DNS stands for Domain Name System is used to as the medium to translate domain names to their respective IP addresses when a client initiates a request query. DNS stores the database of all the domain names and their IP addresses which are registered on the network.
The origins of DNS date back to the time of ARPANET, when there were only a few computers to get an entry in the database. Afile was maintained by Stanford Research Institute, which constituted the data of all the machines, and was copied by all the host machines to remain updated.
Jon Postel from the Information Sciences Institute requested Paul Mockapetris to design the very first implementation of DNS, at the University of California, Irvine, in 1983. Then in 1984, BIND (Berkeley Internet Name Domain) was created by four students, Douglas Terry, Mark Painter, David Riggle, Songnian Zhou, for Unix machines. After some revisions made in 1985 by Kevin Dunlap, it was later ported to Windows machines, and is still the most widely used DNS on the planet.
To understand the basic working of DNS, let me guide you with an example of a hotel. Let us assume, you need to visit your friend at some hotel. Now, what will you do? You’ll reach the hotel reception and ask the receptionist for room number of your friend. In order to do so, you’ll need to tell the name of your friend to the receptionist, who’ll check the same in her database and satisfy you with the room number of your friend. She’ll also call your friend to confirm whether he is available or not.
Now, try to relate the example to working of DNS. In this case, you’re the client sending a request to a DNS server, the receptionist, and your friend’s name is the domain name and his room number is his IP address.
The receptionist will type your friend’s name in her computer containing the database of all the guests, called the Domain Name Space, if your friend is staying in the hotel she’ll tell you the room number, otherwise not. Similar thing happens, when you type the website name in your browser, the browser sends a request to the DNS server, if the website domain name is registered in the database with the DNS, then it’ll reply you with the IP address of the website you are trying to access, which is something like 188.8.131.52
Understanding the Domain Name and IP Address
Take the domain name,. The naming convention moves from right to left and vice-versa for IP address. In the domain name for Google, first the DNS will check for com which stands for commercial domain, and is a top-level domain. Proceeding further, , is a sub-domain to com and subsequently www, is a sub-domain to com domain. The dot (.) is used to separate the domains from their sub-domains. The full domain name can only consist of 253 characters.
Now, if some wants to know the domain name registered against an IP address, he will request the DNS server with the IP address of the website. Say, the IP address sent is 184.108.40.206, the DNS will first check the 31 then 13 then 79 and finally 246, concluding that the IP address belongs to. The DNS resembles the hierarchy structure of a tree, not the biological one, there is a different tree in computer data structures, in which the address 31 belongs to the top position of the tree and is the primary domain in the hierarchy, addresses 13, 79, 246 are consecutive sub-domains. The number 246 refers to the server machine hosting the website . All this domain and sub-domain thing is not that much complicated as you think, but it’ll take some time for you to get it correctly if you’re new to this concept.
Evolution of DNS
In earlier days, a master file was maintained by one main server which was updated manually with the entry of every new website and then it was copied by other servers. But, as the count of websites proliferated with time, it was hard to maintain the domain name database manually. So, the need of an automated system was felt and then the ability to automatically update the database all around the world was introduced in the newer generations of DNS.
So, if you register your website name with a Domain Name Registrar, it will take around 24 hours for your website to be present in the DNS databases all around the world.
The Master-Slave server relations were introduced in which a master server maintained the database and Slave server only had to copy the database to remain updated. In order to facilitate the dynamic updates to DNS database, the mechanisms NOTIFY and IXFR were introduced.
In NOTIFY, when the master server updates the database, it sends a notification to the slave servers about the update, which then copies the database. IXFR (Incremental Zone Transfer) eliminates the need to copy the whole database every time a single entry has been made, it allows the slave servers to only add the updated entry in their database, thus reducing the efforts and making the dynamic update process faster.
