Here’s an in-depth look at the domain name system and its components — we’ll cover everything from what a DNS server is and how it’s used to how it benefits you and your customers
When’s the last time you dialed your best friend’s phone number to call them? If you’re like me (and most people nowadays), you already have your friend’s name and phone number programmed into your cell phone’s contact list. This way, you can call anyone on your list simply by tapping on their name, and you don’t have to wrack your brain to remember their individual phone number.
In the tech world, this is also the beauty of the domain name system (DNS). A DNS server works in much the same way. It’s the modern equivalent of a phone book or old school phone operator, but for websites instead of phone numbers. Every website has a “phone number” called an IP address… but we don’t want to type in the IP address, so we use the website domain name instead.
But what does DNS actually stand for and how does it work to simplify life on the internet?
In the article, we’ll answer your question “what is a Domain Name System” and break down how it’s used to translate domain names to IP addresses. We’ll also cover the role of DNS caching, and how you can either host a DNS server on your network or use a third-party DNS server.
What Does DNS Stand For? Let’s Break Down the Meaning of a Domain Name System…
If you’ve ever wondered “what is a DNS server” or “what is a domain name system,” then you’ve come to the right place. The domain name system, which is comprised of individual DNS servers, is a term that describes a series of computers and servers that translates hard-to-remember IP addresses into human-friendly domain names. So, when people ask what DNS means, essentially, they’re asking about a system that simplifies complex processes to provide an easy user experience.
DNS was first introduced at the Internet Engineering Task Force (IETF) in 1983 as RFC 883 and was later implemented in 1985. It’s been in use ever since in a very important way: it helps users connect to websites without having to remember long and challenging IP addresses.
Every website domain has a corresponding internet protocol (IP) address that is associated with a hosting server. This is where the files and information of your website actually reside on the internet. Web servers use IP addresses to connect to the right web server, which enables it to use the domain name and request path to retrieve the correct files for every website connection request.
Types of IP Addresses: IPv4 and IPv6
The most common type of IP address (IPv4) consists of four sets of digits that are separated by periods (which would look something like 188.8.131.52). Each IPv4 address is 32 bits. IPv6 IP addresses, on the other hand, consist of eight groups of four hexadecimal numbers that are separated by colons. There are three types: unicast, anycast, and multicast.
IPv6 addresses, which are 128 bit each, were created out of fear that we’d eventually run out of IPv4 IP addresses (4,294,967,296 may sound like a lot, but it’s really not in the span of the internet). Experts estimate that the total number of available IPv6 addresses is 340,282,366,920,938,463,463,374,607,431,768,211,456 (which, honestly, I’m not even sure how to say). So, as you can see, this is vastly different larger pool of available addresses to pull from!
Here are two examples of IPv4 and IPv6 addresses:
All of This Is to Say…
So, the simplified version of this means that every time you type your favorite website into your browser, your computer’s DNS client reaches out to one or more DNS servers to find out the corresponding IP address for the website you want to display it for you. The more complicated version involves several other steps in-between that get you from point A to point B.
Remember those old school phone operators I mentioned earlier? It’s kind of like how they would serve as mediators and connect your call. But imagine that there are several of those operators working together to connect your request with the appropriate IP address.
How DNS Servers Benefit Users
So, why is a DNS system really necessary? Let’s take a moment to put this in perspective. NetCraft’s April 2020 Web Server Survey reports that there are 1,246,121,153 sites across 260,089,947 unique domains in existence on the internet. Internetlivestats.com reports that there were 1,770,921,180 websites in existence when I wrote this article.
Now, take a moment to think about how many websites you personally visit when you surf the web each day. Do you think you’d be able to remember even a minute fraction of those IP addresses?
Furthermore, considering that the official number of websites changes every second, it’s safe to say that there are far more websites — and corresponding IP addresses — in existence than any one person could ever hope to remember.
DNS servers mean that if you wanted to visit Apple’s official website, instead of having to remember their IP address (184.108.40.206), you’d be able to simply type in “apple.com” and your web browser seemingly retrieves the correct information from the appropriate web host server.
