The Domain Name System or DNS server is a server specifically designed for matching website hostnames (like yourdomainname.com) to their corresponding IP or Internet Protocol addresses. Consider a DNS server as a colossal internet phonebook. This contains all the addresses necessary to render domain names as their web pages to the end-user. Every device connected to the internet contains a unique IP address which helps identify it called IPv4 or IPv6 protocols. Similarly, web servers hosting websites behave the same way. For example, the IP address of one of Hosting.uk’s servers located in mainland Europe is 188.8.131.52.
DNS servers act as a repository of millions of numbers and help us avoid memorizing the long numbers.
An important point to remember: IP addresses contain a combination of numbers. In the IPv6 system there are more complex alphanumeric codes.
In other words, a DNS server does the heavy lifting of connecting us through the internet. The best DNS server automatically translate the names of a website, into numbers so the server can load the correct web page.
Table of Contents
A Quick introduction to domain name systems
To better understand the role of a DNS Server, it is first imperative to know about the Domain Name System. A Domain Name System stripped down to its basic form is a phonebook. It’s sole purpose is to help us connect to webpages. In the same way, we lookup an individual’s phone number in a phonebook, the DNS matches a website or domain name to the corresponding IP address.
What is a server?
Simply put, a server is a device or a program dedicated to rendering services to other programs. This is often referred to as clients. DNS clients, which are nowadays built into most modern mobile operating systems and desktops enable web browsers to interact seamlessly with the best DNS server.
What does DNS stand for?
To reiterate, a DNS is a system that holds records of domain names and their corresponding IP addresses. DNS stands for domain nameserver and it enables web browsers to find the correct IP address that corresponds to a URL, hostname/domain. When we try to access a website, we typically type Google or yahoo, into the address bar. At this point, your web browser needs to find the exact IP address so that it can load the content from the website.
A DNS server acts as a translator as it converts domain names to IP addresses enabling the resources to be loaded from the website’s server.
In some instances, websites can have more than one IP address corresponding to one domain name. For example, mega-sites like Google will have users querying a server from various parts of the world at once. The server that a computer from Hong Kong tries to query will possibly be different from the one a different computer from say Mexico. Even in a scenario where you enter it in the browser at the exact time.
DNS caching involves the storage of DNS data on the DNS records near a requesting client. The process enables faster DNS query resolve. This eliminates the problem of additional queries further down the line and it improves page load times and bandwidth consumed.
DNS records stored in the DNS cache for an amount of time is the ‘time to live’ or TTL. A TTL (period of time) is imperative as it determines how fresh the DNS records are and whether or not it matches recent updates made to IP addresses.
DNS caching can be created either at the browser level or at the operating system – OS level.
Browser DNS caching
Subsequently, web browsers typically store DNS records for a set period of time, it is normally the first place checked when an end-user makes a DNS record. From the browser, there are fewer steps for checking the DNS cache and creating the DNS request to an IP address.
Operating System (OS) Level DNS Caching
Once a DNS query departs an end user’s device, the next destination where a match is sought after is at the operating system level. Stub resolver is a process carried out inside the operating system, which checks its DNS cache to ensure it has the record. If it doesn’t have the record, the query is then sent outside of the local network to the Internet Service Provider (ISP).
How does a DNS work?
Remember, a DNS is responsible for translating the website or web page name, to the IP address. When you type the domain name, we call this a DNS query and the DNS resolution is the process of finding the corresponding IP address.
A DNS query can fall under three types: a recursive query, non-recursive query, or iterative query.
- Recursive query: When a DNS server responds with the requested resource record it is a recursive query. If a record isn’t found, the DNS client reflects an error message.
- Non-recursive query: These are queries that are resolute by a DNS resolver when the resource is available. This is either because the server is authoritative, or the resource is in the cache.
- Iterative query: With these types of queries the DNS client will continually request a response from numerous DNS servers until the best response is found, or a timeout error occurs. If the DNS server is unable to match the query, it will refer to a DNS server that is authoritative for a lower level of the domain namespace. This referral address is then queried by the DNS client. The aforementioned process is continued with additional DNS servers.
Different types of DNS Servers
When you enter in a DNS query it goes through a few different layers or servers before there is a resolution.
- DNS recursor: These types of servers are specifically designed to receive incoming queries from client machines. It tracks the DNS record and creates additional requests to meet the DNS queries from the client. The number of requests can be decreased using DNS caching only when the resources requested are returned to the recursor early in the lookup process.
- Root name server: The purpose of this server is to translate the human-friendly hostnames or domain names into computer-friendly IP addresses. The root server takes the recursor’s query and sends it to the TLD nameservers in the next step, dependent on the domain name seen in the query.
- Top-Level Domain (TLD) nameserver: These are responsible for information maintenance about the domain names. For example, a TLD nameserver can contain information pertaining to websites that end with the TLD extensions like .com or .org or country-level domains like www.yourwebsite.co.uk and others. The TLD nameserver receives a query from the root server and points it to the authoritative DNS nameserver related to the query’s specific domain.
- Authoritative nameserver: In the final step, the authoritative DNS nameserver will return the IP address to the DNS recursor. This way, it can relay it back to the client. The authoritative DNS nameserver is the server at the end of the lookup process that maintains the DNS records. Consider it the last stop or the final authoritative source of truth in the process.
DNS Lookup versus DNS Resolver
A DNS lookup is the process by which a DNS server returns a DNS record. A DNS lookup involves the query of the hostname from the web browser to the DNS lookup process on the DNS server and back again. The server carries out the first step of the DNS lookup process. This starts the sequence of steps that ends in the URL being decoded into the IP address for loading the web pages is known as a DNS resolver.
First, the user-entered domain name (hostname) query travels from the web browser through the internet. Then the DNS recursive resolver intercepts. The recursive DNS server then sends a query to the DNS root server which replies with the address of the TLD server responsible for storing the domains.
The resolver then creates a DNS request for the corresponding domain’s TLD. After it receives the IP address of the domain nameserver. As a final step, the recursive DNS server queries the domain nameserver and is then returned with the IP address to send to the web browser. Subsequently, at the end of this DNS lookup process, the browser can then submit a query for individual web pages through HTTP requests.
These steps make up a standard DNS lookup process. However, these steps can also be shortened via the use of DNS caching. DNS caching allows for the storage of the DNS lookup information locally on the browser. The OS (operating system), or a remote DNS infrastructure, allows it to skip some of the steps in the process for quicker loading of a web page.
What else do DNS servers do?
DNS is the defining system for DNS protocol. A DNS protocol is a communication exchange and data structure that is specified in detail and used in the DNS. This comes under the umbrella of the Internet Protocol Suite (TCP/IP). Furthermore, the DNS keeps a blackhole list of IP addresses known for sending spam emails. Mail servers, therefore, can be configured based on this blackhole list to flag or reject messages that are suspected of being spam.
What happens when a DNS Server Fails?
DNS servers can file for a multitude of reasons, such as power outages at the server site, cyberattacks led by cybercriminals, and hardware malfunctions. During the earlier days of the internet, DNS server outages had a moderately high impact. However, thankfully, today we have advanced beyond that and there is a lot of redundancy built into DNS servers.
For example, there are multiple instances of the root DNS servers, TLD nameservers, and most ISPs (internet service providers) have implemented backup recursive resolvers for their users.
Additionally, individual users can opt to use public DNS resolvers. In fact, most popular websites also have numerous instances of their authoritative nameservers with built-in redundancy.
In the event of a major DNS server outage, some users may experience delays in web page load. This is because of the number of requests being received by backup servers. However, it would probably take a DNS outage of a colossal proportion to make a significant area of the internet unavailable. Something like this happened in 2016 when DNS provider Dyn was the victim of one of the largest-scale DDoS attacks in internet history.
DNS and DDoS Attacks
When it comes to the vulnerability of DNS servers, they are most often targeted by cybercriminals using two methods. These popular DDOS attacks target DNS servers. They aim to knock a portion of the internet out, they are DNS amplification attacks and DNS flood attacks.
- DNS amplification attacks are reflection-based DDoS attacks. This is where the attacker sends spoofed look-up requests to an open DNS server. The server then responds to the targeted victim. The attack is amplified because the requested data sent by the ‘cyberattacker’ is smaller than the response data received by the victim.
- In a DNS flood attack, the ‘cyberattackers’ attempt to overwhelm the DNS servers for a particular zone of the internet. They hope to disrupt legitimate traffic to that zone. This type of DDoS attack is generally carried out by using a botnet to overwhelm a DNS resolver with lookup requests.
We hope this article was informative and gave you a full rundown of what DNS servers are. Now you know how they work and how integral they are to the overall function of the internet. At Hosting.uk we offer DNS management and reliable hosting to cater to a wide scope of needs. Register your domain today and launch your website of the most secure UK hosting network.