DNS Server and Query Types Explained

A DNS service resolves names into IP addresses. Resolving names into IP addresses requires resource records. A resource record maps a name with the IP address. Zone files save resource records. A zone file saves resource records of a specific portion of the network. In DNS terminology, this particular portion is a domain. A network may contain many domains. For example, the Internet, the largest ever-created network, has millions of domains. These domains use millions of zone files. If we save all zone files on a single server, the server will crash or take a considerable time to resolve each name. Let's understand it through the example.

Billions of devices are connected to the Internet and use DNS service for name resolution. If it has only one DNS server containing all zone files, it will receive name-resolution queries from all hosts. It will receive billions of name resolution queries per second. To answer each query, it must check millions of zone files. No matter how powerful a server you use in this situation, it will crash or hang in a minute.

All services that access network resources using names use the DNS service to translate names into IP addresses. If it works slowly, the network fails. To deal with this situation, administrators use distribution and delegation techniques. In these techniques, instead of saving all zone files on one server, they save (distribute) them on multiple servers in a hierarchy and make them responsible (delegate) for resolving queries that are related to the zone files they have.

The server on which you run the DNS service is called a DNS or name server. Based on the DNS service configuration, you can classify it into seven types. These types are the caching-only DNS server, forwarding DNS server, primary authoritative-only DNS server, secondary authoritative-only DNS server, public DNS server, and private DNS server.

To understand the meanings and functions of these servers, we need to understand the meanings of some terms that are closely related to the functionalities of these servers. These terms are end devices, name resolution, resolver system, and DNS queries.

End devices

An end device is a device that wants to know the IP address of a name.

Name resolution

Name resolution is a process by which an end device knows or translates a name into an IP address.

Resolver system

A resolver system accepts recursive queries from end devices, resolves them, and answers the requester systems.

DNS queries

There are two types of DNS queries: recursive and non-recursive.

In a recursive query, the request sender device asks the receiver device to resolve a name on its behalf. Usually, administrators use it to transfer the workload of the name resolution process from the sender device to the receiver device. End devices use this query to request the resolver system to translate names on their behalf.

In a non-recursive query, the request sender device asks the request receiver device to translate a name or provide information about the device that can translate it. If the request receiver device knows the IP address of the requested name, it translates the name. If it does not know the IP address of the requested name, it replies with a referral.

A referral is a list of DNS servers the requester system can further use to resolve the name. Resolver systems send non-recursive queries to DNS servers to resolve names. The following image shows an example of non-recursive queries.

Caching-only DNS server

A caching-only DNS server is a resolver system. It does not store zone files. It only stores information about the DNS servers it can use to resolve names. It accepts recursive requests from clients, contacts all configured DNS servers using non-recursive queries in a sequence until it gets the answer to each request, stores the answer in the cache, and replies to the requester clients.

When it receives a request from a client, it first tries to resolve that request from the cache. If it fails to resolve the name, it contacts the configured DNS server to resolve that name. It stores the answer from each DNS server in the cache for further use.

Since it stores answers in the cache and uses them to resolve names, it is called a caching-only DNS server.

Forwarding DNS server

A forwarding DNS server is also a caching-only server. However, it does not resolve queries. It forwards them to the next caching-only server in the hierarchy. The caching-only server resolves DNS queries and replies to the forwarding DNS server. The forwarding DNS server caches the result and replies to requester systems. Administrators deploy a forwarding DNS server to increase the speed of the name resolution process.

Let us take an example.

Suppose a company has its main office in the USA and a branch office in Japan. It uses a single caching-only DNS server for both offices. The caching-only server is in the USA office. With this setup, due to the physical distance, computers in the Japan office need more time to resolve DNS queries than in the USA office. Since they spent more time resolving names, they work slower than the computers in the USA office.

The company can use a forwarding DNS server at the Japan office to improve the speed. Since a forwarding DNS server only saves the answers it receives from the caching-only DNS server and does not actively communicate with DNS servers to translate the name, it needs minimal hardware resources. The company can use any spare or unused system for it.

