Domain Name System

(DNS)
Siddhartha Pal - 22BIT0024
Madhuvanthi S - 22BIT0103
Saloni Sinha - 22BIT0445
Priyanshu Das - 22BIT0539
What is DNS?
Definition
The Domain Name System (DNS) is a hierarchical and decentralized naming system that translates human-readable domain
names (e.g., [Link]) into machine-readable IP addresses (e.g., [Link]). This process allows users to
access websites and services without needing to memorize complex numerical IP addresses.

Function + Importance

The Domain Name System (DNS) functions like the internet’s “phone book,” translating human-friendly domain names into
machine-readable IP addresses so that browsers can locate and load the correct resources. To manage this efficiently,
DNS is built on a hierarchical and distributed database structure that includes root servers, top-level domain (TLD)
servers, and authoritative name servers. This layered design allows DNS to resolve queries effectively while
distributing the workload. One of the key strengths of DNS is its scalability and decentralization—it can accommodate
the enormous and growing number of internet-connected devices by delegating control over subdomains to different
entities, ensuring both fault tolerance and flexibility. To further enhance performance, DNS resolvers cache query
responses for a certain period. This caching reduces the need for repeated lookups, lightens the load on DNS servers,
and significantly improves user experience by speeding up access to frequently visited domains.
DNS Architecture
Root Servers
At the very top of the DNS hierarchy lies the root level, represented by a single dot (.). Root servers are
responsible for handling queries that cannot be answered by local caches or resolvers. While they do not
store IP addresses for specific domain names, they play a crucial role by directing DNS queries to the
appropriate Top-Level Domain (TLD) servers based on the domain extension (such as .com, .org, or .uk). This
makes root servers the starting point for resolving domain names that are not already known by the DNS
resolver.
TLD Servers
TLD servers sit just below the root servers in the DNS hierarchy. They are responsible for handling
specific domain extensions, which can be generic (like .com, .net, .org) or country-code based (like
.uk, .ca, .in). When a root server receives a DNS query, it forwards it to the appropriate TLD server
based on the domain extension. The TLD server, in turn, provides the DNS resolver with information about
the authoritative name servers responsible for the requested second-level domain (such as example in
[Link]).

Authoritative Servers
Authoritative name servers are the final stop in the DNS lookup process, holding the actual DNS records for a
domain, including A records (which map domain names to IP addresses), MX records (for email routing), and
other critical information. When a TLD server directs a query to an authoritative server, this server
responds with the precise IP address or relevant record needed to complete the DNS resolution. Because
authoritative servers store definitive data for a domain, they are essential for ensuring accurate and
reliable name resolution.
Types of DNS Records

A Record AAAA Record MX Record CNAME Record

Maps domain names to IPv4 Maps domain names to IPv6 Directs email traffic to Creates an alias for
addresses (e.g., addresses, supporting the appropriate mail another domain name, useful
[Link] → [Link]). modern internet protocols. servers, ensuring reliable for subdomains or load
email delivery. balancing.
How DNS Works: The Query Process
User Request
User enters a domain name in browser. Browser checks its cache.

Recursive Resolver Query

Resolver checks local cache; if not found, queries root server.

Root DNS Server

Directs resolver to TLD name server; doesn't provide final IP.

TLD Name Server

Returns address of authoritative name server for domain.

Authoritative Name Server

Holds DNS records and provides corresponding IP address.

Response to Browser
Resolver sends IP address to browser, which connects to web server.
How DNS Works: The Query Process
When a user types a domain like [Link] into a browser, a process called DNS resolution begins.
This translates the human-friendly domain into a machine-readable IP address.

First, the user's device checks its local DNS cache. If the IP isn’t stored, it sends a query to a
Recursive DNS Resolver, usually managed by the ISP or a public DNS service (like Google or Cloudflare).
The resolver checks its own cache too; if there’s no match, it begins a step-by-step search.

The resolver contacts a Root Name Server, which directs it to the correct Top-Level Domain (TLD) Server,
based on the domain extension (like .com). The TLD server then points to the domain’s Authoritative Name
Server, which contains the actual DNS records.

