What is DNS and How it Works? Ultimate Guide

FTC disclaimer: This post contains affiliate links and I will be compensated if you make a purchase after clicking on my link.

DNS (Domain Name System) is a technology used by most people without knowing they are using it.

Daily, you visit multiple websites, check email, or do video conferencing through applications like a browser, outlook, etc.

The most common in this is the domain name, and it is in a human-readable format.

The application like browser only interacts with the IP address, which is in a machine-readable format.

The Domain Name System (DNS) converts domain name (human-readable format) to an IP address (machine-readable format).

What is DNS?

The main purpose of The Domain Name System, in short DNS, is to translate the domain name, which is in a human-readable format, into an IP address, which is in a machine-readable format.

For instance, DigitalMediaGlobe.com is the domain name, and 172.67.134.28 is the IP address.

Moreover, DNS has similar names, including domain name system server, name server, DNS server, and nameserver.

Regardless of which name you choose, all refer to the same thing and the same process.

DNS follows a hierarchical naming structure of domain name, which is distributed in multiple networks.

Furthermore, the DNS system work is to search in multiple networks for the exact IP address corresponding to the domain name.

DNS Basics and Analogy

As we know, all devices (servers, computers, laptops, mobile devices) can connect and communicate in a network only when they have an IP address.

But, when you look for a website, you don’t have to type the IP address; instead, you type in a domain name like digitalmediaglobe.com in the browser.

Additionally, it is also difficult to remember the long IP address of any website or host.

So, the domain name came into existence. The domain names are simply names with extensions that are easy to remember and recognizable.

IP address basics

You can understand DNS better if you don’t have a basic understanding of IP address and domain names.

An IP address (Internet Protocol address version 4) consists of 32 bits in dotted-decimal format.

The IP address (IPv4) is divided into four parts; each part is 8-bits (1 byte or 1 octet) in decimal format.

32 bits IPv4 Address

For a better understanding of bits and byte, you can follow this tutorial.

Also, if you have confusion about the binary and decimal format, you can follow this guide.

The IP address act as an identifier in a network for all devices. It is one of the basic needs of any network device to communicate with another device.

A domain name is just a name given to the IP address in a human-readable format and can be easily understood and remembered.

For instance, a domain name like digitalmediaglobe.com is easy to locate and remember than its IP address.

But, devices don’t need a domain name to communicate in a network; instead, it only needs an IP address.

The IP addresses come in two versions: IPv4 and IPv6.

The IPv4 is the most common, and many devices are connected and using this version. For example, an IP address like 192.168.02 is in IPv4.

The IPv6 is the most advanced and up-graded of IPv4. It is in more complex form like 2002:CF00:20AB::89CE:D9AE.

DNS analogy

If you like to understand DNS, consider the DNS as an internet phonebook.

A phonebook or contact list in a smartphone saves a person’s name corresponding to a phone number. In this way, the phonebook or contact list keeps the record of the phone number.

Similarly, the DNS system manages the IP address in several servers corresponding to the domain name.

When users search for a website like digitalmediaglobe.com, the DNS will look for the corresponding IP address through which the browser can interact with the webserver.

DNS Brief History

You would be wondering how the DNS system came into existence.

The DNS system was introduced only because of the growing internet population and the failure of old methods.

Before, the internet was used on a small scale, and people could communicate using a specific IP address.

Previously, the system maintains a simple text file called a host file (Hosts.txt), which maps the hostname with the IP addresses.

The Hosts file was stored on an individual computer. It helps translate the hostname to an IP address when needed to communicate with other devices.

The sample of the Hosts file taken from Windows PC is as below.

hosts file from Windows OS

The location for the Hosts file in Windows PC is normally at C\windows\system32\drivers\etc.

But, the approach of maintaining a Hosts file became redundant as the network size increased.

The biggest drawback of hosts files are:

  • Takes considerable storage space on each computer.
  • It takes a long time to process because it is unstructured.
  • Managing an update of files on every computer is very difficult.

To overcome the limitation of the Hosts file, the DNS system was developed.

The DNS system essentially provides two features.

  • Organizing the naming of a domain name in the hierarchical structure
  • The developed system uses protocols and services to store, update, and retrieve hosts’ IP addresses (computers or servers).

Domain Naming Structure

Before we move on to how the DNS system works, it is important to know how the domain name is structured and formed.