After this setup, computers in the Japan office do not need to communicate with the caching-only DNS server located in the USA. They send recursive queries to the forwarding DNS server. The forwarding DNS server forwards them to the caching-only DNS server. The caching-only DNS server resolves queries and replies to the forwarding DNS server. The forwarding DNS server saves answers in the cache. It uses that cache to resolve further queries. It reduces the time the Japan office's computers need to resolve queries.

Differences between a forwarding DNS server and a caching-only DNS server

• A caching-only DNS server resolves queries, while a forwarding DNS server does not resolve queries.
• In the name resolution process, a caching-only DNS server performs two tasks: resolving queries and caching the result, while a forwarding DNS performs only one task: caching the result.
• A forwarding DNS server does not resolve queries. It forwards them to the caching-only DNS server. A caching-only server resolves queries. It does not forward them to the next DSN server.
• A forwarding DNS server uses only recursive queries. A caching-only DSN server uses both recursive and non-recursive queries.

Similarities between a forwarding DNS server and a caching-only DNS server

• Both accept recursive queries.
• Both do not save any zone files.
• Both cache the results.

Authoritative-only DNS server

An authoritative-only DNS server performs the following tasks.

• It saves zone files for domains.
• It saves a list of referral DNS servers.
• It accepts non-recursive queries.
• For each request, it checks zone files.
  
  • If the requested information is in the zone files, it transfers that to the requester.
  • If not, it checks the referral list.
    
    • If the referral list contains the IP addresses of one or more DNS servers, it provides that list to the requester. The requester can contact them to resolve the query.
    • If the referral list is empty, it sends an error message to the requester indicating that the requested information does not exist on this server.

A requester can receive three types of responses to its query from an authoritative DNS server. These types are the answer to the query, referral to the next-level DNS servers, and an error.

• If the authoritative DNS server has the requested information in its zone files, it receives the answer to the query.
• If the authoritative DNS server does not have the requested information in its zone files but has addresses of the next-level authoritative servers in the referral list, it receives that referral list.
• If the authoritative DNS server does not have the requested information in its zone files and has no address in the referral list, it receives a 'requested information not found' error.

Characteristics and advantages of an authoritative-only DNS server

• It does not accept recursive queries. It accepts only non-recursive queries.
• It uses locally stored zone files to answer non-recursive queries.
• If the requested information is in the zone files, it transfers that to the requester.
• If the requested information is not in the zone files, it provides the addresses of DNS servers configured in the referral list.
• If the requested information is not in the zone files and the referral list is empty, it provides a 'requested information not found' error.

Primary and secondary DNS servers

Authoritative-only DNS servers are critical for the network. They store zone files and referral links. If an authoritative server fails, all domains whose zone files and referral links are on it become inaccessible. Because of this, administrators always configure a backup server for each authoritative server.

If an administrator configures a backup server, the backup server is called the secondary or slave authoritative server. In that case, the first server is called the primary or master authoritative server.

Differences between primary and secondary DNS servers

Administrators create and configure zone files and referral addresses on only the primary authoritative server. The secondary authoritative server copies them from the primary authoritative server.

Only the primary server answers the queries. The secondary server remains ideal till the primary server is up. If the primary server fails, the secondary server acts as the primary server until the primary server comes up.

Similarities between primary and secondary DNS servers

• Both servers use identical zone files.
• Both servers use the same referral link configurations.
• Both servers resolve queries for the same domain.

Public and private DNS servers

A company uses a private DNS server to hide its internal hosts' names and IP addresses from external users. A private DNS server is open only for the company's devices. It accepts queries only from internal devices. External devices cannot access it.

If the company wants to reveal some hostnames and IP addresses, it can put them on a public DNS server. A public DNS server is open for all. Any device can send queries and receive information from these servers.

Usually, companies use both public and private DNS servers. It uses a public DNS server for hosts that run services accessed by external users, such as a web service. It uses a private DNS server for internal hosts.