex newer alphanumeric IP
addresses such as 2400:cb00:2048:1::c629:d7a2 (in IPv6).

How does DNS work?

The process of DNS resolution involves converting a hostname (such as
[Link]) into a computer-friendly IP address (such as [Link]). An IP
address is given to each device on the Internet, and that address is necessary to find
the appropriate Internet device - like a street address is used to find a particular home.
When a user wants to load a webpage, a translation must occur between what a user
types into their web browser ([Link]) and the machine-friendly address
necessary to locate the [Link] webpage.

In order to understand the process behind the DNS resolution, it’s important to learn
about the different hardware components a DNS query must pass between. For the web
browser, the DNS lookup occurs "behind the scenes" and requires no interaction from
the user’s computer apart from the initial request.

There are 4 DNS servers involved in loading a webpage:

 DNS recursor - The recursor can be thought of as a librarian who is asked

to go find a particular book somewhere in a library. The DNS recursor is a
server designed to receive queries from client machines through applications
such as web browsers. Typically the recursor is then responsible for making
additional requests in order to satisfy the client’s DNS query.
  Root nameserver - The root server is the first step in translating (resolving)
human readable host names into IP addresses. It can be thought of like an
index in a library that points to different racks of books - typically it serves as
a reference to other more specific locations. The root nameserver is
designated for the internet's DNS root zone. Its job is to answer requests sent
to it for records in the root zone. It answers requests by sending back a list of
the authoritative nameservers that go with the correct TLD.

 TLD nameserver :- The top level domain server (TLD) can be thought of as
a specific rack of books in a library. This nameserver is the next step in the
search for a specific IP address, and it hosts the last portion of a hostname
(In [Link], the TLD server is “com”). A TLD nameserver keeps the IP
address of the second-level domain contained within the TLD name. It then
releases the website’s IP address and sends the query to the domain’s
nameserver.

 Authoritative nameserver:- An authoritative nameserver is what gives

you the real answer to your DNS query. There are two types of authoritative
nameservers: a master server or primary nameserver and a slave server or
secondary nameserver. The master server keeps the original copies of the
zone records, while the slave server is an exact copy of the master server. It
shares the DNS server load and acts as a backup if the master server
[Link] authoritative nameserver is the last stop in the nameserver query. If
the authoritative name server has access to the requested record, it will return
the IP address for the requested hostname back to the DNS Recursor (the
librarian) that made the initial request.

Difference Between An Authoritative DNS Server

And A Recursive DNS Resolver?

Both concepts refer to servers (groups of servers) that are integral to the DNS
infrastructure, but each performs a different role and lives in different locations inside
the pipeline of a DNS query. Authoritative nameservers keep information of the DNS
records. A recursive server acts as a middleman, positioned between the authoritative
server and the end-user. To reach the nameserver, the recursive server has to “recurse”
through the DNS tree to access the domain’s records.

Recursive DNS resolver

After a user types in a URL in their web browser, that URL is given to the recursive DNS
server. The recursive DNS server then examines its cache memory to see whether the
IP address for the URL is already stored. If the IP address information already exists,
the recursive DNS server will send the IP address to the browser. The user is then able
to see the website for which they typed in the URL.

On the other hand, if the recursive DNS server does not find the IP address when it
searches its memory, it will proceed through the process of getting the IP address for
the user. The recursive DNS server's next step is to store the IP address for a specific
amount of time. This period of time is defined by the person who owns the domain using
a setting referred to as time to live (TTL).

The recursive resolver is the computer that responds to a recursive request from a client
and takes the time to track down the DNS record. It does this by making a series of
requests until it reaches the authoritative DNS nameserver for the requested record (or
times out or returns an error if no record is found). Luckily, recursive DNS resolvers do
not always need to make multiple requests in order to track down the records needed to
respond to a client; caching is a data persistence process that helps short-circuit the
necessary requests by serving the requested resource record earlier in the DNS lookup.
 Authoritative DNS Server

To use the phone book analogy, think of the IP address as the phone number and the
person’s name as the website’s URL. Authoritative DNS servers have a copy of the
“phone book” that connects these IP addresses with their corresponding domain names.
They provide answers to the queries sent by recursive DNS nameservers, providing
information on where to find specific websites. The answers provided have the IP
addresses of the domains involved in the query.

Authoritative DNS servers are responsible for specific regions, such as a country, an
organization, or a local area. Regardless of which region is covered, an authoritative
DNS server does two important jobs. First, the server keeps lists of domain names and
the IP addresses that go with them. Next, the server responds to requests from the
recursive DNS server regarding the IP address that corresponds with a domain name.

Once the recursive DNS server gets the answer, it sends that information back to the
computer that requested it. The computer then uses that information to connect to the
IP address, and the user gets to see the website.

Put simply, an authoritative DNS server is a server that actually holds, and is
responsible for, DNS resource records. This is the server at the bottom of the DNS
lookup chain that will respond with the queried resource record, ultimately allowing the
web browser making the request to reach the IP address needed to access a website or
other web resources. An authoritative nameserver can satisfy queries from its own data
without needing to query another source, as it is the final source of truth for certain DNS
records.

DNS Server Not Responding? What Does That Mean?

You may get a message that says “DNS server isn’t responding” after entering a
domain name in the URL bar of your browser. This means there was an attempt to
communicate with the DNS server, but the server failed to return a result. This could be
due to a few different things:

1. Your internet connection is weak or unstable, making it hard for your browser to
communicate with the DNS server
2. Your DNS settings or browser need to be updated
3. There is an issue with the DNS server, such as a loss of power at the data center where
it is housed
 DNS Caching:-
The purpose of caching is to temporarily stored data in a location that results in
improvements in performance and reliability for data requests. DNS caching involves
storing data closer to the requesting client so that the DNS query can be resolved
earlier and additional queries further down the DNS lookup chain can be avoided,
thereby improving load times and reducing bandwidth/CPU consumption. DNS data can
be cached in a variety of locations, each of which will store DNS records for a set
amount of time determined by a TTL.