The authoritative server responds with the correct IP address, which the resolver sends back to the
browser. The browser then uses this IP to connect to the web server and load the website.

To speed things up next time, the resolver and device cache the result for a limited time (TTL). Though
the process is complex, it happens in milliseconds—making the web seamless and easy to use.
Role of Root Name
Servers in DNS
Root name servers are critical to the DNS infrastructure. They are
the starting point for DNS resolution.

1 Authoritative 2 Referral to TLD

Information Servers
Provide authoritative Direct queries to the
information about top- appropriate TLD name
level domains, such as servers for specific
.com and .org. domain information.

3 Global Network
Operate on a globally distributed network to ensure high
availability and low latency.
Role of Root Name Servers in DNS
Root Name Servers are at the top of the DNS hierarchy and serve as the starting point when a domain name
can’t be resolved from cache. When a user enters a website like [Link], and no cached IP is
available, the recursive resolver contacts a root server to begin the search.

Root servers don’t store IP addresses for specific domains. Instead, they redirect the resolver to the
correct Top-Level Domain (TLD) server—like .com or .org—bringing it one step closer to the final answer.

There are 13 root server identifiers (A–M), but each is backed by hundreds of global servers using anycast
routing. This setup ensures fast and reliable responses by routing queries to the nearest server,
improving performance and minimizing delays.

Though root servers don’t answer every query directly, they play a crucial navigational role in DNS
resolution. If they were ever disrupted, DNS for uncached domains would slow down or fail—impacting global
internet access.

In short, root servers are like GPS starting points—they don’t give the final destination but point
resolvers in the right direction, making them vital for DNS functionality and internet stability.
Why DNS is Indispensable
Simplifies Web Supports Critical Ensures Redundancy
Navigation Services and Load Balancing
Transforms complex IP addresses • Email routing Maintains high availability and
into easy-to-remember domain • Cloud services optimal performance.
names. • Content delivery networks
(CDNs)
Why DNS is Indispensable

DNS is much more than just a tool for web browsing—it’s the backbone of many internet services we use every day. From sending emails
to streaming content and accessing cloud apps, DNS quietly ensures everything connects and functions smoothly.

For web browsing, DNS translates easy-to-remember domain names (like [Link]) into IP addresses, so we don’t have to memorize
numbers. In email, DNS uses MX records to route messages to the correct mail servers.

Cloud services like Microsoft 365, AWS, and Zoom rely on DNS to route users to the nearest or most efficient server, improving speed
and reliability. Similarly, CDNs (e.g., YouTube, Netflix) use DNS to send content from the closest server, reducing load times and
buffering.

For high-traffic websites, DNS enables load balancing, directing users to different servers to avoid overload. It also supports
redundancy—if one server fails, DNS redirects traffic to a backup, ensuring uptime.

In the IoT world, smart devices depend on DNS to connect to their cloud systems for remote control and monitoring. Lastly, security
features in DNS can block access to harmful sites, offering early protection against cyber threats.
Challenges of DNS in Distributed
Systems
DNS faces significant challenges in distributed environments. Consistency, scalability,
failure handling, and security are key concerns.

Consistency
Maintaining consistent DNS records across distributed zones is crucial.

Scalability
DNS must handle high query volumes and frequent updates efficiently.

Failure Handling
DNS infrastructure should gracefully handle server failures and network partitions.

Security
Protecting DNS from attacks like hijacking and DDoS is essential.
Navigating DNS Security Risks

DNS Hijacking

1 Redirects queries through rogue DNS servers.

DDoS Attacks
2 Overloads DNS servers with excessive traffic.

DNS Spoofing
3 Corrupts DNS records, redirecting users to malicious
sites.
DNS Load Balancing and Performance
Optimization
1 Multiple Servers 2 Round-Robin DNS
Employ primary and secondary servers. This ensures Rotate multiple IP addresses for a domain. Distribute
redundancy if one server fails. traffic across different servers evenly.

3 Anycast Routing 4 DNS Failover

Share the same IP across multiple DNS servers. Route Some DNS services monitor the health of backend
requests to the nearest server to reduce latency. servers. If a server becomes unresponsive, the DNS
automatically removes it from responses.

