What is DNS

Using a simpler, more memorable name in place of a host’s numerical address dates back to the ARPANET era. Domain Name System (DNS) servers are responsible for locating and translating the addresses of websites we enter into web browsers to IP numbers. Imagine having to access your favourite sites through Internet Protocol (IP) numbers, memorizing sequences of numbers for each of them. We could get half a dozen of them at most, about the same number of phone numbers we can remember, right? For this there are domains and DNS servers around the world with the simple function of translating the WWW addresses used, such as our www.pxosys.com, to the corresponding IP number.
  
What is DNSWe can think of DNS as a layer of abstraction between what we want and how to get into a website. It acts as a gear which allows us to reach our favourite sites and important information. According to the Netcraft January 2018 Web Server Survey there are 1,805,260,010 (over 1.8 billion) websites. Yes, the Internet is very big. However, most of those websites get almost no visitors.

Simply enter the desired address then it is the servers responsibility for locating and translating to the corresponding IP number – and in a fraction of seconds. By default, we use the DNS service offered by the Internet Service Provider such as BT, Virgin Media, etc, but it is not mandatory to use it. It is possible to choose services that best meet our need, offering more performance, more security or even both, as in the case of Cisco Umbrella, or Google Public DNS.

 

 

 

 

 

How it Works?

 
To learn how this process works it helps to follow the trail of a DNS operation because it travels from an internet browser, through the DNS lookup method and back again. Let’s take a glance at the steps. Typically DNS lookup information will be cached either locally inside the querying computer or remotely in the DNS infrastructure. There are usually eight steps during a DNS operation. once DNS information is cached, steps are skipped from the DNS lookup process that makes it faster. the example below outlines all eight steps when nothing is cached.
 

  1. A user types ‘pxosys.com’ into a web browser and the query travels into the Internet and is received by a DNS recursive resolver.
  2. The resolver then queries a DNS root nameserver (.).
  3. The root server then responds to the resolver with the address of a Top Level Domain (TLD) DNS server (such as .com or .net), which stores the information for its domains. When searching for pxosys.com, our request is pointed toward the .com TLD.
  4. The resolver then makes a request to the .com TLD.
  5. The TLD server then responds with the IP address of the domain’s nameserver, pxosys.com.
  6. Lastly, the recursive resolver sends a query to the domain’s nameserver.
  7. The IP address for pxosys.com is then returned to the resolver from the nameserver.
  8. The DNS resolver then responds to the web browser with the IP address of the domain requested initially.

Once the 8 steps of the DNS lookup have returned the IP address for pxosys.com, the browser is able to make the request for the web page:

9. The browser makes a HTTP request to the IP address.
10. The server at that IP returns the webpage to be rendered in the browser (step 10).

 

 
Due to the importance of DNS it is necessary to guarantee its security, it is provided by DNS Security Extensions (DNSSEC), an encryption scheme that uses public and private keys to guarantee the authenticity of the WWW addresses. This is to ensure that when an address is consulted it will be translated to the correct IP number, avoiding internet scams. Also to allow faster browsing, many DNS servers offer detection of fake or infected sites and even parental protection to block adult content sites. The specialized DNS Security services are widely adopted from Small to Large Organisations World-Wide avoiding ransomware and other types of malware.
 

 

Conclusion

 
DNS is a widespread technology without having a real organised structured, scalable and fast DNS Internet would not be what we know today without our fast network infastructure. We live in a Digital world where our exponential growth is rapidly increasing the size of our networks and online data.
 
 

Ruben Cocheno
Ruben Cocheno

Ruben Cocheno is a CCIE Consultant who has been working in the Networking & Security Industry since 2004. His vast experience across different Large Organizations gave him a set of tools that allows him to design, implement and support solutions within many diverse network technologies becoming more agnostic driven. When he is not working you can find him Blogging (www.cocheno.com), mentoring young pupils on networking/security subjects, practicing outdoors sports, or reading.