DNS Basic concepts, Fundamentals, and Terminology

Computer networks use a unique IP address for every endpoint. To access a network resource, you need its IP address. IP addresses are numbers separated by colons. Instead of numbers, humans prefer names to refer to things. Names are easier to remember and use. The DNS service allows you to map a descriptive name with the IP address of a resource. After mapping, you can access resources using their names. When you access a resource using its name, the DNS service translates the resource's name into the IP address.

Your system does not use the DNS service directly. It uses the DNS service through the resolver service. By default, the resolver service is available on all operating systems. Operating systems use it to translate names. When you access a network resource using its name, the application you use to access the resource requests the resolver service to translate the name into the IP address. The resolver service checks all configured sources in a sequence until it finds the IP address associated with the name. Once it finds the IP address associated with the name, it shares the IP address with the requester application and does not check the upcoming source in the sequence.

Translating a name into an IP address is called name resolution. It uses three sources in the sequence. These sources are cache, hosts file, and DNS service. When the resolver service resolves a name, it saves a copy of the translation in the cache. Next time, when it receives a request for the same name, it answers the query from the cache.

If the cache has no entry for the requested name, it checks the hosts file. All operating systems include a file called hosts. You can use this file to map IP addresses and names. By default, this file has entries only for the local system. You can use this file to map names with IP addresses on a small network. The resolver service checks this file before using the DNS service. Because of this, you can also use this file to map the names you do not want to be resolved by the DNS service. If this file does not have an entry for a name, the resolver service checks the configuration files to know the IP address of the system that provides the DNS service.

Different operating systems save the IP address of the system that provides the DNS service in a different location. For example, Linux saves it in the /etc/resolv.conf file while Windows saves it in the attached network card's configuration file.

Although you can install and run the DNS service on the local system, it is rare and only used in a lab environment for learning and troubleshooting. In the real world, the DNS service is installed and run on a dedicated computer. The system that provides the DNS service is called the DNS server. The system that accesses the DNS service from the DNS server is called the DNS client. Based on network size and requirements, administrators may deploy multiple DNS servers. On DNS clients, they can configure the DNS servers' IP addresses they want DNS clients to use.

DNS terminology

DNS is a complex service. To understand how DNS works, we need to understand the DNS terminology. DNS terminology defines the terms DNS uses for its operation. Let us understand these terms in detail.

Resources

A resource is an endpoint on a network. It can be a computer, a mobile, a printer, or any other device connected to the network.

IP addresses

An IP address is a unique numeric address of the resource. Resources use IP addresses to identify each other on the network. Two end devices can communicate and transfer data only if they know each other's IP address.

Domain Name System (DNS)

Domain Name System (DNS) is a service you use to map IP addresses with descriptive names. After implementing it, you can use names instead of IP addresses.

Resource records

DNS uses resource records to relate IP addresses with names. Each resource record maps an IP address with the name and defines the characteristics and properties associated with the name.

Zone files

DNS uses zone files to save resource records. Zone files are simple text files. These files save resource records in lines. A zone file saves data of a domain in the DNS database.

DNS Servers

A DNS server is a system on which you run the DNS service.

Distribution and delegation of the DNS database

The DNS database is the collection of all zone files. Although administrators can save all zone files on a single DNS server, they save them on multiple servers for easy management and scalability.

For example, suppose a DNS database has millions of zone files. If you store this database on a single server, all network hosts will send their queries to this server. For each query, the server must check all records from all zone files to resolve the query. Because of this, the service takes a long time to reply to each query. Besides this, if multiple administrators are responsible for managing the DNS database, they all update zone files on the same server. It makes management difficult.

To solve these problems, they split and distribute the DNS database on multiple DNS servers. Each DNS server stores zone files only for a portion of the database and replies only to queries that belong to that portion. This process is called the distribution and delegation of the DNS database. It reduces the load from DNS servers and increases the network performance and speed.

DNS database hierarchy

DNS uses a hierarchical structure to distribute and delegate the database. It uses a dot to separate two levels in the structure. In the DNS database, the rightmost part of a name represents the highest level, and the leftmost part represents the lowest level in the hierarchy. Names are written from left to right but processed from right to left. Let's take an example. In the name www.google.com, the lowest level is www, and the highest is com. We read this name as www.google.com, but DNS processes this name as com.google.www.

DNS uses this approach to distribute and delegate records in the hierarchy. It makes a group of all names that belong to the same level and stores them on a separate server. If a name contains multiple levels, it saves the name on the server that belongs to the lowest level in the hierarchy. It saves only the information that tells where the record exists on all upper-level servers.

Let us take an example to understand it.

Suppose we want to build and organize the animal's database. For this, we can use the name animals at the top of the hierarchy. We can divide animals into two types: land animals and water animals. We can create two levels: land and water below the top level. We can further divide land animals into two types: wild and domestic. We can make two sub-levels and place them under the land level. We can further extend the domestic level to two variations: farm animals and pet animals. Under these levels, we can add animal names.