5 Load-Balancing Services
Advanced DNS services integrate with CDNs or cloud-based global load balancers. Policies like geolocation-based routing
direct users to the closest or least-loaded server.
DNS Load Balancing and Performance
Optimization (…cntd)
Caching Techniques Load Balancing Methods

ISP-level, browser, and OS-level caching for reduced Geographical load balancing directs users to the nearest
latency and faster response times. Caching stores DNS server, while round-robin DNS alternates responses
records temporarily to speed up future queries, between multiple IP addresses. Load balancing
enhancing user experience by reducing the need to distributes network traffic across multiple servers,
repeatedly fetch the same information. preventing overload and ensuring high availability and
optimal performance.
Handling DNS Server Failures

1 Cached Records 2 Service Disruption

Clients will continue using cached DNS records for New DNS lookups will fail, causing service
a limited time. This helps to minimize immediate disruptions. Users may experience inability to
disruptions, as clients can still access previously access websites or services until the DNS issue is
resolved domains. resolved.

3 Redundancy 4 Monitoring
Implement multiple geographically diverse DNS Continuous monitoring and alerts for prompt issue
servers for redundancy. Distributing servers across resolution. Real-time monitoring allows for quick
different locations minimizes the impact of detection and mitigation of potential DNS server
regional outages and improves overall resilience. failures.
Mitigating Security Risks with Robust Protocols

DNSSEC
Prevent DNS spoofing with digital signatures.

DNS-over-HTTPS (DoH)
Encrypt DNS queries to protect user privacy.

Monitor DNS Traffic

Detect anomalies indicative of security breaches.

Regular Updates
Patch DNS infrastructure to address vulnerabilities.
Mitigating Security Risks with Robust Protocols(...ctd)
DNS, while powerful, can be vulnerable to attacks like spoofing, cache poisoning, and man-in-the-
middle attacks.

DNSSEC (Domain Name System Security Extensions) helps protect against spoofing by digitally signing
DNS data. It ensures the integrity and authenticity of responses—so users aren’t misdirected to
malicious sites.

DoH (DNS over HTTPS) encrypts DNS queries using HTTPS, protecting user privacy by preventing ISPs
and attackers from seeing what websites are being accessed. It’s especially useful on public or
untrusted networks.

Monitoring DNS traffic is also critical. It helps detect unusual patterns, like sudden spikes or
unknown domain queries, which could indicate malware activity or data exfiltration.

Combining these approaches—DNSSEC, DoH, and proactive monitoring—strengthens DNS security and helps
safeguard both users and organizations from DNS-based threats.
DNS Setup Best Practices
Multiple Servers
Deploy DNS servers across various geographical
regions to ensure redundancy and minimize
Anycast DNS
latency.
Implement Anycast to efficiently route user
requests to the closest available server,
Load Balancing
optimizing response times.
Distribute DNS traffic effectively using Round-
Robin DNS or GeoDNS to prevent server overloads
DNSSEC
and ensure high availability.
Enable DNSSEC to protect against DNS spoofing
and ensure the integrity of DNS responses,
enhancing overall security.
DNS Setup Best Practices
To ensure secure and efficient DNS operations, it's important to follow best practices. Start
by deploying redundant DNS servers across multiple locations to enhance availability and fault
tolerance.

1. Implement DNSSEC (Domain Name System Security Extensions) to protect against DNS spoofing
and ensure the authenticity of responses. Restrict zone transfers to specific, trusted IP
addresses and use firewalls to control who can query your servers.
2. Monitoring DNS traffic helps detect unusual patterns that may indicate attacks, while rate
limiting can mitigate DDoS threats.
3. Keep DNS software and server operating systems updated to patch known vulnerabilities, and
harden systems by disabling unnecessary services and ports.
4. Using anycast routing improves speed and resilience by directing users to the nearest
available server.
5. Additionally, tuning TTL (Time-to-Live) values can help balance the need for quick updates
with the benefits of caching. Together, these practices support a secure, high-performance
DNS infrastructure.