PRESENTED BY POOJ A P

LIST OF MOTIFS

1. WHAT IS DNS?
2. NAME SPACE.
3. HOW DNS WORKS OR RESOLUTION.
4. DNS CACHING.
5. RESOURCE RECORDS.
6. DNS MESSAGES.
7. DDNS.
8. SECURITY OF DNS.
WHAT IS DNS?
The Domain Name System(DNS) translates Internet Domain and host names to IP addresses and
vice versa.

The Purpose of DNS

FOR EASY UNDERSTANDING
DNS Often called the “phonebook for the internet,” a more modern analogy is that DNS manages domain
names like a smartphone manages contacts. Smartphones eliminate the need for users to remember individual
phone numbers by storing them in easily searchable contact lists.

Likewise, DNS enables users to connect to websites by using internet domain names instead of IP addresses.
Rather than having to remember the web server is at “[Link],” for instance, users can simply go to the
webpage “[Link]” to get their wanted results.
NAME SPACE
The DNS name space is the set of all domain names that are registered in the DNS.
These domain names are organized into a tree-like structure, with the top of the tree
being the root domain. Below the root domain, there are a number of top-level domains,
such as .com, .net, and .org. Below the top-level domains, there are second-level
domains, and so on. Each domain name in the DNS name space corresponds to a set of
resource records, which contain information about that domain name, such as its IP
address, mail servers, and other information.

The DNS name space is hierarchical, meaning that each domain name can have
subdomains beneath it. For example, the domain name "[Link]" could have
subdomains such as "[Link]" and "[Link]". This allows for a
very flexible and scalable naming structure for the Internet.

The DNS name space is managed by a number of organizations, including the Internet
Corporation for Assigned Names and Numbers (ICANN), which is responsible for
coordinating the allocation of unique domain names and IP addresses.
DOMAIN
NAMING
HIERARCHY

The DNS namespace i s organi zed hierarchi call y, with the root
of the hi erarchy at the top. At the root of the DNS namespace,
there are a number of top-level domai ns (TLDs), such as . com,
. net, and . org. These TLDs are further divi ded i nto second-level
domai ns, and so on.
For example, consi der the domai n name "example. com". "com" i s
the top-level domai n, and "example" i s the second-l evel domai n.
"Example. com" can have subdomai ns beneath i t, such as
"www. example. com" and "mai l. example. com". Each subdomain
can also have further subdomai ns beneath i t, formi ng a tree-
li ke structure.
The DNS namespace i s decentrali zed, meaning that there is no
central authori ty that controls the entire namespace. I nstead,
di fferent organi zati ons are responsi bl e for managi ng different
parts of the namespace. For example, I CANN i s responsible for
coordi nati ng the allocati on of uni que domai n names and I P
addresses, whi le i ndi vi dual regi strars are responsible for
selli ng domai n names to customers and maintai ning records
of those domai n names i n the DNS.
HOW DOES DNS WORK?
Every query (sometimes called a DNS request) follows the same logic to resolve IP
addresses. There are different ways in which queries are initiated—as a common
example, let’s consider a person using a web browser.

When the user enters a URL into their web browser, the browser sends the query to the
DNS resolver, which progressively queries authoritative DNS servers to locate the
authoritative name server that holds the domain’s records, including the associated IP
address. The IP address is returned to the browser, and the user is connected to the
website.

RESOLUTION
More specifically, query resolution in the DNS involves several key processes and
components

> Query initiation. A user enters a domain name, such as “[Link],” into a browser or app.
If the IP address for the site in question is not in the browser’s cache, the request is sent to
a recursive DNS resolver. Typically, the user’s device has predefined DNS settings, provided
by the ISP, that determine which recursive resolver receives the request.

> Recursive resolver. The recursive resolver checks its own cache for the domain’s
corresponding IP address. If the recursive resolver does not have the necessary records in
its cache, it initiates the lookup process, starting at the root server.

