DNS stands for Domain Name System. It helps correlating a user-friendly
name to IP address. If DNS was not present, we should be memorizing the IP
address of each host – which is impossible. DNS converts IP addresses to easy
to remember texts – which we call hostnames. When you type this text into a web
browser or if you try to send an e-mail, this request is relayed to a name
server which looks up for the IP address of the web server.
DNS is a hierarchical service. On the top of the hierarchy there
is the root domain or root name server. Root name servers are responsible for
responding a DNS request and sending it to the respective TLD server. Below the
root domain, top level domains (TLDs) such as .com and .gov are present. There are
two categories for TLDs: one of them is the country code label such as tr for
Turkey (called ccTLD) and the other one ise the generic TLD – which we can give
.com as an example.
Below the TLDs we have second level domains. These domains
contain private, corporate or institutional domains to access a web site; e.g.
google.com. Below the second level domains we have the sub domains; e.g.
shopping.google.com.
Figure 1 - Hierarchy
There are two types of DNS servers: authoritative and recursive often called internal and external DNS respectively. The authoritative server is the so called second-level domain containing the zones and resource records (which will be described later). The recursive name server, as the name implies, is the server querying the root servers, TLDs and second-level domain servers respectively to resolve the IP address of the requested domain.
Figure 2 - DNS Flow
1- PC queries the recursive server for the domain name www.google.com.
2- The recursive server asks the IP address for the .com TLD to the root server.
3- Root server responds to the recursive name server with the IP address of the .com TLD.
4- The recursive name server asks the IP address of the google.com authoritative name server to the .com TLD.
5- .com TLD returns with the IP address of the google.com authoritative name server.
6- The recursive server asks the IP address of the www.google.com.
7- The authoritative name server returns the IP address of the www.google.com to the recursive name server.
8- The recursive server sends the IP address of the www.google.com to the PC.
9- PC queries the IP address of the www.google.com.
Suppose that previously the PC queried the recursive name
server for the www.google.com. When the PC
or another PC queries this name server for the same domain name, it will return
the IP address from its cache. So it will skip steps from 2 through 7.
The authoritative name servers contain zones (e.g.
google.com). Zones contain the resource records (www or shoppping). The most
common type of resource records are:
A: Domain
name and associated IPv4 address.
AAA: Domain
name and associated IPv6 address.
SOA: Start
of zone authority. Contains the high-level domain name of this zone and
parameters controlling frequency of updates, Time to Live (TTL) values, and so
on.
CNAME: Allows a host
domain name to be given an alias name, usually to provide an easier-to-read
name.
MX: The
mail server for the domain.
NS: Authoritative
name server(s) for the domain.
PTR: Allows
a reverse lookup. Given an IP address, what is its associated domain name