What is a Domain Name System (DNS) & How Does it Work?

April 12, 2023

Introduction

The Domain Name System (DNS) is the reason we can type URLs into a browser and get to the website we want to access. Although the process seems instantaneous, many communication steps happen along the way. A key player in the process is the Domain Name System.

This article explains what the domain name system (DNS) is and how it works.

What is a Domain Name System (DNS) & How Does it Work?

What is DNS?

A domain name system (DNS) is a system that stores domain information in a distributed database. The main function of a DNS is to translate domain names into IP addresses and vice versa.

DNS enables using easy-to-remember domain names instead of IP addresses for each website or server.

Domain Name System Example

The domain name system functions like a phonebook. When we enter a URL (such as www.phoenixnap.com) into a browser, the DNS server resolves the name into an address.

DNS example query

The resolved address allows the browser to contact the correct web server for information and retrieve the queried website.

How DNS Works?

The domain name structure is a key concept in explaining how DNS works. A domain name consists of two or more parts separated by periods. For example, the address bmc.phoenixnap.com splits into three parts:

1. Top-level domain (com).

2. Second-level domain (phoenixnap).

3. Subdomain (bmc).

Domain name structure

The DNS space uses a client-server architecture:

  • DNS servers have a hierarchical tree-like structure. Every domain has one or more authoritative DNS servers that store information about the domain. The topmost nodes in the structure contain the root servers, which are responsible for resolving top-level domains.
  • DNS resolvers are the client components that contact a DNS server to get an address resolution for a domain name. The resolver is an indirectly used system component (e.g., through a browser). Typically, a DNS resolver stores one or two addresses of DNS servers.

DNS Lookup Process

When a web browser sends a request to resolve a domain name into an IP address, the DNS goes through a lookup process. If the example address is phoenixnap.com, the process goes through the following steps:

1. The client query (phoenixnap.com) goes to a DNS resolver.

2. The resolver sends a request to the root nameserver to ask for the top-level domain resolution.

3. The root server responds with an IP address of a top-level domain server for resolving .com domains.

4. The resolver sends a request to the top-level domain server.

5. The TLD server responds with an IP address of the authoritative nameserver (domain's nameserver).

6. The resolver sends a final query to the authoritative nameserver.

7. The authoritative nameserver returns the IP address for the domain name (phoenixnap.com) to the resolver.

8. The resolver returns the IP address of the domain to the client.

9. The client sends an HTTP request to the provided IP address of the web server.

10. The web server returns the webpage to the client.

DNS lookup steps

The lookup process steps differ based on caching levels and the DNS query type.

Note: Learn how to set DNS nameservers.

Types of DNS Queries

DNS uses different query methods when resolving a domain name. The query type depends on what information the DNS resolver already has available, and the type of response the DNS server provides.

Overall, there are three distinct types of DNS queries:

  • Recursive. A DNS resolver asks a DNS server to resolve an IP address into a domain name. If the server does not have the address, it returns an error. The resolver asks for another DNS server and continues the process until a DNS server has an IP address to return.
  • Iterative. A DNS client asks the server to provide an IP address for a given domain name. The resolver either gets an address as a response, or the IP address of another DNS server that potentially has the answer. The resolver repeats the process until the address resolution happens.
  • Non-Recursive. A DNS resolver knows either the IP address or the authoritative server where the information resides. When a client query requests an address resolution, the resolver either returns the IP address immediately from a cache or queries an authoritative DNS server for the record.

DNS Records

DNS records store information about domains and reside on DNS servers or in caches. There are many different DNS record types. The most common types are:

  • A record contains the IPv4 address for a domain.
  • AAAA record contains the IPv6 address for a domain.
  • CNAME record contains the alias for a domain.
  • MX record is the mail server address for accepting emails on behalf of a domain.
  • PTR record maps an IP address to a domain name for reverse DNS lookup.
  • TXT record stores descriptive text for a domain.

Types of DNS Servers

Various DNS server types play a different role in resolving a domain name into an IP address. Below is a brief overview of the several types of DNS servers and their function in DNS resolutions.

1. Recursive DNS Server

A recursive DNS server (or recursive DNS resolver) resolves DNS queries by querying other DNS servers. The recursive server performs this task until it locates the IP address of a domain name. The server acts as a mediator between the client and other DNS servers.

2. Root DNS Server

The first point of contact from a recursive DNS server is the root DNS server. There is a total of thirteen root server types dispersed across multiple locations. Root DNS servers are named [A-M].root-server.net and every recursive DNS resolver knows all thirteen root server types.

