Domain Name System

Last Update By Kim - June 21, 2020

In theory we could live without the Domain Name System (DNS) in the world of networking. It isn’t required for computers to communicate, but in practice it would be a complete nightmare without. Computers don’t answer to names like humans do, they answer to numbers or IP addresses. In the end computers can only think in binary and numbers, whereas humans are accustomed to think in names.

DNS was invented to bridge this gap between man and machine. At its most basic, DNS resolves domain names to IP addresses. You can think of it as the phonebook of the internet.

Consider this example: you want to do a quick google search on foxes and you open your web browser. In the world without DNS you would have to type in the IP Address of Google’s web server (216.58.207.206) to search for the foxes.

It would be a pain to remember that IP address every time you want to google something. Imagine you would have to remember all your favourite websites by IP addresses! The DNS protocol makes it much more user friendly for humans by resolving the domain name google.com to the correct IP address.

A DNS Journey

Let's go on a DNS journey and see which steps it takes to find a domain.
Your friend sends you an email with a link to check out this website:

http://www.galactanet.com/oneoff/theegg.html

When you copy the link to your web browser and hit enter - a long series of events happens to locate that page for you.

First the browser would check its local cache for galactanet.com and see if it has visited the website before. No need to waste resources for a lookup if you already know the address. If the IP address is unknown, the browser's next step is to ask the Operating System (OS), which also keeps a local cache.

If your OS does not have a local record of the site either, it would have to ask the DNS Resolver for help. A Resolver is a server that acts as a “first point of contact” in the DNS process. The DNS Resolvers location depends on your network setup. For typical home users, your router is configured to ask your Internet Service Provider (ISP)’s Resolver.

When your ISP receives the request it would first have to check its local DNS cache. This cache is usually quite large and stores many common domain names. That’s because the Resolver does not only serve you, but probably your whole town or neighborhood.

If your ISP is missing that domain name, the Resolver then needs to contact the root server for help. All DNS Resolvers must know where to locate a root server

To understand how the root server would handle your request for www.galactanet.com, we must first take a look at the DNS hierarchy. We need this system because no server on it’s own could ever possibly keep track of all 1.5 billion websites of the world.

The hierarchy can be seen as the backbone of the DNS system. It’s also called the tree structure because it looks like an inverted tree with the root servers at the top which goes all the way down to the branches at the bottom. When searching for a domain name, it always starts at the top and works its way down.

Root Zone

Root servers are always represented as a dot "." and are at the highest level of the DNS tree. The main purpose of these servers is to have an overview of all Top Level Domains (TLD).

When the root server receives your request for www.galactanet.com, it will only look at the last part of the domain name (“.com”). It does not care about anything else, it’s main job is to point to the correct TLD server.

Top Level Domains

Today there are thousands of different Top Level Domains and they are organised in two sub categories. Here are some examples:

Geographic
.dk Danish websites
.fr French websites
.es Spanish websites
.jp Japanese websites
Organizational
.com Commercial organizations
.edu Educational institutions
.org Nonprofit organizations
.net Abbreviation of network

It’s a really smart way to organise domain names. We can rule out millions of websites by just looking at the last part of the domain name first.

In the search of our website, the DNS Resolver has been pointed to the “.com” TLD server by the root server. The Resolver then asks the TLD server if it has knowledge about the domain, but sadly it doesn't know it.

In that case the TLD would have to find the authoritative name servers for the galactanet domain. However there are millions of .com domains, how can the ".com TLD" server find the correct authoritative name servers?

Second Level Domains

This is the main part of the domain name (galactanet). When a domain is purchased, the domain registrar reserves that name. It then communicates to the TLD registry with all the authoritative name servers associated with it. These name servers are usually operated and maintained by the domain registrar.

So when the DNS Resolver asks the TLD server, it can easily point to the correct authoritative name servers. Usually there are several name servers for reliability and redundancy purposes. With a simple lookup command we can check the nameservers by ourselves:

Windows:
nslookup -type=soa galactanet.com

Mac / Linux:
dig galactanet.com

From the output we can see that there are 3 name servers that handles DNS requests for galactanet.com:

  • ns1.dreamhost.com
  • ns2.dreamhost.com
  • ns3.dreamhost.com

Its fair to assume that the website is hosted by Dreamhost. The DNS Resolver we have sent on a mission are given this list in some unknown order. It might query the first server and if it does not reply, the Resolver would try the next one.

Subdomains

This is the last step in the DNS tree hierarchy. A subdomain is a division of a domain name that can be used to organize the existing website into a separate site. Larger companies can have many subdomains under the main domain name, such as:

  • developer.google.com
  • maps.google.com
  • mail.google.com
  • docs.google.com

The website we’re searching for has “www.” as the first part of the address. Therefore the Resolver asks the Name Server for the “www.galactanet” part.

One of the name servers at Dreamhost replies and says “Yes, I know the IP address for that domain. Here you go, the IP address you’re searching for is 69.163.153.172".

The DNS Resolver then travels all the way back to your browser and hands over the IP Address for the website. Along the way the Resolver has saved all the IP addresses of the servers it has visited to make future trips easier. Your PC can now successfully connect to the web server. Let's take a look at the full link to summarize:

1. The protocol used to load the website. In this case it's HTTP, but it could also be HTTPS or some other protocol like FTP.

2. The subdomain within the main domain name.

3. The main part of the domain. In the DNS hierarchy tree, it's the Second Level Domain.

4. The Top Level Domain. Root servers point to this when DNS Resolvers is requesting an unknown domain.

5. A directory on the web server it self.

6. This is the actual file your browser is requesting from the web server. We can see it's a HTML document, but it could also be a PHP file etc. (like this website)

Fully Qualified Domain Name

A fully qualified domain name (FQDN) is simply a domain name that specifies its exact location in the DNS tree hierarchy. It can only be interpreted in one way – it is a completely unique address for one and only one location.

Here is some examples:

  • “www.example.com”
  • “mail.example.com”
  • "ftp.example.com”

It’s not necessary to have a subdomain to find a particular domain name. For instance many websites today do not include “www.” in their URLs, and therefore are only partially qualified domain names.

Comments: