Understanding How DNS Resolution Works
What is DNS
Let's start with full name of DNS. Domain Name System. It is a system which translate human readable Domain Names to Machine readable IP address.
Why need Domain Names
We need Domain Name of server in order to connect with it, in human readable format. For example google.com. One can simply understand that we want to connect with Google. One can also typein IP address of Google directly, but it is not human friendly and Google might change IP, which is troublesome. ### Why Domain Name Resolution Domain Name Resolution is a system that bridges between human-friendly Domain Names and machine-friendly IP addresses. It maps Domain Names to IP addresses. DNS is just like phonebook of internet.
DNS is centralised? Why ?
DNS is a system that is not centralised. Because one centralised system can't resolve all IPs on the internet, and it can't be scalable. DNS is De-centalised. Domain Name Resolution is iterative process.
How DNS works
We will see how DNS works.
For this we shall use a command-line utility named dig (Domain Information Grapper). It is used to query DNS servers and inspect DNS records. Open a terminal of your choice and typein dig google.com.
DNS is hierarchyal. Typically DNS resolution flows through three logical layers:
Root name servers :
- Root servers do not know IP of queried Domain Name (google.com), but they give IP of TLD servers, such as
.comTLD server. This starting of recursion. - There are 13 root servers. There are more than 1900 implementations of root servers.
- One can query root servers by running
dig . NSin terminal.
- Root servers do not know IP of queried Domain Name (google.com), but they give IP of TLD servers, such as
TDL (Top Level Domain) name server : They are referred by root server.
- TLD servers maintain delegation of all TLD records r that particular TLD. Such as
.comrecords are maintained by.comTLD servers. TLD server prrovide IP of Authoratative name server. dig com NSordig in NSare the commands for querying TLD servers.
- TLD servers maintain delegation of all TLD records r that particular TLD. Such as
- Authoratative name server :
- Authoratative name server holds DNS records such as A/AAA, proving final IP address.
dig google.com NSreturns IP of Authoratative Name Server. After all this recursion, requesting host gets resolved IP of desired server. Then TCP and TLS connection happens and then https request happens. All this recursive process happens only if resolved IP is not cached in requesting host.
Types of DNS Records
After this complete recursive DNS resolution, when one gets IP of Authoratative Name server, that Authoratative Name server holds DNS records. These DNS records tell which server t connect to or which who receives email for this server.
- A record :
- A record simply maps domain or subdomain (example.com) to IPv4 address (like 172.23.46.107).Meaning if someone visits
example.com, then they should connect to172.23.46.107. - Domain or subdomain can have multiple A records. For Load balancing and Fail over server.
- A record simply maps domain or subdomain (example.com) to IPv4 address (like 172.23.46.107).Meaning if someone visits
- AAAA Record :
- AAAA record is just like A record but for IPv6 addresses.
- AAAA record maps domain or subdomain to IPv6 address (such as 2001:db8::1).
- Domain or subdomain can have both A and AAAA record. Clients supported by IPv6 address shall prefer AAAA record, while others use A record.
- CNAME Record :
- CNAME records points to another Name, which hold A/AAAA record.
- for example
blog.xyz.inhas CNAME recordhashnode.network. This is just CNAME record. But actual IPv4 address is resolved onhashnode.network(which is holding A/AAAA record poining to IP of blog). - CNAMEs simplify hosting with SaaS, as one can point own domain or subdomain to them and they handles IPs behind it.
- MX Record :
- MX is for Mail Exchange.
- MX record holds hostname (such as
mail.example.com) to which mail is to be delivered. - MX record does not point to IP address, but points to hostname. That hostname must have its own A/AAAA records.
- TXT record :
- TXT record stores free form text data associated with domain, for machines rather than humans.
- Common uses include SPF, DKIM, and DMARC email-authentication data, and ownership verification for services like Google Workspace or Microsoft 365.
- NS Record :
- NS record points which Name Servers to use for your DNS Hosting.
- Usually your Domain Registry holds DNS records, but for reason you want another DNS hosting service, then you can add NS record (in your Domain Registry) pointing to Name Server of another DNS Hosting provider.