DNS

• Domain Name System
• Converts Domain Names into IP Address
• It is distributed
• Transport Protocol
  • DNS traditionally used UDP protocol, but due to security considerations TCP and other secure protocols like TLS are used in combination
• comics
  • https://howdns.works
  • https://howhttps.works
  • https://howdnssec.works
• experiment
  • https://messwithdns.net/
• RFC theory
  • https://powerdns.org/hello-dns/
• practical with commands
  • https://www.youtube.com/watch?v=Ah7fYex6Ups
• https://www.cloudflare.com/learning/dns/what-is-dns/
• Youtube: What happens when you type a URL into your browser?
• Youtube: How DNS really works and how it scales infinitely?
• https://www.nslookup.io/learning/

Questions

• A record
• CNAME record
• What is DNS query types
  • Iterative
  • Recursive

Check DNS Servers

• Generally your router is the DNS Server
• Your ISP can also act as DNS Server
• Windows

ipconfig /all

• MacOS

scutil --dns | grep nameserver | sort -u

Popular DNS Servers

• 8.8.8.8 — Google
• 1.1.1.1 — Cloudflare

Working of DNS

1. A user types example.com into a web browser and the query travels into the Internet and is received by a DNS recursive resolver
2. The resolver then queries a DNS root nameserver (.)
3. The root server then responds to the resolver with the address of a Top Level Domain (TLD) DNS server (such as .com or .net), which stores the information for its domains. When searching for example.com, our request is pointed toward the .com TLD
4. The resolver then makes a request to the .com TLD
5. The TLD server then responds with the IP address of the domain’s nameserver, example.com
6. Lastly, the recursive resolver sends a query to the domain’s nameserver
7. The IP address for example.com is then returned to the resolver from the nameserver
8. The DNS resolver then responds to the web browser with the IP address of the domain requested initially

DNS scale

• DNS Resolver
  • It is a server that that carries out the resolution of Domain Name to IP address
  • Typically runs at ISP, but you can run your own locally
  • This can also be your internet router
  • Most home routers are real DNS resolvers
  • It knows where to locate Root Name Server
  • It has already the list of Root Name Servers saved in Root Hints File and Root Zone File
    • It is generally pre-packaged with the DNS software
    • The file can be downloaded from: https://www.iana.org/domains/root/files
• Root Name server
  • In the world there are exactly 13 logical root name servers
    • a.root-servers.net — Verisign (USA)
    • b.root-servers.net — USC-ISI (USA)
    • …
    • m.root-server.net — WIDE project (Japan)
  • For list of servers
    • Map: https://root-servers.org/
    • IP: https://www.iana.org/domains/root/servers
  • Each of the logical root name server has fixed IP address
  • Each logical root name server is distributed in multiple physical root name servers
    • They all advertise the same IP address using anycast
    • This way, incoming request connect to nearest Root Nome Server
  • It saves info of TLD
    • gTLDs (generic TLD) — com, net, org etc.
    • ccTLDs (country code TLD) — us, uk, fr, jp, in etc.
    • internationalized ccTLD — .भारत, .한국
    • infrastructure TLDs (ARPA)
  • It returns IP of TLD server
• Top Level Domain (TLD) Name server
  • com, in, edu
  • When a domain is purchased, the domain registrar reserves the name and communicates to the TLD registry the authoritative name servers
  • It returns Authoritative Name Server Zone IP
• Authoritative Name server
  • An authoritative name server hosts multiple zones
  • All DNS records of a domain are part of Zone (logical entity)
    • google.com zone contains:
      • www.google.com
      • bard.google.com
      • photos.google.com
      • …
  • It answers DNS questions for the zones it owns
    • ns1.gns.com
    • ns2.gns.com
    • godaddy name server
    • aws name server
  • When you purchase name server, it is saved into their Authoritative name server
  • The Authoritative Name server is distributed across world for better load handling

DNS Caching

• DNS is cached on the client in multiple ways
• The cached DNS records have Time-to-Live (TTL) before the records are expired
• Caching Types
  • Browser DNS Caching
    • you can see in chrome: chrome://net-internals/#dns
  • Operating System (OS) level DNS Caching
    • Windows: ipconfig /displaydns
    • MacOS: Not straightforward
• If the cache is not found, then the DNS lookup request is sent to ISP which has DNS recursive resolver
• Recursive Resolver, Root Name Server, TLD Name Server all uses caching mechanism
• Authoritative Name Server acts as source of truth and do not have cache

flowchart
Client[Client<br>Query: dnsimple.com]
DNSResolver[DNS <br>Resolver<br> &lpar;Router or ISP&rpar;]
RNS[Root <br>Name Server <br/> &lpar;13 logical servers&rpar;]
TLDNS[.com TLD <br>Name Server]
ANS[ns1.dnsimple.com <br>Authoritative <br>Name Server]

Client-->DNSResolver
DNSResolver-->|Find nearest <br>via Anycast| RNS
RNS-->|.com TLD <br>Name Server IP| DNSResolver
DNSResolver-->TLDNS
TLDNS-->|ns1.dnsimple.com:198.241.10.51<br>ns2.dnsimple.com:198.241.10.51<br>...| DNSResolver
DNSResolver-->ANS
ANS-->|50.31.213.210| DNSResolver

FQDN and Hierarchy

• Fully Qualified Domain Name
• Domain name that is completely specified with all labels in the hierarchy of the DNS
• Domain Name: www.youtube.com
  • www.youtube.com.: FQDN
    • ends with dot .
    • . represents root of the tree
  • com: Top Level Domain (TLD)
  • youtube: Second Level Domain (SLD)
    • Sub-Domain of TLD
  • www: Third Level Domain
    • Sub-Domain of SLD

Hostname

• A hostname is a domain name that has at least one associated IP address
• www.example.com and example.com both have IP address, hence they both are host names
• com is just TLD, hence it is not a hostname

Common DNS records

• https://www.youtube.com/watch?v=bifh31N2hFQ
• Resource Record : RFC-1035, Section-3.2.1
  • A Record
    • Domain Name ⇒ IP
    • dnsimple.com ⇒ 104.245.210.170
  • CNAME Record
    • Canonical Name of Host name
    • www.dnsimple.com ⇒ dnsimple.com
  • MX Record
    • Mail Exchange
    • mail server to be used for domain
    • email: myname@example.com
    • example.com ⇒ smtp.example.com
  • TXT Record
    • Free Form Text
    • Contains verification records
    • mail security protocols
  • NS Record
    • Name Service Record
    • Delegate domain names to DNS provider
    • Tells what Name server to query for authoritative DNS information
  • SOA Record
    • Start of Authority Record
    • How DNS Zone with the name should operate

Reserved Domain Names

• IANA (Internet Assigned Numbers Authority) reserves domain names which cannot be registered
• Examples
  • example
    • used for documentation purposes
  • localhost
    • used as loopback address
    • points to 127.0.0.1
  • computer-name.local
    • used in link-local networking
    • used in multi-cast DNS

Multicast DNS

• aka mDNS
• used in small networks that do not have name server

hosts file

• https://en.wikipedia.org/wiki/Hosts_(file)
• It was created before the advent of DNS
• OS hosts file maps hostnames to IP addresses
• MacOS: /etc/hosts
  • Example of MacOS Sequoia

##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting.  Do not change this entry.
##
127.0.0.1       localhost
255.255.255.255 broadcasthost
::1             localhost

• Windows: C:\Windows\System32\drivers\etc\hosts
  • Example of Windows 11

?