For our customers at SectigoStore.com, it means that they can just type “sectigostore.com” instead of 220.127.116.11. To find out the IP address of one of your favorite websites, you can use the system command tool and type “tracert yourfavoritedomain.com” to see for yourself.
Some additional DNS server uses and features also include:
- Load balancing: One of the advantages that comes to mind with DNS is that it can help optimize performance. It does this by routing traffic from high-traffic areas of your network to ones with lower traffic.
- Traffic rerouting: In the event that something goes wrong, a DNS can be used to redirect traffic through different channels if something goes wrong with your network infrastructure.
- Content blocking: Don’t want your employees to be able to access specific websites from your network? DNS filtering can enable you to block known phishing sites or other harmful or inappropriate websites.
What Components Make Up the Domain Name System?
When it comes to breaking down the domain name system, there are a lot of moving pieces to consider and a lot of terms that are used interchangeably within the industry. For example:
- Client: This term refers to the user’s computer that originally submits the DNS query by searching for a particular domain.
- Recursive nameserver. Also known as a recursive resolver, a DNS recursor, or a resolver, this term represents the first part of a DNS query. Basically, it’s the go-between for your client and the DNS nameserver that it’s communicating with.
- DNS root nameserver. There’s a total of 13 root nameservers, all of which are overseen and maintained by the Internet Corporation for Assigned Names and Numbers (ICANN). What these servers are responsible for is handling the resolver’s query
- TLD nameserver. This is the server of top-level domains (.com). A great way to think of this is like it’s the reference librarian who can tell you where to find a specific genre of books within your local library.
- Authoritative nameserver. This final DNS nameserver is the last stop before the recursive nameserver sends a response back to the client. This is like the computer that the librarian uses to tell you where precisely you can find a particular edition of a book that was written by a specific author.
Now that we know what the different components of a domain name system are, let’s explore how they work in action.
How a DNS Request Works
Let’s take a moment to explore how the domain name system lookup process works. When you type “Apple.com” into your browser, your computer’s DNS client submits a request to the domain name system. To do this, though, it first sends the request to a recursive name server (this could be a public server or one that’s owned by your ISP). If it already has that information stored via a DNS cache, it can resolve the request immediately. But if not, it would need to reach out to root servers that are responsible for managing requests for the most common top-level domains (TLDs).
Here’s a simplified look at how the domain name system works whenever you submit a DNS request:
- When you submit a DNS query via your client (i.e., you type “apple.com” into your browser), it goes to the resolving recursive nameserver.
- The recursive nameserver checks to see if it has that domain in its recent cache. If it does, it responds to the client. If not, then it sends your request upstream to a root nameserver.
- That root nameserver will then refer that request along to a TLD nameserver to get the hostname extension (such as .com, .net, .org, .co.uk, etc.).
- The TLD nameserver will then contact authoritative nameservers to find the IP address and corresponding domain. Authoritative nameservers are where website owners save the DNS records for their domains. These nameservers are continuously updated whenever a new domain is registered, which makes it possible to find new domains in web searches.
- The appropriate authoritative nameserver then sends the IP address (18.104.22.168 for apple.com) downstream, back to the recursive server.
- The recursive server then sends that information in a response to your client.
Let’s take a little more in-depth look at the process to see how it all comes together:
Now, wouldn’t it be great if your computer’s DNS client or the recursive server could just remember that IP address to connect you right away? This is possible through a process known as DNS caching.
Where DNS Caching Comes Into Play
A DNS cache is like a secret stash of chocolate.
Let me explain. In recent years, I’ve developed a bit of sweet tooth and keep a small stash of my favorite chocolates around the house in case I get a craving. (It’s something I came by honestly — my grandfather was a major “chocoholic.”) By keeping some chocolate in the house, I don’t always have to run to the store whenever one of those cravings hits, and it saves me financially because I only buy the chocolates when they’re on sale.
So, much like how I keep some chocolate on hand, a DNS sever is the same way regarding specific types of information. A DNS cache serves as a repository of IP addresses and their corresponding domain names for a DNS server. The server keeps that info on hand in a cache so that it doesn’t have to request IP addresses every time it receives a request from an end user. What this helps the DNS server accomplish is speed up its request responses while also reducing the “cost” (bandwidth) of those requests.