> Root name server. The recursive resolver queries a root name server, which responds with
a referral to the appropriate TLD server for the domain in question (the TLD name server
responsible for “.com” domains, in this instance).

> TLD name server. The resolver queries the “.com” TLD name server, which responds with
the address of the authoritative name server for “[Link].”

> Domain name server. The resolver queries the domain’s name server, which looks up the
DNS zone file and responds with the correct record for the provided domain name.

> Query resolution. The recursive resolver returns the IP address to the user’s device. The
browser or app can then initiate a connection to the host server at that IP address and
access the requested website or service. The browser and resolver cache records in
accordance with their respective configurations and TTLs.
 DNS
CACHING
DNS CACHING IS THE TEMPORARY STORAGE OF DNS RECORDS ( WHICH MAP DOMAIN NAMES TO IP ADDRESSES) ON LOCAL
DEVICES OR SERVERS TO SPEED UP SUBSEQUENT VISITS TO THE SAME WEBSITES.
KEY POINTS

PURPOSE: THE PRIMARY GOAL IS TO IMPROVE PERFORMANCE BY AVOIDING THE FULL DNS LOOKUP PROCESS
( WHICH INVOLVES QUERYING MULTIPLE SERVERS ACROSS THE INTERNET) EVERY TIME A USER VISITS A SITE. THIS
RESULTS IN FASTER PAGE LOAD TIMES AND REDUCED NET WORK TRAFFIC/L ATENCY.

MECHANISM: WHEN A USER TYPES A URL, THE DEVICE FIRST CHECKS ITS LOCAL CACHE. IF THE RECORD IS
FOUND AND HASN' T EXPIRED, IT 'S USED IMMEDIATELY. IF NOT, THE QUERY IS FOR WARDED TO A RECURSIVE DNS
SERVER , WHICH ALSO USES CACHING, EVENTUALLY REACHING THE AUTHORITATIVE SERVER IF NEEDED.

TIME-TO -LIVE (TTL): EACH DNS RECORD HAS A TTL VALUE (SET BY THE DOMAIN O WNER) WHICH DICTATES HO W
LONG IT CAN BE STORED IN A CACHE BEFORE BEING CONSIDERED OUTDATED AND REQUIRING A FRESH LOOKUP.
HIERARCHY: CACHING OCCURS AT MULTIPLE LEVELS:

BROWSER CACHE: THE FIRST LEVEL, WITHIN YOUR WEB BRO WSER (CHROME, FIREFOX, ETC.).
OPERATING SYSTEM (OS) CACHE: MAINTAINED BY YOUR COMPUTER'S OS ( WINDO WS, MACOS, LINUX ).
RECURSIVE DNS SERVER CACHE: MAINTAINED BY YOUR ISP OR THIRD -PARTY DNS PROVIDER (LIKE GOOGLE PUBLIC DNS OR
CLOUDFL ARE DNS).

SECURITY & MAINTENANCE: WHILE BENEFICIAL, CACHING CAN LEAD TO ISSUES IF RECORDS BECOME OUTDATED
OR CORRUPTED. A MALICIOUS ATTACK CALLED DNS CACHE POISONING (OR SPOOFING) CAN INJECT FALSE
INFORMATION INTO A CACHE, REDIRECTING USERS TO FAKE WEBSITES. MANUALLY FLUSHING THE DNS CACHE
HELPS TROUBLESHOOT CONNECTIVITY ISSUES, ENSURE UPDATED RECORDS ARE FETCHED, AND MITIGATE
SECURITY RISKS.
DNS RESOURCE RECORDS (RRS)
It store information about a domain, with common examples being A records (mapping names to
IPv4), AAAA records (to IPv6), CNAME records (aliases), MX records (mail servers), NS records
(name servers), and SOA records (zone authority), each providing specific data like IP addresses,
server locations, or administrative details, crucial for domain functionality.
DNS
MESSAGES
DNS messages are standardized packets for Domain Name System communication, primarily
consisting of two types: Queries (client asking for an IP) and Responses (server answering), both
sharing a common format with a Header, a Question section, and optional Answer, Authority, and
Additional sections, allowing clients and servers to find website addresses efficiently.
Key Components of a DNS Message
Header: The first 12 bytes, containing crucial control info like a Transaction ID (to match replies to
queries), flags (query/reply, recursion desired/available), and counts for the sections that follow
Question Section: Holds the actual question (domain name, record type like 'A' for IP), defining what's
being asked.
Answer Section: Contains Resource Records (RRs) that directly answer the question, like an IP address
for a domain.
Authority Section: Lists authoritative name servers for the queried domain, helping in further
resolution.
Additional Section: Provides extra relevant data, like glue records or other helpful RRs.