A Fully Qualified Domain Name (FQDN) is the one that ensures that there would be no domain name conflicts.

The hierarchical naming structure of domain name is in inverted tree form, where the root is at the top of the structure followed by multiple levels of domains.

fqdn fully qualified domain name structure

The dot (.) represents the hierarchical structure’s starting point, which is followed by Top Level Domains (TLDs) like .com, .net, .gov, .org, .net, etc.

After Top Level Domains (TLD), there is a Second-Level Domain, which is owned by the organization or individual.

The Second-Level Domain can be any name, which reflects the purpose of an organization or individual. The example of a Second-Level Domain would be Google, Microsoft, Yourbusiness, etc.

The third-level domain is known as hostname. The hostname can be “WWW,” “mail.”

Now, to identify any host or computer on the network, you should have Fully Qualified Domain Names (FQDN).

The Fully Qualified Domain Names includes hostname (third-level domain), second-level domain, Top Level Domain (TLD), and root (dot (.)).

Moreover, the domain owner can create multiple subdomains, and a subdomain can have multiple hosts.

The subdomain would be

  • forum.digitalmediaglobe.com
  • sales.digitalmediaglobe.com.

Now, the subdomain with hostname would be

  • www.forum.digitalmediaglobe.com,
  • host1.forum.digitalmediaglobe.com.

You can read this complete detail and a guide on the domain name structure here.

How DNS works? Step by Step Tutorial

Here, we will go through how the DNS system works to resolve the domain name with its IP address.

The process to translate the domain name into its appropriate IP address is known as DNS Lookup.

The path of DNS Lookup starts from the browser, and it travels back to the browser.

Moreover, the DNS Lookup process is a complete process that takes several steps every time you generate a query for DNS lookup.

The DNS record is cached locally in your computer and cached remotely in the DNS infrastructure to minimize the process and time.

The below DNS lookup process depicts the complete process assuming nothing is cached.

how dns works DigitalMediaGlobe

Step 1: User generates a DNS query

When the user types in “example.com” into a web browser, we say it has generated its first query.

The first DNS query travels through the internet and is received by DNS recursive resolver.

What is DNS recursive resolver?

DNS recursive resolver, in short, is termed as a DNS recursor. Sometimes, it is also referred to as a recursive DNS resolver or recursive DNS server.

DNS recursive resolver is a server designed to receive first DNS queries from the client machine through an application such as a web browser.

It is an integral part of DNS infrastructure located in different locations and serves the DNS query.

The recursor can be considered as Librarian. When the librarian is asked for a particular book, it will look for a book in a library.

Similarly, DNS recursive resolver accepts the recursive request generated from the client and looks for the DNS record.

For the DNS record, the recursive DNS resolver has to make multiple other requests to reach the authoritative DNS nameserver, the last place for the lookup.

Moreover, the recursive resolver server is operated by your ISP or other third-party providers.

What is the Authoritative DNS server?

The Authoritative DNS server is the actual place where you will find the DNS record.

The DNS resource record contains all necessary information needed to map the domain name with its IP address.

Step 2: Look for DNS root nameserver

In this step, the DNS recursive resolver, which has received a query from the client, will further generate queries to reach the DNS root nameserver.

What is a DNS root nameserver?

The DNS root nameserver is the first step in translating domain names into IP addresses.

The root nameserver is denoted as the dot (.). In the domain naming structure, the root is the starting point of the hierarchical structure.

You can think of an index in a library, which refers to a particular rack in a library containing the asked book.

 Step 3: Reach to TLD nameserver.

After the Root nameserver received a query from the DNS resolver, it will refer to Top Level Domain (TLD) nameserver.

The Top Level Domain (TLD) nameserver stores the domain information.

For instance, in example.com, the .com is the Top Level Domain (TLD).

The TLD nameserver is the second stage for the translation of domain name into IP address.

It can be considered as the specific rack in the library that contains the desired book.

The TLD nameserver’s work responds with the IP address of the domain’s nameserver to the recursive resolver.

The domain nameserver is also called as Authoritative Nameserver, which contains the IP address of the Fully Qualified Domain Name (FQDN).

Step 4: Lastly, at Authoritative Nameserver or Domain Nameserver

The DNS recursive resolver, which has received an IP address of domain nameserver from the TLD server, will again send a query to the domain nameserver.

The domain nameserver (Authoritative Nameserver) will respond with example.com’s IP address to the recursive resolver.