(i) Browser DNS Caching

Modern web browsers are designed by default to cache DNS records for a set amount of time.
The purpose here is obvious; the closer the DNS caching occurs to the web browser, the fewer
processing steps must be taken in order to check the cache and make the correct requests to
an IP address. When a request is made for a DNS record, the browser cache is the first location
checked for the requested record.

In Chrome, you can see the status of your DNS cache by going to chrome://net-internals/#dns.

The operating system (OS) used by your device stores DNS resource records through
the use of caching. Caching prevents redundancy when someone tries to go to a site.
This, in turn, reduces the amount of time it takes to get to the website. If the device you
are using recently went to the page it is trying to access, the IP address can be supplied
by the cache. In this way, the website request can be completed without involving the
DNS server.

The DNS cache, therefore, helps streamline the DNS lookup process that would
otherwise be necessary to link a domain name to an IP address. This makes the
process of getting to the website much faster.

(II) OS DNS Caching

The operating system level DNS resolver is the second and last local stop before a DNS
query leaves your machine. The process inside your operating system that is designed
to handle this query is commonly called a “stub resolver” or DNS client. When a stub
resolver gets a request from an application, it first checks its own cache to see if it has
the record. If it does not, it then sends a DNS query (with a recursive flag set), outside
the local network to a DNS recursive resolver inside the Internet service provider (ISP).

When the recursive resolver inside the ISP receives a DNS query, like all previous
steps, it will also check to see if the requested host-to-IP-address translation is already
stored inside its local persistence layer.

The operating systems of many devices are capable of maintaining a local copy of DNS
lookups. This makes it possible for the OS to quickly get the information it needs to
resolve the URL to the correct IP address.

How to Perform a DNS Lookup

Each domain has DNS records, and these are pulled by nameservers. You can check
the status of the DNS records associated with your domain. You can also examine the
nameservers to ascertain which records are being pulled by the servers. On a Windows
computer, for example, this is done using the NSLOOKUP command. Here’s how to do
it:

1. A user types ‘[Link]’ into a web browser and the query travels into the Internet
and is received by a DNS recursive resolver.

2. The resolver then queries a DNS root nameserver (.).

3. The root server then responds to the resolver with the address of a Top Level
Domain (TLD) DNS server (such as .com or .net), which stores the information for its
domains. When searching for [Link], our request is pointed toward the .com
TLD.

4. The resolver then makes a request to the .com TLD.

5. The TLD server then responds with the IP address of the domain’s nameserver,
[Link].

6. Lastly, the recursive resolver sends a query to the domain’s nameserver.

7. The IP address for [Link] is then returned to the resolver from the
nameserver.

8. The DNS resolver then responds to the web browser with the IP address of the
domain requested initially.

Once the 8 steps of the DNS lookup have returned the IP address for [Link], the
browser is able to make the request for the web page:

9. The browser makes a HTTP request to the IP address.

10. The server at that IP returns the webpage to be rendered in the browser (step 10).
 What is a DNS Revolver?

A DNS resolver is also referred to as a recursive resolver. It is designed to take DNS

queries sent by web browsers and applications. The resolver receives the website URL,
and it then retrieves the IP address that goes with that URL.

What are the Types of DNS Queries?

During the DNS lookup process, three different kinds of queries are performed. The
queries are combined to optimize the resolution of the DNS, saving time.

1. Recursive query:- In a recursive query, a DNS client requires that a DNS server
(typically a DNS recursive resolver) will respond to the client with either the requested
resource record or an error message if the resolver can't find the record.

2. Iterative query:- in this situation the DNS client will allow a DNS server to return the
best answer it can. If the queried DNS server does not have a match for the query
name, it will return a referral to a DNS server authoritative for a lower level of the
domain namespace. The DNS client will then make a query to the referral address. This
process continues with additional DNS servers down the query chain until either an
error or timeout occurs.

3. Non-recursive query:- typically this will occur when a DNS resolver client queries a
DNS server for a record that it has access to either because it's authoritative for the
record or the record exists inside of its cache. Typically, a DNS server will cache DNS
records to prevent additional bandwidth consumption and load on upstream servers.
 Free vs. Paid DNS Servers: What is the Difference?

In some cases, a regular user may not need a paid DNS server. However, there are
significant benefits of paying for a premium DNS.

1. Dynamic DNS (DDNS):- A DDNS maps internet domains, matching them to IP

addresses. This enables you to get into your home computer no matter where you are
in the world. DDNS is different from a regular DNS because it works with changing or
dynamic IP addresses, making them a good choice for home networks.

2. Secondary DNS: A secondary DNS nameserver makes sure that your domain does not
go offline. It provides you with a redundancy or backup that can be accessed in the
event of a complication.

3. Management interface: Many paid DNS servers offer users a dashboard they can use
to manage their service and tweak it according to their needs.

4. Two-factor authentication: You can provide protection for your domain with an extra
level of authentication.

5. More security: When you make use of a paid DNS server, you get another protective
level of security. This helps shield your website from attackers.

6. Better, faster performance: A paid DNS server comes with a service-level agreement
(SLA). Each SLA guarantees a high rate of DNS resolution, often between 99% and
100%.

7. Customer service: With a paid DNS server, you get the additional advantage of
customer service that can answer questions and troubleshoot any issues.