DNS

🌐 DNS (Domain Name System)

DNS is the phonebook of the internet. Just like you use a phonebook to look up "Pizza Palace" and find their phone number, DNS looks up "www.google.com" and finds its IP address.

It converts human-friendly domain names:

www.example.com
api.mycompany.io

into machine-friendly IP addresses:

93.184.216.34
203.0.113.10

DNS translates between these two, so you don't have to memorize numbers!

Why DNS Exists

Every device on the internet has an IP address - a unique numerical identifier like 172.217.14.238.

The problem: Imagine having to remember:

Google: 142.250.185.46
Facebook: 157.240.241.35
Amazon: 52.94.236.248
Netflix: 54.155.246.232

That's impossible! DNS solves this by letting you use memorable names instead.

Real-world analogy: Your contacts app stores "Mom" → 555-1234. You say "Call Mom" and your phone handles the number lookup. That's exactly what DNS does for websites!

Where DNS is Used

DNS is everywhere on the internet:

Web browsing - Every website you visit
Email - Finding mail servers (Gmail, Outlook)
Mobile apps - Apps connecting to their servers
Gaming - Finding game servers
Streaming - Connecting to Netflix, Spotify, YouTube
IoT devices - Smart home devices finding their services

Basically, every time you type a web address or an app connects to the internet, DNS is working behind the scenes!

How DNS Works: The Lookup Process

When you type www.example.com in your browser, here's what happens:

The DNS Hierarchy: Understanding Domain Names

Domain names are organized hierarchically, read from right to left:

DNS Server Types

There are several types of DNS servers in the lookup chain:

1. DNS Resolver (Recursive Resolver)

Your ISP's or public DNS server (like Google's 8.8.8.8)
Does all the hard work for you
Caches results for speed
Analogy: A librarian who finds books for you

2. Root DNS Servers

13 root server networks worldwide (labeled A through M)
Knows where to find TLD servers
Analogy: The library's main directory

3. TLD (Top-Level Domain) Servers

Handles specific extensions (.com, .org, .net, .uk, etc.)
Knows where to find authoritative servers
Analogy: The section catalog (Fiction, Non-Fiction, etc.)

4. Authoritative Name Servers

Holds the actual DNS records for a domain
The final authority on a domain's information
Analogy: The specific book with your answer

DNS Record Types

DNS stores different types of information using various record types:

DNS Caching: Why Websites Load Fast

DNS uses caching at multiple levels to speed things up:

TTL (Time To Live): Each DNS record has a TTL that says "cache me for X seconds." After that, the cache expires and a fresh lookup happens.

Real-World Example: What Happens When You Visit Google

Let's walk through a complete example:

1. You type: www.google.com

2. Browser checks its cache
   → Not found (or expired)

3. Operating system checks its cache
   → Not found

4. Query sent to ISP's DNS Resolver (e.g., 8.8.8.8)
   → Resolver checks its cache → Not found

5. Resolver asks Root Server: "Where's .com?"
   → Root responds: "Ask a.gtld-servers.net"

6. Resolver asks .com TLD Server: "Where's google.com?"
   → TLD responds: "Ask ns1.google.com"

7. Resolver asks Google's Authoritative Server: "What's the IP?"
   → Server responds: "142.250.185.46"

8. Resolver sends IP back to your computer
   → Caches it for future use

9. Your browser connects to 142.250.185.46
   → Google's homepage loads!

Total time: ~80ms

Next time you visit: Browser cache returns the IP in <1ms!

DNS Protocol Details

DNS typically uses UDP on port 53. Remember UDP from earlier?

Why UDP?

DNS queries are small (usually one packet)
Speed is important
If no response, just retry
Perfect for simple question-answer exchanges

Example DNS Query/Response:

Query:  "What's the A record for example.com?"
        Size: ~50 bytes
        
Response: "93.184.216.34"
          Size: ~70 bytes

When DNS uses TCP:

Zone transfers (copying entire DNS databases between servers)
Responses larger than 512 bytes
As a fallback if UDP fails

DNS Security: Problems and Solutions

Problems with Traditional DNS:

No Encryption - Anyone can see what websites you visit
DNS Spoofing - Attackers can fake DNS responses
Cache Poisoning - Injecting fake records into caches
Man-in-the-Middle - ISPs or attackers modifying responses

Modern Solutions:

DNSSEC (DNS Security Extensions)

Adds digital signatures to DNS records
Verifies authenticity
Prevents tampering

DNS over HTTPS (DoH)

Encrypts DNS queries using HTTPS
Hides your lookups from ISPs
Used by Firefox, Chrome, Edge

DNS over TLS (DoT)

Similar to DoH but uses TLS directly
Port 853 instead of 443

Public DNS Servers

You can choose which DNS resolver to use:

Provider

Primary DNS

Secondary DNS

Features

Google

8.8.8.8

8.8.4.4

Fast, reliable

Cloudflare

1.1.1.1

1.0.0.1

Privacy-focused, fast

OpenDNS

208.67.222.222

208.67.220.220

Filtering, security

Quad9

9.9.9.9

149.112.112.112

Malware blocking

Why change?

Faster lookups
Better privacy
Parental controls
Malware blocking

Simple Practical Examples

Example 1: Checking DNS Records

You can look up DNS records using command-line tools:

# Windows
nslookup google.com

# Mac/Linux
dig google.com

# Result shows:
google.com → 142.250.185.46 (A record)

Example 2: DNS Propagation

When you change DNS records (like pointing your domain to a new server):

Old record: example.com → 1.2.3.4
New record: example.com → 5.6.7.8

Problem: Caches everywhere still have the old IP!

Propagation time: 24-48 hours
(for all caches worldwide to expire and update)

This is why website moves take time to fully complete.

Example 3: Subdomains for Services

Companies use subdomains to organize services:

www.company.com      → Main website
mail.company.com     → Email server
ftp.company.com      → File server
blog.company.com     → Blog
shop.company.com     → Online store
api.company.com      → API endpoint

Each can point to a different IP address!

How DNS Handles Millions of Queries

Load Distribution:

Multiple servers with same IP (anycast)
Geographically distributed
Closest server responds

Example: Google's 8.8.8.8 isn't one server - it's thousands worldwide! Your query goes to the nearest one.

Summary and key points

DNS is essential because:

Translates human-friendly names to machine addresses
Makes the internet usable (no memorizing numbers!)
Works incredibly fast through caching
Operates at massive scale (billions of queries/day)
Uses a hierarchical, distributed system

Key Points:

DNS lookups happen for almost every internet action
Caching makes repeat visits instant
Usually uses UDP for speed
Organized hierarchically (Root → TLD → Domain → Subdomain)
Can be secured with DNSSEC, DoH, or DoT

Remember: Every time you:

Visit a website
Send an email
Use an app
Stream video

DNS is working silently in the background, translating names to numbers in milliseconds!

PreviousRouters NextSSH

Last updated 2 months ago

hashtag🌐 DNS (Domain Name System)

hashtagDNS Server Types

hashtagDNS Record Types

hashtagDNS Caching: Why Websites Load Fast

hashtagReal-World Example: What Happens When You Visit Google

hashtagDNS Protocol Details

hashtagDNS Security: Problems and Solutions

hashtagSimple Practical Examples

hashtagExample 2: DNS Propagation

hashtagExample 3: Subdomains for Services

hashtagHow DNS Handles Millions of Queries

hashtagSummary and key points