What Is DNS and Why It Matters [Explained With Screenshots]

If you have a website, chances are you’ve taken great pain to find a domain name that fits. You had to consider a number of factors in the process - but most importantly, you had to switch on your creativity mode.

Not an easy task to come up with exactly the name that 1) speaks for your business, 2) grabs the public's attention, and 3) is still available for registration with a decent price tag.

But have you ever wondered what’s behind that name? How does it work? The answer lies in finding out what DNS is.

This will tell us what actually happens behind the scenes when a visitor types your domain! If you’re curious, read on!

Definition

The name of your website is key. Why? It’s the door through which the public gets to know your business and your ideas. That unique name is called a domain name.

Hard numbers also tell a story about the importance of domain names. Just the fourth quarter of 2020 closed with  366.3 million domain name registrations across all top-level domains. Another research shows that the total number of websites is about two billion. That kind of speaks for itself.

We use domain names to:

• become part of the online community
• share our ideas with a broader audience
• find certain information online

… and anything else our creativity can inspire. We remember those names, we bookmark them or save them for later - plenty of options.

Web browsers, on the other hand, use a different approach to find that same information we search for online. They use what is called an Internet Protocol (IP) address - a numeric sequence assigned to each device.

The Domain Name System or DNS is simply a naming system. It translates each domain name to a unique IP address, so your web browser knows where to find the information you want.

Each device connected to the internet has an IP address, which allows you to find it and connect to it.

The Domain Name System has its own hierarchy.

• On top of it sits the DNS root server. It contains a file that lists the names and IP addresses of all top-level domain names. This allows the server to translate the nice-looking domain to an IP and actually return the website.

There are 13 root servers operating globally, named with the letters from ‘A’ to ‘M’. They are managed by the Internet Corporation for Assigned Names and Numbers (ICANN).

• The Authoritative server is the type of server that ‘answers’ directly your query. It contains a DNS zone and it helps locate the correct DNS records to complete your request. When registering a domain, you get to set up two authoritative servers - a primary and a secondary one. They contain identical data - every single DNS record associated with your domain. The secondary server simply serves as a backup in case the primary is down. You can change those at any time. The change itself would take 24 to 48 hours to fully take effect.
• Another component in a DNS query chain is the recursive DNS server. It receives all DNS queries and it’s responsible for matching the hostname with its IP address.

How does that work?

> First, the resolver looks for the designated DNS records into the local cache.

> If that doesn’t work, it looks into the domain’s authoritative servers.

> The next place to go is the root server, where the resolver can get the details of the corresponding TLD nameservers.

> Finally, this helps you find the IP address of the domain you are looking for. Now you can actually access the site...

What Is DNS Server

Alright, we've established that computers communicate via IP addresses. Now we can easily understand what a DNS server is - a server that stores a database of IP addresses and their corresponding hostnames.

When you enter a certain domain in your browser, you actually send a query to the nameservers to look for its IP address. The domain’s server matches the IP address with the hostname, allowing you to access the requested domain name.

Once you try to access any domain in a browser or another application, you actually submit a query to certain DNS servers. The protocol that handles your request is called a DNS protocol and more specifically - User Datagram Protocol (UDP). It works on port 53 and it is used to send short messages. In case the response to your request is larger than 512 bytes, the Transmission Control Protocol (TCP) will be used instead.

The request you send triggers a DNS lookup associated with the given hostname. We’ll look into this in a bit!

How DNS Works

Now we have established some good ground. After all, we explained almost every term you can ever encounter that’s related to DNS.

Alright, let’s answer some more questions.

What is DNS and how it works?

DNS is a name resolution service, which operates on a global scale - and on all operating systems. It maps a domain name to its corresponding IP address.

In the past, there used to be local host files that mapped hostnames to IP addresses. The DNS of today handles millions of IP addresses and it’s been the most widely used mapping system today.

When we type a domain in a browser, we trigger a DNS query. Then, in the blink of an eye, a sequence of events happens behind the scenes.

1. First stop in this rapid journey is for the browser to send a request to your operating system and locate the corresponding IP address.
2. The operating system then sends the request to the Internet Service Provider (ISP). Each ISP has configured DNS servers called resolving servers.
3. The resolving server may not have the information about the location of the requested IP address; however, it points the query in the direction of the root servers.
4. Then, the resolving server finds the location of the top level domain nameservers - the authoritative nameservers. They contain the DNS records of the requested hostname.
5. Assigned to each registered domain, the primary and secondary authoritative nameservers hold a set of DNS records, among which lies the IP address of the domain name we seek.
6. The response given by the servers goes back to the resolving server which transfers the data back to the browser and voila - the page we wish to visit is displayed!

The entire DNS process goes through all the steps we mentioned in less than a second. However, the process can be and it is normally even shorter than that. At every stage of the process, the local cache is considered the first step of the way.

Cache is a powerful method to saving processing power, storage, and optimizing results. Your operating system, your internet services provider, the nameservers - all of them will check the local cache first. If the information is there, the IP address will be sent back and the process is completed.

