What is the Domain Name System (DNS)?
The Domain Name System (DNS) is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. It works as a translator between the user and the internet-connected computer. Any internet user accesses the information online through domain names, like tanzimulhaque.com. The web browser interacts with these domains through the Internet Protocol (IP) Address. In this place, DNS translates the domain names to IP Addresses. So, the browser can load the resources and the user gets his/her information.
We know any information is stored in a computer that is connected to the IP address. Remembering IP Addresses is difficult for any internet user. So, DNS helps the users by eliminating the need to remember the IP Address such as 192.168.2.1
How does Domain Name System (DNS) work?
You want to visit a website. This website has a domain name and an IP address. This domain name and its matching IP Address is known as DNS record. Now the DNS works to translate the domain name into an IP address in four steps. Suppose you want to visit my site www.tanzimulhaque.com.
You open your browser and type www.tanzimulhaque.com in the address bar and hit Enter on the keyboard. Promptly there is a fast verify whether you have visited our site beforehand. If the DNS records are found in your computer’s DNS cache, then the rest of the DNS lookup is skipped and you will be taken directly to www.tanzimulhaque.com.
If no DNS records are found, then a query is sent to your local DNS server. Typically, this is your Internet provider’s server and is often called a “resolving nameserver”.
If the records are not cached on the resolving nameserver, then the request is forwarded to what’s called a “root nameserver” to locate the DNS records. Root nameservers are designated servers around the world that are responsible for storing DNS data and keeping the system working smoothly. Once the DNS record is found on the root nameserver, it’s cached by your computer.
Now that the DNS records are located, a connection to the server where the website is stored will be opened and.tanzimulhaque.com will be displayed on your screen.
There are 4 DNS servers involved in loading a webpage
DNS recursor: The recursor can be considered as a librarian that administrator goes get a specific book somewhere in a library. The DNS recursor is a worker intended to get inquiries from customer machines through applications, for example, internet browsers. Ordinarily, the recursor is then answerable for causing additional requests to fulfil the customer’s DNS query.
Root nameserver: The root nameserver is the initial phase in translating (resolving) human-readable hostnames into IP addresses. It can be considered as an index in a library that focuses on various racks of books – typically it serves as a reference to other more specific locations.
TLD nameserver: The top-level area domain server (TLD) can be considered as a particular rack of books in a library. This nameserver is the subsequent stage in the quest for a particular IP address, and it has the last bit of a hostname (In tanzimulhaque.com, the TLD worker is “com”).
Authoritative nameserver: This last nameserver can be considered as a dictionary on a rack of books, in which a particular name can be converted into its definition. The authoritative nameserver is the last stop in the nameserver query. If the authoritative name server has access to the requested record, it will return the IP address for the mentioned hostname back to the DNS Recursor (the librarian) that made the initial request.
Types of DNS Service
There are two distinct types of DNS services on the internet. Each of these services handles DNS queries differently depending on their function.
Recursive DNS resolver: A recursive DNS resolver is the DNS server that responds to the DNS query and looks for the authoritative name server or a cached DNS result for the requested name.
Authoritative DNS server: An authoritative DNS server stores the DNS request. So, if you ask an authoritative DNS server for one of its IP addresses, it doesn’t have to ask anyone else. The authoritative name server is the final authority on those names and IP addresses.
Public DNS and Private DNS
DNS was made so individuals could connect with administrations on the internet. For a server to be open on the public internet, it needs a public DNS record, and its IP address should be reachable on the internet – that implies it’s not obstructed by a firewall. Public DNS workers are accessible to anybody that can connect with them and don’t need validation.
Interestingly, not all DNS records are public. Today, as well as permitting workers to utilize DNS to find things on the internet, associations use DNS so their representatives can find private, internal servers. At the point when an association needs to keep server names and IP addresses hidden, or not straightforwardly reachable from the internet, they don’t show them in public DNS servers. Instead, associations list them in private, or internal DNS servers – internal DNS servers store names and IP addresses for internal file servers, mail servers, domain controllers, database servers, application servers, etc. – all the important stuff.
Something to remember – like external DNS servers, internal DNS servers don’t require authentication. That’s because DNS was created long ago when security wasn’t such a big concern. Most of the time, anyone on the inside of the firewall – by infiltration or connected through a VPN – can query internal DNS servers. The only thing that prevents someone “outside” from accessing and querying internal DNS servers is that they can’t connect to them directly.
Public DNS: For a server to be accessible on the public internet, it needs a public DNS record, and its IP address needs to be reachable on the internet.
Private DNS: Computers that live behind a firewall or on an internal network use a private DNS record so that local computers can identify them by name. Outside users on the internet will not have direct access to those computers.
7 Steps in a Domain Name System Lookup
Let’s look at exactly how a DNS request works.
- A DNS request starts when you try to access a computer on the internet. For example, you type www.tanzimulhaque.com in your browser address bar.
- The first stop for the DNS request is the local DNS cache. As you access various PCs, those IP addresses get put away in a local repository. On the off chance that you visited www.tanzimulhaque.com previously, you have the IP address in your cache.
- If you don’t have the IP address in your local DNS cache, DNS will check with a recursive DNS server. Your IT team or Internet Service Provider (ISP) usually provides a recursive DNS server for this purpose.
- The recursive DNS server has its own cache, and if it has the IP address, it will return it to you. If not, it will go ask another DNS server.
- The next stop is the TLD name servers, in this case, the TLD name server for the .com addresses. These servers don’t have the IP address we need, but they can send the DNS request in the right direction.
- What the TLD name servers do have is the location of the authoritative name server for the requested site. The authoritative name server responds with the IP address for tanzimulhaque.com and the recursive DNS server stores it in the local DNS cache and returns the address to your computer.
- Your local DNS service gets the IP address and connects to tanzimulhaque.com to download all the glorious content. DNS then records the IP address in the local cache with a time-to-live (TTL) value. The TTL is the amount of time the local DNS record is valid, and after that time, DNS will go through the process again when you request Varonis.com the next time.
What are Types of Domain Name System Queries?
DNS queries are the computer code that tells the DNS servers what kind of query it is and what information it wants back. There are three basic DNS queries in a standard DNS lookup.
1. Recursive Query
In a recursive inquiry, a DNS client gives a hostname, and the DNS Resolver “must” give an answer—it reacts with either a relevant resource record or an error message in the event that it can’t be found. The resolver begins a recursive query process, beginning from the DNS Root Server until it tracks down the Authoritative Name Server that holds the IP address and other data for the mentioned hostname.
2. Iterative Query
In an iterative query, a DNS client gives a hostname, and the DNS Resolver returns the most appropriate answer it can. On the off chance that the DNS resolver has the relevant DNS records in its cache, it brings them back. If not, it alludes to the DNS customer to the Root Server or another Authoritative Name Server that is closest to the nearest DNS zone. The DNS client must then repeat the query directly against the DNS server it was referred to.
3. Non-Recursive Query
A non-recursive query is a question wherein the DNS Resolver definitely knows the appropriate answer. It either promptly returns a DNS record since it as of now stores it in the local cache or queries a DNS Name Server that is legitimate for the record, which means it certainly holds the right IP for that hostname. In both cases, there is no requirement for additional rounds of queries (like in recursive or iterative queries). Maybe, a reaction is promptly gotten back to the client.