DNS Does Not Have to be Hard

At a high level, DNS is a mapping between domain names and some data; mappings between domain names and IP addresses are most common.

When you enter chatgpt.com into your browser, DNS will retrieve the IP address linked to chatgpt.com:

Of course, there is a lot happening under the hood, and in this article, we will see exactly what happens.

I hope this explanation is something that ChatGPT cannot beat; otherwise, I didn't do a good job.

With that being said, let's dive in.

Before DNS

Before we delve into DNS, let's first understand what came before it.

Before the internet in the 1980s, we had ARPAnet, the very first packet-switched network at the time, and it was the predecessor of the modern internet.

ARPAnet used a HOSTS.TXT file to link domain names to network addresses for servers.

The file looked something like this:

The master HOSTS.TXT file was a single file maintained by Stanford Research Institute (SRI), which started to be a problem, but why?

• Increasing traffic and load on SRI's server to perform name resolution.
• Name collisions were becoming more common.
• The file size was becoming massive (100-200KB). This may not seem like a lot, but for the infrastructure in the 1980s, this was already becoming a bottleneck.

These were major problems and led to the development of DNS.

Enter DNS

DNS Architecture

DNS (Domain Name System) is best described as a distributed and hierarchical system. What do I mean by that?

• Distributed: It means that DNS operates across multiple interconnected servers (a.k.a. DNS Servers).
• Hierarchical: DNS is arranged in a tree structure, where the servers above govern the servers below; more on that later when we talk about DNS zones.

DNS Records

Now we understand that DNS is an arrangement of servers (DNS servers) in a tree structure which communicate with each other, but what do these servers store?

DNS servers will store DNS records. Here is an example:

Let's understand each attribute in detail:

NOTE: These are not all of the possible attributes, for an exhaustive list check out this link.

• Domain: This is the domain name on the internet, e.g. chatgpt.com.
• TTL: Time-To-Live (in seconds), it represents how long you should keep a DNS record before asking for a fresh one from an authoritative name server.
• CLASS: This is almost always going to be IN, which means "Internet". There are other classes, such as CH or HS but these are rarely used today.
• TYPE: This represents the category of data this record holds. The most common types are A (representing an IPv4 address), AAAA (representing an IPv6 address) and CNAME (meaning canonical name, and this lets you specify aliases for another domain).
• DATA: The actual information that you are looking up. The type of this data corresponds directly to the TYPE field.

DNS Zones

Remember how we said DNS is just one big tree of servers?

Well, a DNS zone could represent the entire tree, a subtree, or a single node within the complete DNS hierarchy.

In the illustration below, I've picked out two subtrees and labelled them as Zone 1 and Zone 2. However, zones can be labelled arbitrarily.

The key thing to note is that the DNS server located at the root of a zone is in charge of all servers below it. For instance, the server example is in charge of hello and world.

DNS Servers

The term DNS Servers is used very loosely, and this was a major point of confusion for me while learning DNS.

A DNS server is any server that runs DNS software, and there are exactly four types of DNS servers that you should be aware of:

1. Authoritative Name Servers - These servers hold DNS Records for the DNS zone they are in charge of. E.g. .com will store DNS records for any website ending with .com.
2. Recursive Resolver - A program that looks up DNS information on behalf of a client and caches the result. For example, if a client says "I want to visit www.example.com", the recursive resolver will abstract the complexity of the query and simply return an A record with the correct IPv4 address for example.com.
3. Caching Server - A server storing cached DNS queries for faster retrievals.
4. Forwarder - Acts as a proxy by forwarding DNS queries to another server that can resolve the query.

A DNS server can fulfil one or more of the roles above. For example, a recursive resolver can also be (and in practice usually is) a caching server.

DNS Example

Enough terminology, let's see a visualisation of how this all works together with an example of a client making an uncached query towards hello.world.com:

The request being made is A hello.world.com, which means we are querying the IP address for this domain.

NOTE: The stub resolver is NOT a DNS server, it simply interacts with the router's DNS server, which then acts as a forwarder.

Next, we need to perform the Recursive DNS search. Here's what that would look like:

After multiple queries and name server referrals, the authoritative name server for hello.world.com responds with 143.54.1.88, and now the browser can make an HTTP request to load the page.

This result is propagated back to the user through the ISP, Router, and Stub resolver, and gets cached at each point (typically for 1 to 72 hours).

Conclusion

DNS is tricky, not because it's inherently hard, but because there is a lot to take in.

Even with this explanation on the DNS concepts and the illustrative example, we have only scratched the surface of what DNS can do and its implications in the real world.

If you want to dive in further, here are the references for this article:

• https://en.wikipedia.org/wiki/List_of_DNS_record_types
• https://en.wikipedia.org/wiki/Domain_Name_System
• https://en.wikipedia.org/wiki/ARPANET