DNS (Domain Name System)
In this blog I will be explaining about the basics of DNS which will include:
- What is DNS?
- What services does it provide?
- How does it work?
- Different types of DNS records.
What is DNS
Humans can have different identifiers(name, driving license number, PAN etc). Within a context, one identifier can be more appropriate than others. Like humans prefer to use “name” identifier, because they are more convenient to remember and refer to. Similarly in networks, hosts can have different identifiers. One of them is hostnamesuch as google.com, amazon.in, etc. Hostnames are easy to remember and refer hence are appreciated by humans.
But the variations in the hostname (can be of variable lengths, can have alphanumeric characters) make it difficult for machines(routers and other network devices) to process it. And for the above reason hosts are also identified by IP addresses (more rigid structure).
The different preferences for host identifiers demand for a directory service in the internet which translates the hostnames to IP addresses. And this is the main task of the domain name system(DNS). So in short form DNS is a distributed database in the internet which stores the record for hostnames translations.
Services provided by DNS
- Host Resolution: This is the main task of DNS. Suppose you hit the url www.samplehost.com/index.html. For sending the http request from your computer to the web server www.samplehost.com, your computer first obtain the IP address of www.samplehost.com. The DNS client running on your computer queries the DNS server for the resolution of hostname www.samplehost.com , and eventually receives the IP address. Then your computer initiates the TCP connection with resolved IP address.
- Host aliasing: Some hostnames can be complicated and hence can have one or more alias name. e.g. disco.dance.entertainment.com can have two aliases such as entertainment.com and www.entertainment.com. In this case disco.dance.entertainment.com is known as canonical hostname. DNS can be invoked to obtain the canonical hostname for the supplied alias as well as the IP address of the host.
- Load distribution: DNS can also be used for load distribution among replicated servers. The sites with heavy traffic or loads are replicated over multiple servers for high availability and other some other reasons(out of the scope of this blog). In this case when client makes query to the DNS server, it returns the set of IP addresses and rotates the ordering of IP addresses in each reply.
- Mail Server aliasing: We have observed that the email ids are like
blog@gmail.com,blog@outlook.cometc. However, the hostname of the gmail or outlook servers are more complicated thangmail.comoroutlook.comand are less convenient to remember(something like `xyz.nyc.dom.gmail.com` and `abc.cad.dom.outlook.com`). So in this case DNS server can be invoked by mail application to obtain the canonical hostname(`xyz.nyc.dom.gmail.com`) for the alias hostname (gmail.com)as well as IP address.
How does DNS works?
Whenever an application on a user’s machines needs to translate a hostname to IP, it invokes the client side of DNS with the hostname that needs to be translated. Then DNS in the user’s host send the query in the network and after some delay(in ms or secs) it receives a DNS reply with the mapping of hostname to the IPs. Finally this mapping is passed to the invoking application.
From the perspective of invoking application, DNS is a simple translation service which is what most of people think about DNS.
Now we will see how does this translation happens. What could be a simple design of this service; we can have a single DNS server which contains all the mappings and the clients which needs any translations should query to this server directly. But in todays era with such a high volume of requests in the internet and with such a huge growing number of hosts, this design will not work.
Problems with this design are:
1. Single point of failure.
2. Latency issues. (As a server near to one part of world will be far for from other part of the world)
3. Huge Request Volume.
In order to deal with these issues the design of DNS has to be distributed in nature. DNS uses large number of servers which are distributed around the world and so are the mapping of the hosts.
There are three classes of DNS: Root DNS Server, Top-Level Domain(TLD) DNS Server and Authoritative DNS server organised in a hierarchy as shown below.
Let me explain these classes with an example. Suppose a client wants the IP address of www.amazon.in.
1. Client will first connect to one of the root DNS server which will return the IP address of one of the TLD DNS server for domain in .
2. Client will then connect to one of the TLD DNS server which will return the IP address of one of the authoritative DNS server for amazon.in .
3. Finally client will connect to one of the authoritative DNS server of amazon.in which will return the IP address of www.amazon.in .
Generally there is another DNS server comes in picture known as local DNS server which is provided by ISPs.(Internet server providers). So clients generally talks to local DNS servers and it’s the responsibility of local DNS server to talk to the respective other DNS servers(root, tld, authoritative) to resolve the hostname. Local DNS server also caches the results with some TTL which can be used in further queries.
Types of DNS records.
DNS stores the mappings in form of resource records(RR) which are represented by four tuple which contains the following fields
(Name, Value, Type, TTL)
There are four types of DNS recored.
- For
Type=A,Nameis the hostname andValueis the IP address of the hostname. e.g.(www.random.com, 143.60.76.7, A, 10)is Type A record. - For
Type=NS,Nameis the domain (such as amazon.in) andValueis the hostname of the authoritative DNS server that knows how to obtain the IP address for the hosts in the domain. e.g(amazon.in, dns.amazon.in, NS, 10)is a type NS record. - For
Type=CNAME,Nameis the aliased hostname andValueis the canonical hostname for that aliased hostname. e.g(entertainment.com, disco.dancer.entertainment.com, CNAME, 10)is Type CNAME record. - For
Type=MX,Nameis the aliased hostname for mail server andValueis the canonical hostname of that aliased mail server. e.g.(entertainment.com, mail.disco.dancer.entertainment.com, MX, 10). Point to note here is that by using MX record a company can have the same aliased name for mail server and for some other server, say it’s company’s website. For e.g. google.com can be a hostname for a website as will as hostname for a the google mail server, this can be distinguished using the type of DNS record.
You can use
nslookupordigcommands on linux to check these different type of records. Like:
nslookup -type=A google.comServer: 172.20.10.1
Address: 172.20.10.1#53Non-authoritative answer:
Name: google.com
Address: 142.250.194.174____________________________________________________________________
nslookup -type=MX google.comServer: 172.20.10.1
Address: 172.20.10.1#53Non-authoritative answer:
google.com mail exchanger = 50 alt4.aspmx.l.google.com.
google.com mail exchanger = 30 alt2.aspmx.l.google.com.
google.com mail exchanger = 20 alt1.aspmx.l.google.com.
google.com mail exchanger = 10 aspmx.l.google.com.
google.com mail exchanger = 40 alt3.aspmx.l.google.com.____________________________________________________________________nslookup -type=CNAME google.comServer: 172.20.10.1
Address: 172.20.10.1#53Non-authoritative answer:
*** Can't find google.com: No answerAuthoritative answers can be found from:
google.com
origin = ns1.google.com
mail addr = dns-admin.google.com
serial = 367541562
refresh = 900
retry = 900
expire = 1800
minimum = 60
____________________________________________________________________nslookup -type=NS google.comServer: 172.20.10.1
Address: 172.20.10.1#53Non-authoritative answer:
google.com nameserver = ns4.google.com.
google.com nameserver = ns1.google.com.
google.com nameserver = ns2.google.com.
google.com nameserver = ns3.google.com.Authoritative answers can be found from:
References: Computer networks Top down Approach
