Home DNS Explained - How Domain Name Server Work
Post
Cancel

DNS Explained - How Domain Name Server Work

Posted Feb 15, 2023
Credits:- DNS Server Generated by (openai.com/dall-e-2)
Credits:- DNS Server Generated by (openai.com/dall-e-2)
By Manohar Palanisamy
8 min read

Introduction

Here I am taking www.example.com, I am going to explain everthing in simple demonstrarion to clear out most of the things happening behind the www.example.com.

What happened when we hit www.example.com in browser? The answer is its just simply get the response page from the web servernginx where the www.example.com is hosted. However, This is not just a simple works behind lots of things were involved like DNS lookup to resolve the IP address then it goes to the web server like nginx which where hosted in dedicated hosting services like AWS EC2, S3 Bucket or Standalone server.

What is DNS Server and How to Configure DNS Server

Every website is hosted on a Web server for example i am using nginx for the sake of clarity, and every server has an IP address. To open the required page, the browser must establish a connection with the IP address (TCP port on 80 or 443). This address is obtained via DNS Server I am using Cloudflare 1.1.1.1 but mostly Google default DNS server 8.8.8.8 However you can add it from your Network settings.

DNS Server Figure 1 : DNS Server in Mac Os Ventura Network Settings

When we want to open a web sites (for instance, www.example.com, we enter the domain name, the system then transposes it into an IP address, and then uses it to determine where to send the request. The request is sent to the required address (93.184.216.34) which was our actual Web server is hosted 93.184.216.34, and the page opens in the browser.

In simple terms DNS server converts our domain www.example.com to their corresponding Public IP 93.184.216.34. e.g: Google DNS Server - 8.8.8.8, Cloudflare DNS Server - 1.1.1.1

DNS has two main functions:

  • Caching
  • IP Resolve (which is talked earlier)

Caching

One single hit www.example.com . DNS server performs lots of task for us but no worry it performs everything in milliseconds. Still DNS server has speed up the process by caching.

I am from India wants to open a website www.example.com, and the information about the IP 93.184.216.34 of this website is stored at a DNS server in the US. If whenever I click the link the browser sends the query to the United States, it will take a really long time for the page to load. So, the browser usually sends the query to the internet service provider’s ISP servers, which are usually closer to the end user (incase i am in india).

The Indian ISP’s server connects to the American server, obtains the resource address93.184.216.34, and saves the data in its cache. The next time, whenever I wants to open this web service, the DNS server operator will have the required IP93.184.216.34 at hand, and the page will open faster.

This is what’s called caching.

However, the cache is not stored on a server forever. The storage time mainly depends on the TTL(Time To Live) parameter of the resource records (more about them below).

IP Resolve

I am sure still you aren’t clear. Its alright, Yup me too. Ok Now the actual decoding started here. there are multiple ways to see when we hits www.example.com However, i am going to explain by using dig command.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56

~ ❯ dig www.example.com +trace                                                                                               L 1.77 RAM 1.24G 18:51:36

; <<>> DiG 9.10.6 <<>> www.example.com +trace
;; global options: +cmd
.                       516679  IN      NS      a.root-servers.net.
.                       516679  IN      NS      b.root-servers.net.
.                       516679  IN      NS      c.root-servers.net.
.                       516679  IN      NS      d.root-servers.net.
.                       516679  IN      NS      e.root-servers.net.
.                       516679  IN      NS      f.root-servers.net.
.                       516679  IN      NS      g.root-servers.net.
.                       516679  IN      NS      h.root-servers.net.
.                       516679  IN      NS      i.root-servers.net.
.                       516679  IN      NS      j.root-servers.net.
.                       516679  IN      NS      k.root-servers.net.
.                       516679  IN      NS      l.root-servers.net.
.                       516679  IN      NS      m.root-servers.net.
.                       516679  IN      RRSIG   NS 8 0 518400 20230228050000 20230215040000 951 . s6CbmbfMdG4lWBbh/QZXmr5MlWTGKlgkmvdnGiiVyXRu0TGLwWYdht6m RuVQJ6sefjgskdIMJw33aYoTQy/6UpqnuXH/cMwDi6zHlNDN87MFKrxD EmglifVArOJfuC8y5e9vTU32uPiPNfHIpR+b0jaGJkjHPXsv7jFUFwq0 QJGSh4phGW/zgkWShDeKlZAEXU26q1NB7GC9Zn86ccIF7q80fwfIajRP 1TQ4axqrKDQuQu33jgnaN1B13E18AeSIxl9mE/3749aTRqzvkSGrsMp4 PpWpjVCASnUULkR2invqTnniMidcOh1RaI8jKqqiM+2mUW+e/zsZKQVt TrvwBw==
;; Received 1097 bytes from 1.1.1.1#53(1.1.1.1) in 80 ms 👈

com.                    172800  IN      NS      a.gtld-servers.net.
com.                    172800  IN      NS      b.gtld-servers.net.
com.                    172800  IN      NS      c.gtld-servers.net.
com.                    172800  IN      NS      d.gtld-servers.net.
com.                    172800  IN      NS      e.gtld-servers.net.
com.                    172800  IN      NS      f.gtld-servers.net.
com.                    172800  IN      NS      g.gtld-servers.net.
com.                    172800  IN      NS      h.gtld-servers.net.
com.                    172800  IN      NS      i.gtld-servers.net.
com.                    172800  IN      NS      j.gtld-servers.net.
com.                    172800  IN      NS      k.gtld-servers.net.
com.                    172800  IN      NS      l.gtld-servers.net.
com.                    172800  IN      NS      m.gtld-servers.net.
com.                    86400   IN      DS      30909 8 2 E2D3C916F6DEEAC73294E8268FB5885044A833FC5459588F4A9184CF C41A5766
com.                    86400   IN      RRSIG   DS 8 1 86400 20230228050000 20230215040000 951 . Nsgbnjnw//d6X3/ROjj6hCWxpP9ygOeLmZiVRNq5l1PXRkra+htJJ0Ez oJOvNcoh+Q+hQmaafgLJYv/C21rzYl6YfFykNXNuFAnAUQLKnHeSIg7K WuPQ70rQJR74KQW2pRm9OjLw0pTyZVbAbTGQ89dmVM4fn8sL29/BLx0c 3u3s679XsruH+46kgulRkBvWOhYeght8JOk81EocWEPFKHILiFoQLDPA 0tDePjyoJOcQAXg1kfnPAwYL+nAkMd3ugXW0q/8Hmr5S5U7duFsFdRN/ 6w8YENccZPvEJUFZICnjAC2xp8XvfdZwqXvGWtxd0LvdeavB+ETf0DY3 Gj8cpg==
👉 Received 1175 bytes from 2001:500:2d::d#53(d.root-servers.net) in 96 ms

example.com.            172800  IN      NS      a.iana-servers.net.
example.com.            172800  IN      NS      b.iana-servers.net. 👈
example.com.            86400   IN      DS      31589 8 1 3490A6806D47F17A34C29E2CE80E8A999FFBE4BE
example.com.            86400   IN      DS      31589 8 2 CDE0D742D6998AA554A92D890F8184C698CFAC8A26FA59875A990C03 E576343C
example.com.            86400   IN      DS      43547 8 1 B6225AB2CC613E0DCA7962BDC2342EA4F1B56083
example.com.            86400   IN      DS      43547 8 2 615A64233543F66F44D68933625B17497C89A70E858ED76A2145997E DF96A918
example.com.            86400   IN      DS      31406 8 1 189968811E6EBA862DD6C209F75623D8D9ED9142
example.com.            86400   IN      DS      31406 8 2 F78CF3344F72137235098ECBBD08947C2C9001C7F6A085A17F518B5D 8F6B916D
example.com.            86400   IN      RRSIG   DS 8 2 86400 20230222051547 20230215040547 36739 com. ir5TxfIuGsvGGSH+GEedABwj4C/oKdaosxISQUUz4arUTTNKQwLcC/U2 FrFwDPyzLlC4pV25LRNOPA7/mB0sMsJE6SlBM8AEcbXAAWZpUm2bau4O MAA4jXmeSP2+ZDkqNiB0mKLZChMFyNdyzPL8jCX6IwFojPNJ8uUDzrTI L3oa8wxZrmucoQQOA0L6k37bGUZC+Q3nYPq8XjUocTO70g==
👉 Received 539 bytes from 192.43.172.30#53(i.gtld-servers.net) in 183 ms