How They Work

1. Client Sends Query: Your browser sends a DNS query message (e.g., "What's the IP for [Link]?")
to a DNS resolver, usually over UDP.
2. Resolver Processes: The resolver checks its cache; if not found, it forwards the query (iteratively or
recursively) up the DNS hierarchy.
3. Server Sends Response: An authoritative server sends back a response message containing the IP
address in the Answer section.
4. Client Gets IP: The resolver relays this response to your browser, which then connects to the website
using the IP address.

Message Types & Protocols

Types: Queries (0) and Replies (1).
Protocols: Most often UDP for speed, but TCP is used for larger messages (like zone transfers).
 DDNS?
Dynamic DNS (DDNS) automatically updates DNS records to map a domain name to a changing
(dynamic) IP address, solving the problem of frequent IP changes from ISPs, allowing consistent
remote access to home servers, security cameras, or gaming setups using a memorable hostname
instead of a fluctuating number. A DDNS client (often in your router) detects IP changes and tells the
DDNS service, which updates the DNS records, ensuring the domain name always points to the
correct device, enabling services like remote desktop, personal websites, or IP cameras to remain
accessible.

How it Works
1. Dynamic IP: Most home internet connections get dynamic IPs that change periodically.
2. DDNS Client: Software or router firmware detects the new IP address.
3. Update Request: The client sends the new IP and hostname to the DDNS provider.
4. DNS Update: The provider updates the DNS records, linking your hostname (e.g.,
[Link]) to the new IP.

Why it's Useful

Remote Access: Connect to your home network, NAS, or security cameras from anywhere.
Home Servers: Host websites or game servers without needing a costly static IP.
Cost-Effective: Avoid paying for static IPs from your ISP.
Key takeaway: DDNS bridges the gap between ever-changing home IPs and the need for a stable
domain name, keeping your online services reachable.
 SECURITY OF DNS
DNS security protects the Domain Name System from cyberattacks like phishing, malware, and data
theft by securing the process that translates domain names (like [Link]) into IP addresses, using
methods like DNSSEC for data integrity, DNS over HTTPS/TLS (DoH/DoT) for encryption, and filtering to
block malicious sites, preventing attackers from redirecting users to fake sites or disrupting services.

Why it's important:

Prevents Redirection: Stops attackers from sending users to fake banking sites or malware-infected
pages.
Data Protection: Secures confidential data from being intercepted or stolen during lookups.
Business Continuity: Protects against DDoS attacks and disruptions that can take down websites.

Key Security Measures:

DNSSEC (DNS Security Extensions): Uses digital signatures to authenticate DNS data, preventing
cache poisoning and forged responses.
DNS over HTTPS (DoH)/TLS (DoT): Encrypts DNS queries, preventing eavesdropping and tampering
with traffic.
DNS Filtering: Blocks access to known malicious domains, protecting users from malware and
phishing.
Rate Limiting & Monitoring: Thwarts DoS attacks and detects unusual traffic patterns.

In essence, DNS security adds layers of trust and privacy to the fundamental internet service, stopping
attacks at the very first step of connecting to a website.
MUCH OBLIGED
♡