What’s really great is that both the recursive nameserver and your device’s browser client are able to cache IP address records and information for rapid recall. However, the browser won’t store the IP data indefinitely — it only does so for a predetermined period of time known as a time to live (TTL).
It’s pretty ingenious, really… but it’s not perfect.
The ‘Catches’ of DNS Caching and DNS as a Whole
Like other technologies, DNS caching is a process that isn’t foolproof. For example, websites sometimes change IP addresses, which means that if your client or the recursive server is trying to pull from their cached data, they’re going to be trying to connect you with the wrong address. This will result in a bunch of unattractive 404 errors that may drive away your users.
But there are also other issues that you should be aware of as well:
The Risk of DNS Poisoning
Another issue is known as DNS poisoning. This occurs when a malicious user, such as a hacker, compromises the DNS cache records (i.e., “poisons” them) so that they point back to malicious websites. So, what ends up happening when your client tries to pull from the poisoned cached IP address data is that it will actually take you to a malicious website that will try to:
- Install malicious software on your device.
- Get your login credentials or other personal information.
- Aid the attacker in carrying out another malicious activity.
The Security of Query Data
Virtually every activity on the ‘net starts with a DNS query. These queries reveal a plethora of information about the individual user’s visits and any services that are related to their individual transactions. The tricky (and worrisome) part here is that DNS queries are traditionally made via the user diagram protocol (UDP), an insecure web protocol. It’s also sent in plaintext, which means that anyone can eavesdrop and see all of the DNS lookups, and surveil and hijack DNS traffic if they fancy doing so. They’re also more susceptible to IP leaks.
This is where DNS over TLS (DoT) or DNS over HTTPS (DoH) can demonstrate their value. We’re not going to get into the argument of which one is better than the other because they both have their merits. But I will at least mention that the IETF recommended DoH in its RFC 8484 back in 2018, and Mozilla recently decided to move forward this year with its implementation of DoH on their Firefox browser.
The goal of both DoT and DoH is to make DNS queries more secure via an encrypted connection. What this does is help to prevent your ISP, for example (if you’re using their recursive nameserver), from seeing specific parts of your DNS lookup process.
A Look at the DNS Server Provider Industry as a Whole
As you can guess, there are many public and commercial website DNS server providers available globally to choose from, and many internet service providers have their own DNS for their customers’ domains. Data from W3Techs indicates that the biggest website DNS server providers in terms of usage include:
- GoDaddy Group (11.9%)
- Cloudflare (11.6%)
- Endurance Group (5.4%)
- Amazon (5%)
But when it comes to client-side DNS servers, you can have greater control over the DNS query process and any data that transmits between computers, servers, and other resources. Here’s how:
Set Up Your Own DNS Nameserver
Setting up a custom resolving DNS server for your organization offers several key advantages, including increased flexibility, control, as well as potentially greater security. You can implement changes quickly in the event that something goes wrong without having to wait on a third party to get their act in gear. You also won’t be limited by any limitations that third-party DNS providers — such as those provided by your ISP — impose.
But remember, with greater freedom comes increased responsibility. After all, you have to be sure to maintain your server with regular updates and patches so as to not leave any vulnerabilities for cybercriminals to exploit. So, before you dive headfirst into that process, ask yourself whether the juice is worth the squeeze.
Unless you’re highly experienced and seasoned in this process, trying to host your own DNS can be a complicated mess. And while using a default DNS server may have its limitations, it takes the task of having to manage and maintain the system yourself off your plate.
I’m not saying any of this to dissuade you or to push you one way or another. My goal is just to make sure that you weigh your options carefully before making a decision.
Final Thoughts on the Role of the Domain Name System
Regardless of which method of DNS implementation you choose, the fact is that DNS has been here for several decades is here to stay.
The domain name system plays an invaluable role in making the internet a more user-friendly place — both for you and your customers. Rather than forcing users to remember individual IP addresses, they’re able to use more human-friendly methods of recall by using the domain names we’ve come to know and love. It also provides greater security through the use of filters, DoT, and DoH.