www.example.com.        86400   IN      A       93.184.216.34 👈
www.example.com.        86400   IN      RRSIG   A 8 3 86400 20230306210247 20230213235814 17695 example.com. C9mf68Xj/iLEYD9K5vW9ddwSpebwv1K9QJTMxsp9BoRGso1sKPDr9YnL e2a55OAsyqltRXB+sUT6TZm7eoW8s4+TJ+4Gbr6h3eaALCTfTh19TDgq jn6UoAUXCJTj8P9l4DrTKHcTXdJYHMyZ0wnew91gxxzEDInWdXk3LNdR ZbY=
example.com.            86400   IN      NS      a.iana-servers.net.
example.com.            86400   IN      NS      b.iana-servers.net.
example.com.            86400   IN      RRSIG   NS 8 2 86400 20230222103419 20230201035831 17695 example.com. FnPJR9mA+ObjCdlWYZzlQzxw4OH8/ouULP2ulybrYW8T7c0OfxfPvgWf iJPOUn55gv4S5xhDHqEHGpb87yYDc4HC9qxuJtBFR4RiliEDuu4JOAdf Y6Sywb8gM2K48LpZjDqZmUU2JZmphZ3X5ecf2VTR8+2UPkrvvzj1SftM 5kc=
👉 Received 450 bytes from 2001:500:8d::53#53(b.iana-servers.net) in 405 ms

~ ❯                                                                                                                          L 1.77 RAM 1.31G 18:51:39

The terms used here are,

A - Actual Ip address of given domain. e.g: 93.184.216.34

NS - Name Server. e.g: b.iana-servers.net

TLD - Top Level Domain. e.g: .com

DNS Server Figure 2 : DNS Server

  1. A user opens a web browser, enters www.example.com in the address bar, and presses Enter. the browser starts by looking for the information in its own cache and the OS cache: if the user has opened the website recently, the data is probably still there. The browser obtains the required IP address from the cache, eg. 93.184.216.34 sends the query, and the page opens really fast.

  2. If the data is not available in the cache, the browser sends a query to the local ISP server, ie. JIO. It looks for the entry internally and replies with the relevant IP address 93.184.216.34 if it manages to find it.

  3. the request for www.example.com is routed to a DNS resolver ie 1.1.1.1 cloudflare DNS server, which is typically managed by the user’s internet service provider (ISP), such as a cable internet provider, a DSL broadband provider, or a corporate network. ie. JIO FibreNet.

  4. If the ISP provider doesn’t have the necessary information, the query is sent further to the root DNS server. The DNS resolver 1.1.1.1 for the ISP forwards the request for www.example.com to a DNS thirteen root name server. ie d.root-servers.net.

  5. The DNS resolver 1.1.1.1 forwards the request for www.example.com again, this time to one of the TLD name servers for .com domains. The name server for .com domains responds to the request with the names of the thirteen name servers that are associated with the example.com domain. i.e from a.gtld-servers.net to m.gtld-servers.net. The DNS resolver caches (stores) the that thirteen name servers. The next time someone browses to example.com, the resolver skips steps 3 and 4 because it already has the name servers for example.com. The name servers are typically cached for two days.

  6. The DNS resolver chooses k.gtld-servers.net name server and forwards the request for www.example.com to that name server b.iana-servers.net.

  7. The b.iana-servers.net name server looks in the example.com hosted zone for the www.example.com record, gets the associated value, such as the IP address for a web server, 93.184.216.34, and returns the IP address to the DNS resolver.

  8. The DNS resolver finally has the IP address 93.184.216.34 that the user needs. The resolver returns that value to the web browser.

  9. The web browser sends a request for www.example.com to the IP address 93.184.216.34 that it got from the DNS resolver. This is where your content is, for example, a web server running on an github.com that’s configured as a website endpoint.

  10. The web server or other resource at 93.184.216.34 returns the web page for www.example.com to the web browser, and the web browser displays the page.

Summary

  • DNS server (DNS resolver) converts our domain www.example.com to their corresponding Public IP 93.184.216.34

  • dig goes to DNS server in this case I am using Cloudflare DNS Server 1.1.1.1 in your case Google DNS server which is 8.8.8.8 and checking the root server which is called d.root-servers.net name server NS. then it go and check TLD domain which is called .com from d.root-servers.net

  • Then it go and check domain name which is called example.com from i.gtld-servers.net name server. Finally it reached the A Records 93.184.216.34 of www.example.com from b.iana-servers.net name server. Here, Our actual Public IP will stored.

References:

  1. Root Servers
  2. Google DNS Server
  3. Cloudflare DNS Server
  4. DALL·E 2
Networking, DNS
Cloudflare DNS Google DNS
This post is licensed under CC BY 4.0 by the author.
Recently Updated
Contents

Linear Regression

Understanding the Fundamentals of Web Server