Resolving IP Address
It refers to the process of translation of a domain name to its respective IP address. The DNS resolver is the client PC, you in that hotel example, which sends the query to the DNS server, the receptionist. There are two methods used for resolution:
Recursive: Now continuing with the hotel example, assume the hotel has more than one branch in the city, and the receptionist was unable to find your friend’s room number. Then she’ll check if your friend has been staying in the other branch by contacting the receptionist present there. So, if the DNS server in unable to find any IP associated to the domain name sent in the query then it’ll ask the other servers connected to resolve the IP address for the requested domain. It’ll gather the information from those servers and reply to you with the appropriate IP address.
Iterative: Suppose you also want to know the floor on which the friend’s room is situated, in order to do so, you’ll again ask the receptionist. Similarly, if the DNS resolver wants more information about a domain, it’ll initiate a new query for the same DNS server.
The DNS server temporarily stores the request queries in the form of Cache, so as to reduce the response time if any other DNS resolver requests the same query. The time for which the Cache information remains valid is called TTL (Time To Live), is set by the administrator for each query record stored in the cache.
The first and foremost application of DNS is nslookup, in which a DNS server replies with the IP address of the domain name requested in the query. DNS is used by different Mail Transfer Agents (MTA) like Microsoft Exchange Server and IBM Domino, so that they can deliver the e-mails more efficiently.
DNS proves to be very helpful in identifying black-listed IP addresses over the internet and barring the users from accessing them. This helps in protecting the users from spam e-mails and potential hacking attacks.
The data for each domain name and its IP address is kept on more than one DNS server, so as to retrieve the data in case any problem occurs on one server.
Cache Poisoning: Also called DNS Spoofing, is the technique used by malevolent people, in which they alter the data in resolver cache of the DNS server, rendering incorrect IP address to DNS resolver, may be to divert the user to a hacker’s machine.
DNS responses are not encrypted thus allowing the possibilities of potential attacks. However, Domain Name System Security Extensions (DNSSEC) are used to render cryptographically signed DNS responses.
Phishing attacks can be planned due to visual resemblance of some characters on the user’s screen, like the letter l and 1 appear the same on some screens, thus redirecting users to different IP addresses by displaying the same look and feel as of the original website.
Use custom DNS
What if the that hotel receptionist is very slow and many people are asking for room numbers at same time, then she’ll not be able to provide you with correct room number quickly. So, you may ask some other person at the reception counter to attend your concern. Similarly, when we connect to the internet, we generally use the DNS Server provided by our ISPs. But what if the default DNS server is irresponsive or if it can’t handle a large number of queries at a given moment, such instances will only degrade your browsing experience. But don’t worry, there is another way out. You can configure your system to use a different DNS server for resolving IP addresses.
Popular DNS servers:
Google’s Public DNS: The search giant has set-up some serious high-grade DNS servers capable of handling millions of requests at any given moment. And they’re absolutely free to use like Google’s other services. You can configure your machine to use the following DNS addresses:
220.127.116.11 and 18.104.22.168
OpenDNS: This is a private company which provides safe and reliable DNS server for free. Just configure the following addresses on your machine:
22.214.171.124 and 126.96.36.199
For those readers who don’t know how to configure DNS on your machine, please refer the link below:
DNS has been a topic of utmost importance since its advent as a systematic way to maintain such a huge database of millions of websites and servers around the world. Without DNS, it would’ve instigated a whole lot of mess of all the domain names and IP addresses, and it would’ve taken ages just to locatefrom a haphazard collection of all the domain names. DNS has streamlined the process of IP resolution and seriously, if DNS wasn’t there, I know you would’ve burnt your brain circuits in order to remember all those IP addresses. And let me ask you, do you remember Facebook’s IP address I mentioned above. And don’t scroll up now, even I don’t remember it, because DNS is there to remember it for us. We only need to express our gratitude for the noble work DNS has been doing since the last three decades, and it has become faster, smarter and more reliable.
Watch this video about DNS: https://youtu.be/72snZctFFtA
Read further: How DDoS Attack Works?
Write your thoughts about DNS in the comments section below, and do try to configure the DNS server using the link in the article.