Home / Articles / Introduction to DNS
Introduction to DNS
Domain Name System
The Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. Most prominently, it translates human-memorable domain names to the numerical IP addresses needed for the purpose of locating computer services and devices worldwide.
Domain Name Space
The domain name space consists of a tree of domain names. Each node or leaf in the tree has a label and zero or more resource records (RR) which hold information associated with the domain name. The domain name itself consists of the label, concatenated with the name of its parent node on the right, separated by a dot.
The tree sub-divides into zones beginning at the root zone. A DNS zone is a particular portion of the domain name space. Each zone is served by a DNS server which holds all the information about the names in that zone. Zones can be delegated to other organizations to manage. The Internet root zone is managed by IANA (Internet Assigned Numbers Authority).
Root Servers
The DNS root zone is served by 13 server clusters (labelled A through M), operated by 12 organizations. The actual number of physical servers is much higher — anycast routing is used so that requests reach the nearest physical server. The root name servers are a critical part of the Internet infrastructure.
Authoritative Servers
An authoritative name server is a name server that only gives answers to DNS queries from data that have been configured by an original source, for example, the domain administrator or by dynamic DNS methods, in contrast to answers obtained via a query to another name server that only maintains a cache of data.
An authoritative-only name server returns only answers to queries about domain names that have been specifically configured by the administrator. It will return an authoritative answer for queries within its zone.
Caching and Recursive Resolvers
A caching name server stores DNS query results for a period of time determined in the configuration of each domain name's time-to-live (TTL). Resolvers store the records in a cache and use the cached data to answer subsequent queries, making resolution faster.
A recursive resolver (also known as a recursive name server) is a DNS server that receives the query from a stub resolver (client) and then does the legwork of querying root, TLD, and authoritative servers on behalf of the client. Most users get their recursive resolver from their ISP or use a public one such as 8.8.8.8 (Google) or 1.1.1.1 (Cloudflare).
DNS Configuration
On Linux/Unix systems, the DNS resolver configuration is stored in /etc/resolv.conf. The hosts file at /etc/hosts can override DNS for specific names. The /etc/nsswitch.conf file controls the order in which name resolution sources are consulted.
A typical /etc/resolv.conf entry looks like:
nameserver 8.8.8.8
nameserver 8.8.4.4
search example.com
domain example.com
Iterative vs Recursive Resolution
Recursive resolution: The DNS client asks a DNS server to fully resolve the query on its behalf. The server queries other servers as needed and returns the final answer to the client.
Iterative resolution: The DNS client receives the best answer the server currently has — which may be a referral to another server. The client then contacts that other server directly and repeats the process until it gets the final answer.
In practice, stub resolvers (on end-user machines) use recursive queries to their configured recursive resolver, and the recursive resolver uses iterative queries to walk the DNS hierarchy from root servers down to authoritative servers.
Common Record Types
| Record | Purpose |
|---|---|
A |
Maps a hostname to an IPv4 address |
AAAA |
Maps a hostname to an IPv6 address |
CNAME |
Alias from one hostname to another |
MX |
Mail exchange — where to deliver email |
TXT |
Arbitrary text — used for SPF, DKIM, domain verification |
NS |
Nameserver records for a zone |
SOA |
Start of Authority — authoritative information about a zone |
PTR |
Reverse DNS — maps an IP address back to a hostname |
TTL and Caching
Every DNS record has a Time To Live (TTL) — a value in seconds that tells resolvers how long to cache the answer. A TTL of 3600 means the record can be cached for one hour. When you change a DNS record, propagation time across the Internet is largely determined by the TTL of the old record. Lowering the TTL before making a change is good practice so propagation happens more quickly.