Computer networks use a unique IP address for every endpoint. If you want to access a resource available on a computer network, you need to know its IP address. IP addresses are made of numbers. Instead of numbers, humans prefer names to refer to things. Names are easier to remember and use.
The DNS service allows you to map a descriptive name with the IP address of a resource. After mapping, you can access resources using their names. When you access a resource using its name, the DNS service translates the resource's name into the IP address.
Your system does not use the DNS service directly. It uses the DNS service through the resolver service. By default, the resolver service is available on all operating systems. Operating systems use it to translate names.
When you access a network resource using its name, the application you use to access the resource requests the resolver service to translate the name into the IP address.
The resolver service checks all configured sources in a sequence until it finds the IP address associated with the name. Once it finds the IP address associated with the name, it shares the IP address with the requester application and does not check the next source in the sequence.
The process of translating a name into an IP address is called name resolution. For name resolution, it uses three sources in the sequence. These sources are cache, hosts file, and DNS service.
When the resolver service resolves a name, it saves a copy of the translation in the cache. Next time, when it receives a request for the same name, it answers the query from the cache.
If the requested name is not available in the cache, the resolver service checks the hosts file. All operating systems include a file called hosts. You can use this file to map IP addresses and names. By default, this file has entries only for the local system.
If you have a small network, you can use this file to map names with IP addresses. The resolver service always checks this file before using the DNS service. Because of this, you can also use this file to map the names you do not want to be resolved by the DNS service.
If this file does not have an entry for a name, the resolver service checks the configuration files to know the IP address of the system that provides the DNS service.
Different operating systems save the IP address of the system that provides the DNS service in a different location. For example, Linux saves it in the /etc/resolv.conf file while Windows saves it in the attached network card's configuration file.
Although you can install and run the DNS service on the local system, it is rare and only used in a lab environment for learning and troubleshooting.
In the real world, the DNS service is installed and run on a dedicated computer. The system that provides the DNS service is called the DNS server. The system that accesses the DNS service from the DNS server is called the DNS client.
Based on network size and requirements, administrators may deploy multiple DNS servers. On DNS clients they can configure the DNS servers' IP addresses they want DNS clients to use.
DNS terminology
DNS is a complex service. To understand how DNS works, we need to understand the DNS terminology. DNS terminology defines the terms DNS uses for its operation.
Let us understand these terms in detail.
Resources
A resource is an endpoint on a network. It can be a computer, a mobile, a printer, or any other device connected to the network and can be accessed through the network.
IP addresses
An IP address is a unique numeric address of the resource. Resources use IP addresses to identify each other on the network. Two end devices can communicate and transfer data only if they know the IP addresses of each other.
Domain Name System (DNS)
IP addresses are made of numbers. Numbers are a bit difficult to remember and use. Domain Name System (DNS) is a service. It allows you to map IP addresses with descriptive names. Once this service is implemented, you can use names instead of IP addresses.
Resource records
DNS uses resource records to relate IP addresses with names. Each resource record maps an IP address with the name and defines the characteristics and properties associated with the name.
Zone files
DNS uses zone files to save resource records. Zone files are simple text files. In these files, resource records are saved in lines. A zone file saves data of a domain in the DNS database.
DNS Servers
The system on which you run the DNS service is called the DNS server.
Distribute and delegation of the DNS database
The DNS database is the collection of all zone files. Although administrators can save all zone files on a single DNS server, they save them on multiple servers for easy management and scalability.
For example, suppose a DNS database has millions of zone files. If you store this database on a single server, all network hosts will send their queries to this server. For each query, the server must check all records from all zone files to resolve the query. Because of this, the service takes a long time to reply to each query.
Besides this, if multiple administrators are responsible for managing the DNS database, they all update zone files on the same server. It makes management difficult.
To solve these problems, they split and distribute the DNS database on multiple DNS servers. Each DNS server stores zone files only for a portion of the database and replies only to queries that belong to that portion. This process is called the distribution and delegation of the DNS database. It reduces the load from DNS servers and increases the network performance and speed.
DNS database hierarchy
To distribute and delegate the database, DNS uses a hierarchical structure. It uses a dot to separate two levels in the structure. In the DNS database, the rightmost part of a name represents the highest level, and the leftmost part represents the lowest level in the hierarchy.
Names are written from left to right but processed from right to left. Let's take an example. In the name www.google.com, the lowest level is www, and the highest level is com. We read this name as www.google.com, but DNS processes this name as com.google.www.
DNS uses this approach to distribute and delegate records in the hierarchy. It makes a group of all records that belong to the same level name and stores them on a separate server. If multiple levels are used in the name, the name is stored on the server that belongs to the lowest level in the hierarchy. All servers that belong to upper levels in the hierarchy save only the information they need to tell where the actual record is saved.
Let us take an example to understand it.
Suppose we want to build and organize the animals database. For this, we can keep the name animals at the top of the hierarchy. We can divide animals into two types: land animals and water animals. So, we can create two levels land and water just below the top level. We can further divide land animals into two types: wild and domestic. For this, we can create two sub-levels and place them under the land level. We can further extend the domestic level to two types: farm animals and pet animals. Under these levels, we can add animal names.
The following image shows this hierarchy.
In this database, the cat's name will be written as cat.pet.domestic.land.animals. This name will be saved on the pet server. All up servers (domestic, land, and animals) will only save a reference to the pet level in the hierarchy.
Each server stores store only a portion of the database. It stores information only about its child server. Since each server stores information about its child server, a requested name can be easily found if the search starts from the top-level server.
Let's understand it through our example.
Suppose we want to search the record that is associated with the name cat.pet.domestic.land.animals.
For this, we will start searching from the top-level server. As I mentioned earlier, the rightmost part of the name belongs to the top level. In this name, the rightmost part is the animals. So, we will start searching for the name from the animals server. The animals sever has no information about the requested name but it knows the next level in the search path. So, it will send us to the land server. By following the same way, the land server will send us to the domestic server. Again the domestic server will send us to the pet server. The pet server has the record for the name cat, so it will tell the information associated with this name.
This way, a server only needs to store information about its child server. No matter how deep a name's record is written, you can easily find it if the database is organized in a proper hierarchy.
With a minor difference, DNS follows the same approach to organizing its database. DNS uses a null character to define the highest level. If we convert our example database into a DNS database, it will look like the following figure.
DNS uses many terms to describe things in its database. We have already discussed most of them. Let's understand the remaining terms with this example data.
Node
A node is a system. It can be an endpoint, a server, or any other computer or device that needs and uses the name. In our animals database cat, dog, horse, cow, farm, pet, wild, domestic, land, water, and animals are examples of nodes. If we want to access a node by its name, we must create a resource record for it in the DNS database. The resource record includes the node name and IP address.
Host
A host is a node that hosts and runs a service. A host can also get its name from the service it runs. For example, if a host runs a web service, it is called the web server. If a host runs the DNS service, it is called the DNS server or name server. A name server runs a DNS service and provides answers to DNS queries. In our example farm, pet, wild, domestic, land, water, animals, and root (null label) are examples of name servers.
DNS query
A DNS query is a query the resolver system sends DNS servers to know the name or IP address of a resource.
Resolver system
A resolver system is a system that communicates with DNS servers through DNS queries to resolve names or IP addresses.
Domain
A domain is a group of nodes that use the same identification label.
Identification label
An Identification label is the name of a level in the hierarchy. There are some rules for it.
- It can be up to 63 characters in length.
- If you want to create two domains on the same level, you can't use the same name for them. You must have to choose a unique name for each domain on the same level.
- It can't be a null character. A null character is reserved for the root domain.
Subdomains
You can create multiple levels of domains. If a domain is a child of another domain, it is called a subdomain.
Root domain
DNS starts its hierarchy from the root domain. To represent a root domain, it uses a null label. The root domain is the topmost server in the hierarchy. You cannot create a domain above it. In other words, it is the only domain that does not has a parent domain. Besides this domain, all other domains have a parent domain.
Domain name
A domain name is the name of a node with the name of its parent domain. If a node uses its name without its parent domain name, it is called a hostname. If a node uses its name with its parent's domain name, it is called a relative domain name. If a node uses its name with all domain names in the hierarchy till the root domain, it is called a fully qualified domain name (FQDN).
Since the root domain uses a null character for its name, a node's fully qualified domain name always ends with a dot.
Domain namespace
A domain name space is a complete structure of a DNS database. It includes all paths to the root domain. A path includes all levels starting from the lowest level to the topmost.
DNS on the Internet
The Internet uses the same hierarchy for the DNS database. It starts from root domains and places all subsequent domains under them. There are 13 root domains. For these root domains, there are 13 name servers known as root name servers. These root name servers use static IP addresses that never change. By default, resolver systems know about these IP addresses. These IP addresses are statically added or mentioned in configuration files resolver systems use.
When an end device sends a name resolution query to the resolver system, it forwards that query to the nearest root name server and follows the referral to reach the name server that can resolve it.
Root name servers do not resolve queries. They provide a referral to top-level domains (TLDs). You can classify TLDs into two basic types: generic and country-specific. The com, edu, net, org, and mil are examples of generic TLDs. The us, ca, in, and ru are examples of country-specific TLDs.
Just like root name servers, TLDs name servers do not resolve queries. They provide a referral to second-level domains (SLDs). SLDs are available for public use. When you purchase a domain name, you purchase an SLD. You also need to configure a name server for your SLD. That name server will resolve queries for all resources available within the domain.
Let us understand it through an example. In the domain name example.com, the com is TLD and the example is SLD.
If a resolver wants to know the IP address of ftp.example.com, it sends the first query to the nearest root name server. The root name server provides a referral to the com name server. The com name server provides a referral to the example name server. The example name server provides the IP address associated with the name ftp.example.com.
