banszky.menThis site showcases my professional journey and expertise as a cloud and network engineer, now@bitziland virtual space.

DNS deep dive

What is DNS?

The Domain Name System (DNS) is essentially the phonebook of the internet. Humans access information online through domain names, like example.com or google.com. Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can load Internet resources.

Key Components of DNS

1.  Domain Names: These are human-readable names like www.example.com.
2.  IP Addresses: Numeric addresses like 192.0.2.1 or 2001:db8::1.
3.  DNS Servers: These are servers that translate domain names into IP addresses.

How DNS Works

1.  DNS Query: When you type a domain name in your browser, it starts a DNS query to find the IP address associated with that domain.
2.  Recursive Resolver: This is a DNS server that receives the query and acts on behalf of the client to complete it. It may query several other DNS servers to find the answer.
3.  Root DNS Servers: These servers are the first step in translating human-readable domain names into IP addresses. There are 13 sets of root servers worldwide.
4.  TLD (Top Level Domain) Servers: These servers manage the top level domains like .com, .net, .org, etc.
5.  Authoritative DNS Servers: These servers contain the actual DNS records for a domain and provide the definitive answer to DNS queries.

Types of DNS Records

1.  A Record (Address Record): Maps a domain to an IPv4 address.
2.  AAAA Record: Maps a domain to an IPv6 address.
3.  CNAME Record (Canonical Name Record): Maps a domain to another domain.
4.  MX Record (Mail Exchange Record): Specifies the mail servers responsible for receiving email on behalf of a domain.
5.  TXT Record: Used to hold arbitrary text, often for verification purposes.
6.  SRV Record (Service Record): Specifies information about services available in the domain.

DNS Query Process

1.   Step 1: User enters a domain name in the browser.
2.   Step 2: The browser sends a query to the recursive resolver.
3.   Step 3: If the resolver doesn’t have the answer cached, it queries a root server.
4.   Step 4: The root server responds with the address of a TLD server.
5.   Step 5: The resolver queries the TLD server.
6.   Step 6: The TLD server responds with the address of the authoritative server.
7.   Step 7: The resolver queries the authoritative server.
8.   Step 8: The authoritative server responds with the IP address of the domain.
9.   Step 9: The resolver returns the IP address to the browser.
10.  Step 10: The browser connects to the IP address and retrieves the website.

DNS Caching

To improve efficiency and reduce latency, DNS responses are cached at various levels:

1.  Browser Cache: The browser caches DNS responses for a short period.
2.  Operating System Cache: The OS also caches DNS responses.
3.  ISP Cache: Internet Service Providers (ISPs) cache DNS responses.
4.  Recursive Resolver Cache: The resolver caches responses for faster future queries.

Security Concerns

1.  DNS Spoofing (Cache Poisoning): An attack where false DNS responses are sent to a resolver, causing it to cache incorrect entries.
2.  DDoS Attacks: Attackers can overwhelm DNS servers with a flood of queries, causing them to crash or become slow.
3.  DNSSEC (DNS Security Extensions): Adds a layer of security by enabling DNS responses to be verified using digital signatures.

Conclusion

DNS is a crucial component of the internet, enabling user-friendly domain names to be mapped to machine-friendly IP addresses. Understanding its workings and the types of records involved helps in troubleshooting issues and securing DNS operations.