Check out how DNS works diagram below:

What is a DNS zone record?

When you register a domain, you also receive nameservers space from the registering company or you can get it from somewhere else. This space creates the DNS pointers for your domain and directs various requests towards your domain.

Those entries are called DNS records and your domain name needs at least a few of them in order to be reachable online. There are many optional records with various purposes. We’re going to look into some of the fundamental DNS record types as well as some of the most widely used ones.

Nameserver records - indicate which authoritative nameservers are responsible for handling your domain’s DNS zone records.

DNS A record - indicates the IP address of your host name.

CNAME record - a canonical name record, responsible for forwarding your domain to another name.

MX records - mail exchanger records indicate the mailserver responsible for your domain.

DNS TXT record - resource records providing the ability to associate your host name to human-readable text about a server, network, or other information.

The DNS zone records contain a few different bits of information, associated with your domain name:

• the name of the record (provided by the hosting provider);
• TTL (time-to-live) indicator (indicates how often the DNS zone record is refreshed in seconds);
• type of the record (A, CNAME, MX, etc);
• and value of the record (provided by your hosting provider).

How To Check DNS Records

There are various ways to check on the DNS records zone for your domain name:

• For managing your personal domain name’s DNS zone records, you should use your domain’s control panel. Each domain name registrar provides access to one. There you can manage your records, renew or transfer your domain to another registrar or manage contact information.
• You can also choose between available online tools such as DNSChecker or MXToolbox.
• If you feel comfortable with the Terminal program (for Mac OS), the Command Prompt (on Windows), or the command line interface (for Linux OS), you can execute one of the following commands to locate the DNS records: dig, host or nslookup.

Command: dig

Type of record: A, MX, TXT, NS, etc.

Domain name: type the domain you seek DNS lookup for

> dig A techjury.com

The result of this query should give you the IP address of techjury.net.

How to perform DNS record lookup?

Again, you can use an online tool or type the following command in your command prompt:

Command: nslookup

Domain name: techjury.net

> nslookup techjury.net

DNS Practices

Of course, there are good and not-so-good practices when we speak about DNS. Being the most widely used resolution system on the internet today, DNS is a subject of great interest. The intentions are also polarizing.

To better understand how DNS works, we suggest you get familiar with some of the most common good and bad practices - and how they can affect the performance of your domains. Read on and get yourself equipped with knowledge and tips on the matter!

Staring with the good guys:

• Make sure you always have two DNS nameservers set up in the DNS zone of your domain name. A secondary server holding identical information as the primary ensures the functionality of your domain name, even if the primary server is down. Alternatively, your website, mail service, and other domain-related services won’t be accessible. Not good for business!
• Regularly audit your domain’s DNS zone and make sure every entry is up-to-date. You can do that directly through the DNS zone control panel or use one of the online DNS checking tools available or simply check the functionality of your domains and subdomains in a browser. An error message may be an indicator of malfunction of a DNS zone record among others.
• As simplistic as it may sound, you should always consider two-factor authentication when accessing your DNS zone provider (as well as anything else on the web).

Some bad practices:

• DNS pollution or DNS cache poisoning is among the most popular DNS attacks. It happens as a result of a spoofing attack, an interference aiming to alter information such as an IP address. As a result, a certain DNS request gets directed to that altered source. The hacker can modify the response to the DNS query and ultimately redirect the traffic to your domain name for their own profit, to gather sensitive details, or simply to harm your website’s reputation. As a precaution, you should consider enabling the DNSSEC extensions for your domain DNS zone. The method uses digital signatures ensuring the authenticity of a DNS response to a query. In case a message cannot be validated, your browser will not display the requested page. To enable these, you need to refer to your DNS provider for instructions.
• DNS resource exhaustion attacks - DNS resource utilization till the point where the targeted resource or service is completely exhausted and needs to be stopped or rebooted. Bandwidth, memory, CPU are some of the most targeted resources in question. The harm - while there’s a load of malicious requests to the DNS server which fill up the cache, the time for a resolution to other requests also increases. Such attacks are especially unpleasant for internet service providers (ISP).
• DNS leaks are a real threat to our online safety and anonymity. All our online activity is logged by our ISP and so our privacy is exposed when such leaks occur. As a precaution, you should consider a VPN solution. Make sure you perform a DNS leak test first.

There isn’t a silver bullet against such DNS attacks, unfortunately. However, you can monitor your DNS recursive server for an increase of queries to unique sub-domains or timeouts from a nameserver. This should ring a bell that something wrong is afoot.

Your best bet is to shortlist DNS providers that perform regular maintenance and monitoring of their DNS infrastructure.

We hope that you now have a better understanding of what is DNS, what it means for us as unique users of our mail, running our businesses online, sharing our interests with our fellow social media followers, etc.

If we managed to trigger your curiosity to explore further how DNS works, we did our job well!

Thanks and see you soon!