Want to learn more about DNS and domain names? You’ve come to the right place. 🙂 In this article, we’ll explain what DNS exactly is, through a simple DNS lookup example. If you are more interested to find out about domain names in general, then you should read this article to find out about that.
What is DNS and what is a DNS Server
All the computers in the world (smartphones, notebooks, servers etc) are communicating with one another using numbers. These numbers are functionally similar to telephone numbers and are known as IP addresses. You would be right in thinking: “I’m not typing any numbers online!”. That is thanks to DNS.
Domain Name System or DNS is a central part of the Internet. We use it to translate numbers that computers understand like 22.214.171.124 (IPv4) or newer IP addresses such as 2001:0db8:85a3:0000:0000:8a2e:0370:7334 (IPv6) to something we can read, for example, domain.me. 😀 This translation is called a DNS lookup.
We now know what a DNS system is built to do. But how does it do it exactly? A cursory search online would tell you it uses something called a DNS server. This is not completely true, as there is not just one type, but several types of servers that help us perform a DNS lookup. These are:
- DNS resolver (recursive resolver)
- Root nameserver
- TLD nameserver
- Authoritative nameserver
We’ll find out more about all of these in the next two sections.
How a DNS lookup actually works
Step 1: Client contacts the DNS resolver
When you type a website address in your browser (let’s say example.me), your browser sends a query over the Internet to find the website you are looking for. The first server your query reaches is a DNS recursive resolver. DNS resolver is the only server your device contacts directly, as it does most of the remaining process for you. DNS resolvers are usually operated by your ISP (Internet service provider) or your wireless carrier. There are of course third-party providers like Google and OpenDNS.
Step 2: DNS resolver queries a DNS root nameserver
The recursive resolver passes your query to a Root nameserver. Root nameservers are servers operating all around the world, and they hold information about Top Level Domains or TLDs like .me, .com, .org etc. So in our case, a root server will give the DNS resolver information about where we can look for .me domains.
Step 3: DNS resolver queries a TLD nameserver
Our recursive resolver now knows who is responsible for our .ME TLD. That is some .ME TLD nameserver that holds the information for all domains that are under the .me extension. It asks that TLD server for a nameserver responsible for the searched domain name (example.me), and it gets an answer.
Step 4: DNS resolver queries the Authoritative nameserver
Almost done! The Authoritative nameserver holds the IP address we’ve been looking for all this time. These nameservers are often managed by hosting companies that are hosting the site we are looking for. Now the authoritative name servers send the IP address back to the DNS resolver.
Step 5: DNS resolver passes the IP address to the client
When the DNS resolver finally gets the IP address of the website example.com, it sends it (126.96.36.199 for example) to our browser and the webpage loads.
Recount of DNS lookup
As we have seen, when we try to load a webpage there are multiple servers that are trying to help us.
- DNS recursive resolver. A server that is often managed by our ISPs, wireless carriers or third-party providers like Google, OpenDNS, and Cloudflare with its new service. The user usually has to set up a computer to use a third-party provider. The client asks this server for the IP address. This server does not hold the IP address so it has to ask other servers. When it gets an answer, the client gets the IP address of the site (or an error if the address could not be found).
- Root nameserver. These nameservers hold information about TLDs. They know where to look for information on sites that are under some TLD as .me, .com, .org etc. There are 13 sets of these root servers. They are called “A Root”, “B Root”, all the way to “M Root”. These name servers are all operated by different operators like Verisign, Cogent Communications, Netnod, University of Maryland etc.
- TLD nameserver. These nameservers hold the information about servers that hold specific domain name information or Authoritative nameservers. These are often called NS records. There are multiple companies and organizations that operate these nameservers. For example Afilias (for .me, .org etc) and Verisign (for .com, .net etc)
- Authoritative nameserver. This server holds the records for specific domain names. Like IP addresses and more. This type of nameserver is often run by hosting companies holding the websites themselves or by domain registrars.
You may think this is a whole lot of work just to get to a website. And you would be right in thinking that, so read on…
You can see that the process of getting to a website is relatively complicated. As there is really no way to make it simpler, Internet engineers devised a way to make it faster and more scalable: caching queries. Caching is basically saving the results of a query so we don’t have to ask for the same information for some time. In DNS that time is often called time-to-live or TTL.
So where does caching occur in this process?
- Browser DNS caching. When our web browser asks for a record, it stores the result so it would not have to do it again for a set amount of time. In that way it makes our browsing a bit faster.
- Operating system DNS caching. Our browser (or any other application as an email client for example) contacts a DNS resolver through our operating system. The operating system saves the results of queries for some time, and if another app asks for the same information, if it is cached, it will provide the cached info instead of contacting the DNS resolver and starting the process described above.
- DNS resolver caching. DNS resolver does most of the work, it’s only logical that it caches most of it, so it would not have to ask as many questions to the other servers. As there are multiple types of records, DNS resolver can get a bit smart about caching: If the resolver does not have an A record (IP address of the website), but there is a cached NS record for the Authoritative nameserver. In this case, the DNS resolver will skip the Root and TLD nameservers and directly contact the Authoritative nameserver
What we’ve explained so far in this article is how a DNS lookup works. More specifically, how a lookup for an A record goes. A record is one type of a DNS record that contains the IP address of a domain name. There are other types of records too. We’ll list some of the more common ones:
- A record: This record holds the IPv4 of the domain name.
- AAAA record: This record holds the IPv6 (just a newer type of an IP address) of the domain name.
- MX record: This record lists email exchange servers that are to be used with the domain.
- TXT record: A catch-all record. It is intended to provide textual information about the domain name to external services.
- CNAME record: Canonical name. Used to redirect one domain to another.
There are other types of records too. Although they are seldom used. You can find the full list here. The same DNS lookup process happens when a query is initiated for any of these records.
It’s important to understand that DNS is an indispensable part of the internet today and for years to come. The process of a DNS lookup is relatively complicated. As a user, you can only change the first step of this process. Namely, you can change your DNS resolver to a third party provider. Any of the three mentioned above are great options. If you are concerned about your privacy Cloudflare would be a great choice. As a website owner, you are able to choose your registrar or a hosting provider, and in doing so you will more often than not choose your Authoritative nameserver. Although even here you have third-party options, as Namecheap and Cloudflare which is more of a managed DNS service.