The following image shows this hierarchy.

The following is an example resource record in this database.

cat.pet.domestic.land.animals.

The pet server will save this name. All upper servers (domestic, land, and animals) will only save a reference to the pet level in the hierarchy. Each server stores only a portion of the database. It stores information only about its child server. Since each server stores information about its child server, a requested name can be easily found if the search starts from the top-level server.

Let's understand it through our example.

Suppose we want to find the records associated with the domain name cat.pet.domestic.land.animals.

For this, we will start searching from the top-level server. As I mentioned earlier, the rightmost part of the name belongs to the top level. In this name, the rightmost part is the animals. So, we will start searching for the name from the animals server. The animals sever has no information about the requested name. However, it knows the next level in the search path. So, it will send us to the land server. By following the same way, the land server will send us to the domestic server. Again, the domestic server will send us to the pet server. The pet server has the record for the name cat. It will tell the information associated with this name.

This way, a server only needs to store information about its child server. No matter how deep a name's record is, you can easily find it if the database follows the proper hierarchy.

With a minor difference, DNS follows the same approach to organizing its database. DNS uses a null character to define the highest level. If we convert our example database into a DNS database, it resembles the following figure.

DNS uses many terms to describe things in its database. We have already discussed most of them. Let's understand the remaining terms with this example data.

Node

A node is a system. It can be an endpoint, a server, or any other computer or device that needs and uses the name. In our example database, cat, dog, horse, cow, farm, pet, wild, domestic, land, water, and animals are examples of nodes. To access a node by its name, we must create a resource record for the node in the DNS database. The resource record includes the node name and IP address.

Host

A host is a node that hosts and runs a service. A host can also get its name from the service it runs. For example, if a host runs a web service, it is called the web server. If a host runs the DNS service, it is called the DNS server or name server. A name server runs a DNS service and provides answers to DNS queries. In this example, farm, pet, wild, domestic, land, water, animals, and root (null label) are examples of name servers.

DNS query

A DNS query is a query the resolver system sends DNS servers to know the resource's name or IP address.

Resolver system

A resolver system is a system that communicates with DNS servers through DNS queries to resolve names or IP addresses.

Domain

A domain is a group of nodes that use the same identification label.

Identification label

An Identification label is the name of a level in the hierarchy. There are some rules for it.

• It can be up to 63 characters in length.
• Two domains cannot use the same name on the same level. You must select a unique name for each domain on the same level. If you want to create two domains on the same level, use different names for both.
• You cannot use a null character. The DNS system reserves it for the root domain.

Subdomains

You can create multiple levels of domains. If a domain is a child of another domain, it is called a subdomain.

Root domain

DNS starts its hierarchy from the root domain. To represent a root domain, it uses a null label. The root domain is the topmost server in the hierarchy. You cannot create a domain above it. In other words, it is the only domain that does not have a parent domain. Besides this domain, all other domains have a parent domain.

Domain name

A domain name is the name of a node that includes the name of its parent domain. If a node uses its name without its parent domain name, it is called a hostname. If a node uses its name with its parent's domain name, it is called a relative domain name. If a node uses its name with all domain names in the hierarchy till the root domain, it is called a fully qualified domain name (FQDN).

Since the root domain uses a null character for its name, a node's fully qualified domain name always ends with a dot.

Domain namespace

A domain name space is a complete structure of a DNS database. It includes all the levels from the lowest level to the highest level. It starts from the lowest and goes up to the topmost level.

DNS on the Internet

The Internet uses the same hierarchy for the DNS database. It starts from root domains and places all subsequent domains under them. There are 13 root domains. For these root domains, there are 13 name servers known as root name servers. These root name servers use static IP addresses that never change. By default, resolver systems know about these IP addresses. These IP addresses are statically added or mentioned in configuration files the resolver systems use.

When an end device sends a name resolution query to the resolver system, it forwards that query to the nearest root name server and follows the referral to reach the name server that can resolve it.

Root name servers do not resolve queries. They provide a referral to top-level domains (TLDs). You can classify TLDs into two basic types: generic and country-specific. The com, edu, net, org, and mil are examples of generic TLDs. The examples of country-specific TLDs are us, ca, in, and br.

Just like root name servers, TLDs name servers do not resolve queries. They provide a referral to second-level domains (SLDs). SLDs are available for public use. When you purchase a domain name, you buy an SLD. You also need to configure a name server for your SLD. That name server will resolve queries for all resources available within the domain.

Let us understand it through an example. In the domain name example.com, the com is TLD, and the example is SLD.

If a resolver wants to know the IP address of ftp.example.com, it sends the first query to the nearest root name server. The root name server provides a referral to the com name server. The com name server provides a referral to the example name server. The example name server provides the IP address associated with the name ftp.example.com.

Conclusion

The DNS service translates names into IP addresses and vice versa on a computer network. In this tutorial, we discussed and learned its basic concepts, terminologies, and fundamentals.