The root DNS server provides IP addresses for top-level domain (TLD) servers to a recursive DNS resolver based on the final part in the domain name query. The Internet Corporation for Assigned Names and Numbers (ICANN) manages root nameserver databases.

3. TLD (Top-Level Domain) DNS Server

The top-level domain (TLD) servers resolve queries for top-level domains. For example, a .com TLD server contains information for all websites ending in .com. The TLD server points the resolver to an authoritative server.

Internet Assigned Numbers Authority (IANA) is a branch of ICANN that oversees the TLD nameservers. All the domains in this category divide into three groups:

  • Generic top-level domains are common and not geographically specific. Examples include .com, .edu, .org, .gov, and similar.
  • Country-code top-level domains are specific to a country or state. Examples include .uk, .us, .ru, and others.
  • Infrastructure domains are transitional domains with a historical significance used for reverse DNS lookup. The domain is .arpa.

4. Authoritative DNS Server

An authoritative DNS server provides answers for DNS queries from a TLD server. The answer is based on the DNS records that it has for a specific subdomain. The authoritative DNS server is the last step before a DNS resolution.

Multiple domain names reside on authoritative DNS servers, and a single domain name may also reside on multiple authoritative servers.

What Is DNS Caching?

DNS caching is a process where DNS query results are temporarily stored for future reference. The caching process occurs at diverse levels, such as on a client device, local network, and DNS servers.

The DNS resolver first checks the cached values to find an IP address for a domain name. If the address is in the cache, the resolver returns the IP without having to query other DNS servers.

The caching process significantly reduces DNS lookup times. DNS caching can also cause problems if the information is outdated or tampered with, which is why it's good to flush DNS cache.

Browser

Every browser caches DNS information for recently searched queries. If the corresponding IP address for a domain name is found in the browser's cache, the page loads immediately without having to forward the information further.

If the browser's DNS cache does not contain the record, the request forwards to the operating system's DNS cache.

Operating System

All operating systems have internal DNS cache. The cache contains a table with DNS record values and the time the records are kept (TTL). An administrator sets the TTL value for each domain, and after the time runs out, a new query updates the DNS cache information.

Note: See how you can utilize a hosts file on macOS.

Router and ISP

The final point of DNS caching is on the router level. Some routers have built-in DNS cache, which is typically set up by the internet service provider (ISP). Alternatively, the router uses the ISP's DNS cache to check for cached values.

DNS Vulnerabilities

DNS participates in the majority of IP network and internet communication. However, DNS is notorious for various vulnerabilities and issues. The system is hard to avoid and difficult to monitor, making it a major network security challenge.

Some examples of DNS vulnerabilities are:

  • DNS cache poisoning is a malicious attack in which false information is added to the cache. For example, an attacker can inject a false entry to redirect all traffic to a malicious website or block traffic.
  • DNS spoofing is a man-in-the-middle attack where an attacker sends a false DNS response to a victim. The false response contains an incorrect IP address for the given domain, leading to malicious websites which conduct a phishing attack or similar.
  • DNS amplification is a type of DDoS attack where an attacker sends requests with spoofed IP addresses to slow down a server or take it down completely.

To address DNS vulnerabilities, apply DNS security best practices and focus on network infrastructure security.

Conclusion

After reading this guide, you know how the domain name system (DNS) works. Next, see how to configure a DNS server.

Was this article helpful?
YesNo
Milica Dancuk
Milica Dancuk is a technical writer at phoenixNAP who is passionate about programming. Her background in Electrical Engineering and Computing combined with her teaching experience give her the ability to easily explain complex technical concepts through her content.
Next you should read
How to Use Linux dig Command (DNS Lookup)
September 1, 2020

dig (Domain Information Groper) command is a tool for querying DNS name servers. It is a helpful command for...
Read more
DNS Best Practices for Security and Performance
November 11, 2019

DNS management is a significant hurdle in enterprise environments. DNS infrastructure needs to be organized...
Read more
How to Flush DNS Cache Locally in Windows, macOS, & Linux
January 8, 2019

DNS cache can be corrupted for a number of different reasons, including network attacks or viruses. When that...
Read more
Troubleshooting DNS Issues {nslookup, dig, host & More}
November 17, 2021

This article explains how to follow steps in DNS troubleshooting, from basic network troubleshooting to more in-depth...
Read more