The DNS recursive resolver will respond with the IP address of the domain name requested in the first place from the web browser.

This is the end of the DNS query to resolve an IP address of the domain name.

The browser receives the IP address, which now sends an HTTP or HTTPS request to the respective server.

The web server will respond with a requested web page or web resources to the browser.

How DNS works

What are the types of DNS Queries?

The DNS lookup process takes place by combining three different types of DNS queries.

All three types of DNS queries are used to optimize the DNS resolution process by reducing the time and distance traveled.

The three types of DNS Queries are:

Recursive Query

The DNS client sends a query to resolve the domain name with its relevant IP address in a recursive query.

In this process, the DNS recursive resolver either responds with a relevant resource record or sends an error message if it can’t be found.

The DNS query process starts from the DNS root server, and it goes until it finds the Authoritative Nameserver.

Iterative Query

The DNS client sends a DNS query in an iterative query and expects the DNS resolver to respond with the best answer.

If the DNS resolver has already cached the DNS records, then it returns the relevant information.

If it doesn’t have cached DNS records, it refers to the DNS client to the Root server or another nearest Authoritative Name Server belonging to the required DNS zone.

Now, the DNS client sends the DNS query directly to the referred address.

Non-Recursive Query

In Non-Recursive Query, the DNS resolver already knows the correct answer.

It will immediately respond to the DNS query with a DNS record, already available in the DNS cache, or send queries directly to DNS nameserver, containing all DNS records.

There is no need for an additional round of queries (like in recursive or iterative queries) because it holds the correct IP address.

dns cache

What is DNS Caching? Where can the DNS Cache be stored?

DNS Caching stores the information to the nearest location from where it is retrieved by the client resulting in improve performance and time.

The main purpose of DNS Caching is to minimize the DNS lookup, improve the loading time, and reduce the bandwidth/CPU consumption.

The DNS resolver will retrieve the DNS record from the nearest location before it goes through the DNS Lookup chain.

So, what are the possible location where the DNS Cache can be stored?

Also, the DNS Cache is stored for a limited period of time, which depends on TTL (Time to Live).

The Time to Live (TTL) determines the amount of time data can be stored in a particular location.

Let’s look into a different location where the DNS Cache can be stored.

Browser DNS caching

The Browser DNS Caching is the first place where the DNS record can store.

And, it is one of the nearest locations where the DNS resolver can retrieve the data.

All the modern browsers facilitate DNS caching, set as default to cache DNS records for a set period of time.

For instance, in the Chrome browser, you can look for DNS Cache by going through chrome://net-internals/#dns.

Operating System (OS) DNS Caching

Operating System DNS Caching is the second location for DNS Caching in the client machine.

The DNS query inside the operating system was handled by the DNS component, commonly known as ” DNS Stub resolver,” commonly referred to as “DNS client.”

DNS Stub resolver is accessed by the application program while using the DNS query.

If the DNS record were not found in the OS DNS Cache, it will leave the machine and look for a DNS recursive resolver inside the ISP (Internet Service Provider).

Recursive resolver DNS caching.

The Recursive resolver DNS caching take place differently, and it has some additional functionality compared to other caching methods.

The recursive resolver receives a DNS query, and it starts to look for the DNS record already cached.

The lookup process takes place from bottom to top, which means that it starts to look for the exact IP address, if available, corresponding to the domain name.

The exact IP address is available in “A records.” If the DNS cache does not have “A records,” then it will look for “NS records” (Nameserver records) from the authoritative nameservers.

It will send DNS query directly to an authoritative nameserver, skipping the DNS lookup steps, starting from the root.

If there are no NS records, then it will send a query directly to the TLD server, skipping the root server.

If it does not contain any TLD server record in an unlikely condition, it will send a query to the root server.

Conclusion

In a nutshell, the Domain Name System (DNS) has made the Internet simpler to use.

Understanding the Domain Name System (DNS) and its design, architecture, and a working mechanism will help you figure out what goes on behind the scene.

The DNS system’s working process involves multiple steps from the query generated from the DNS client.

The Recursive DNS resolver will process the DNS query starting from the root until it reaches the Authoritative Nameserver, which contains the IP address.

The DNS query is of multiple types whose ultimate goal is to optimize the process.

Wrapping up, DNS caching plays a vital role in improving the performance and cutting down the distance it travels to resolve the query.