How Does DNS Wrok?

How Does DNS Work?

Amisha sinha's photo
Amisha sinha
·

6 min read

The DNS Resolution Process: A Story of Bob’s Address

Scenario Setup

Imagine you're trying to visit www.hashnode.com, much like trying to find your friend Bob’s house. You don't know Bob's exact address (IP address), but you have a system (DNS) to help you figure it out.

Step 1: Stub Resolver – Your Personal Address Book

You first check your personal address book to see if you’ve already noted Bob’s address. If you find it, great! You head straight to Bob’s house. If not, you’ll need to start asking around.

Technical Details:

  • When you type www.hashnode.com in your browser, your computer’s stub resolver (a tiny DNS client) checks its cache.

  • The cache contains recently resolved IP addresses.

    • If found: The stub resolver returns the cached IP address to your browser, and you can connect to the website.

    • If not: The stub resolver asks its configured DNS server (e.g., Google’s DNS at 8.8.8.8) for help.

Step 2: Recursive DNS Server – Your Friend Who Knows Everyone

Your stub resolver (you) reaches out to your knowledgeable friend (recursive DNS server). Your friend is smart but doesn’t know everything. If he knows Bob’s address from memory (cache), he tells you. Otherwise, he says, “Hang on, I’ll find out,” and starts asking others.

Technical Details:

  • The recursive DNS server checks its own cache first.

    • If the answer is in its cache: It sends the IP address back to the stub resolver.

    • If not: It starts a recursive query by contacting other DNS servers in a hierarchical order (more on this in the next steps).

Step 3: Root Servers – The Mafia Bosses

Your friend (recursive DNS server) goes straight to the Mafia Bosses (Root Servers) because they manage the big picture. They don’t know Bob’s address, but they know which city Bob lives in (TLD level, like .com or .org).

Technical Details:

  • The recursive DNS server queries one of the root servers, which are the starting point of the DNS hierarchy.

  • The root servers don’t store individual IP addresses. Instead, they point the recursive resolver to the TLD name server responsible for the domain (.com in this case).

Step 4: TLD Name Server – The City Manager

Now your friend goes to the City Manager (TLD Name Server) for .com domains and asks, “Do you know where Bob lives?” The manager doesn’t know Bob directly but says, “I know someone in Bob’s neighborhood (hashnode.com). Go ask them.”

Technical Details:

  • The recursive DNS server queries the TLD Name Server (responsible for .com, .org, etc.).

  • The TLD server doesn’t have the exact IP address but returns the authoritative name server for hashnode.com.

Step 5: Authoritative Name Server – Bob’s Neighbor

Finally, your friend reaches Bob’s neighbor (Authoritative Name Server) and asks, “Do you know Bob’s exact address?” The neighbor checks their notes and gives the precise location.

Technical Details:

  • The recursive DNS server queries the authoritative name server for hashnode.com.

  • This server has a zone file with the domain’s DNS records, including an A record (IPv4 address) or AAAA record (IPv6 address). It responds with the IP address of www.hashnode.com.

Step 6: Caching the Answer

Your friend, now armed with Bob’s address, tells you the information and saves it for future use. If someone else asks for Bob’s address later, your friend won’t need to repeat the whole process.

Technical Details:

  • The recursive DNS server caches the IP address and sends it back to the stub resolver on your computer.

  • The stub resolver also caches it for a short time (based on the TTL value of the record).

Step 7: Connecting to Bob’s House

Now that you have Bob’s exact address, you drive straight there without any more questions.

Technical Details:

  • Your browser uses the resolved IP address to establish a connection with the web server hosting www.hashnode.com.

  • The website loads on your screen.

Conclusion

The DNS process is like an intricate detective story, where each character (stub resolver, recursive DNS server, root servers, TLD servers, and authoritative name servers) plays a crucial role in finding the IP address for a website. With caching, security enhancements, and hierarchy, DNS ensures that the Internet works smoothly and efficiently.

What is DNS?

DNS stands for Domain Name System. It’s like the Internet’s phone book. Instead of remembering IP addresses (like 192.168.1.1), DNS helps us use easy-to-remember domain names like www.google.com.

When you type a website into your browser, DNS finds the IP address of that website so your computer can connect to it.

How Does DNS Work?

  • When you type a website (e.g., www.example.com) into your browser, your computer first checks its local cache to see if it already knows the IP address.

    • If found: It uses the cached address, and you're done.

    • If not: It asks the next available DNS server (called a recursive DNS server) for help.

2. Recursive DNS Server Takes Over

  • The recursive DNS server is like your personal assistant. It knows how to find the answer, even if it doesn’t know it right away.

  • First, it checks its own cache. If it doesn’t have the answer, it starts asking other DNS servers in a structured process.

3. Querying the Root Servers

  • The recursive server contacts one of the Root Servers (there are 13 main ones worldwide, managed by different organizations).

  • The Root Server doesn’t know the exact IP address but directs the recursive server to a TLD (Top-Level Domain) Name Server for the domain (e.g., .com).

4. Querying the TLD Name Server

  • The TLD Name Server (responsible for .com, .org, etc.) provides the address of the Authoritative Name Server for the domain, like example.com.

5. Querying the Authoritative Name Server

  • The recursive server now contacts the Authoritative Name Server for example.com.

  • This server has the final answer: the IP address for www.example.com.

6. Returning the Answer

  • The recursive DNS server sends the IP address back to your computer’s stub resolver.

  • Your computer caches the IP address for future use and connects to the website.

Why Caching is Important

  • Caching saves time by storing answers temporarily at each step (your computer, the recursive server, etc.).

  • If the same website is requested again, the process doesn’t need to repeat—it uses the cached data.

What About Security?

  • Traditional DNS queries are not encrypted, which makes them vulnerable to attacks like DNS spoofing (where hackers trick you into visiting fake websites).

  • Modern protocols like DNS over HTTPS (DoH) or DNS over TLS (DoT) encrypt DNS queries, making them secure.

Subdomains: Specialized Rooms in Bob’s House

Let’s say Bob also has a workshop. Instead of giving you the main house address, Bob might say, “Go to the workshop entrance.” This is like a subdomain (e.g., academy.hashnode.com).

Technical Details:

  • Subdomains (like academy.hashnode.com) point to specific sections or servers within the main domain.

Security in DNS: Keeping Hackers Out

Imagine if someone intercepted your friend’s search for Bob’s address and gave a fake address. You’d end up at the wrong place! This is why securing the process is crucial.

Technical Details:

  • By default, DNS queries use UDP port 53 and are not encrypted, leaving them vulnerable to DNS spoofing or interception by hackers and ISPs.

  • Solutions like DNS over HTTPS (DoH) and DNS over TLS (DoT) encrypt DNS traffic, making it harder for attackers to tamper with or snoop on your queries.

dnsdns resolver