Now that you have a good understanding of what domain names are, let’s look at how DNS works.
HOW DOES DNS LOOKUP WORK?
DNS is an abbreviation for Domain Name System. It converts fully qualified domain names that humans understand into IP addresses that computers understand. It’s similar to an Internet address book in that it tells clients where to find resources.
The DNS system on the Internet functions similarly to a phone book in that it manages the mapping between names and numbers. DNS servers convert name requests into IP addresses, determining which server a user will reach when they enter a domain name into their web browser. These requests are known as queries.
The DNS relies on name servers.
The translation between domain name and IP address is made possible by a name server hierarchy. A name server is any server that can respond to a DNS query. So, if we want to know which IP address is associated with the domain www.google.com, we can ask the name servers.
Do not be confused when we refer to www.google.com as a domain when we previously referred to it as a website name and made a distinction between a domain name and a website name. Everything will become clear to you in a later tutorial. For the time being, all you need to remember is that it is a fully qualified domain name or FQDN.
The diagram below depicts how recursive and authoritative DNS services collaborate to route an end user to your website or application. In the following section, we will discuss what recursive and authoritative DNS Services are.
1. When your computer wants to find the IP address associated with a domain name, it first uses a DNS client to make a DNS query, which is usually a Web browser. A user launches a web browser and types www.google.com into the address bar before pressing Enter.
The first server your query interacts with is the recursive resolver. A recursive resolver is typically operated by an Internet Service Provider (ISP) such as AT&T or Verizon (or another third-party), and it knows which other DNS servers to query in order to resolve a site’s name with its IP address. In the diagram the client’s DNS Server is the recursive resolver. The recursive resolver knows which other DNS servers it needs to ask to answer your original query “What is the IP Address of www.google.com?”. The recursor can be compared to a librarian who is asked to locate a specific book in a library.
The authoritative name servers are the servers that actually have the required information.
2. A root server is the first type of DNS server with which the recursive resolver communicates. The root servers are located all over the world, and each one knows DNS information for top-level domains such as .com. To begin answering your query, the recursive resolver requests DNS information from a root server. Root servers can be compared to a library's index, which points to different racks of books. Typically, it serves as a reference to other more specific locations.
The ISP’s DNS resolver forwards the request for www.google.com to one of the TLD name servers for .com domains.
3. The address of the TLD name servers in charge of the TLD is returned by the root server. The root server returns the address of the TLD name server in charge of the .com TLD in our case.
4. Each top-level domain (TLD) name server stores DNS information for second-level domains (google.com) within the TLD(.com). Your resolver is now querying the domain name google.com on the TLD name server.
The top level domain(TLD) server can be compared to a specific book rack in a library. This nameserver hosts the final portion of a hostname (the TLD server in google.com is “com”).
5. The TLD name server responds with the IP address of the domain's name server, which provides the next puzzle piece. The TLD name server and authoritative name servers will be discussed further below.
In our case, the ns.example.com TLD name server returns the IP address of the authoritative name server, 18.104.22.168. We will call this authoritative name server 22.214.171.124.
6. The recursive resolver sends the query to the domain's name server. This final nameserver can be compared to a dictionary on a bookshelf, where a specific name can be translated into its definition. The last stop in the nameserver query is the authoritative nameserver.
7. If the authoritative name server has access to the requested record, it will return the IP address for the requested hostname to the DNS Recursor (the librarian) who made the initial request. The DNS server for the domain knows the IP Address for the full domain, google.com, and that answer is returned to the recursive resolver.
In our scenario, The 126.96.36.199 name server searches the google.com hosted zone for the www.google.com record, obtains the associated value, such as 188.8.131.52, and returns the IP address to the DNS resolver.
8. The ISP's DNS resolver now has the IP address that the user requires. That value is returned to the web browser by the resolver. The DNS resolver also caches (stores) the IP address for google.com for the duration you specify, allowing it to respond more quickly the next time someone visits google.com.
The web browser sends a request to the IP address obtained from the DNS resolver for www.google.com. This is where your content is. The web server or other resource at 184.108.40.206 returns the web page for www.google.com to the web browser, and the web browser displays the page. You will see the following web page if you typed www.google.com in your browser.
Now that you understand how DNS works, let us classify the DNS servers.
Classification Of DNS Servers
Recursive resolvers, root name servers, TLD nameservers, and authoritative nameservers are the four types of DNS servers. In a typical DNS lookup (when there is no caching in place), these four DNS servers collaborate to deliver the IP address for a specified domain to the client (the client is usually a stub resolver – a simple resolver built into an operating system).
The first stop in a DNS query is a recursive resolver (also known as a DNS recursor). The recursive resolver serves as a go-between for a client and a DNS nameserver. When a recursive resolver receives a DNS query from a web client, it will either respond with cached data or send a request to a root name server, followed by another request to a TLD nameserver, and finally to an authoritative nameserver. The recursive resolver responds to the client after receiving a response from the authoritative nameserver containing the requested IP address.
The recursive resolver will cache information received from authoritative nameservers during this process. When a client requests the IP address of a domain name that was recently requested by another client, the resolver can bypass the nameserver communication process and simply deliver the requested record from its cache.
The majority of Internet users rely on a recursive resolver provided by their ISP. However, there are other options.
Root Name Server
A root name server is a name server for the root zone of the Internet’s Domain Name System (DNS). It directly responds to requests for root zone records and responds to other requests by returning a list of the authoritative name servers for the appropriate top-level domain (TLD). The root name servers are an important component of the Internet infrastructure because they are the first step in converting human-readable host names into IP addresses, which are then used to communicate between Internet hosts.
There are 13 root name servers around the world operated by 12 different organizations. It’s worth noting that just because there are 13 root name servers doesn’t mean there are only 13 machines in the root name server system. There are 13 different types of root name servers, but each one has multiple copies all over the world that use Anycast routing to provide fast responses. If all the instances of root name servers were added up, there would be over 600 different servers.
Every recursive resolver knows the 13 DNS root name servers, and they are the first stop in a recursive resolver’s search for DNS records. A root name server accepts a recursive resolver’s query that includes a domain name, and the root name server responds by directing the recursive resolver to a TLD name server based on the domain’s extension (.com, .net, .org, etc.). The Internet Corporation for Assigned Names and Numbers (ICANN) is in charge of the root name servers.
A TLD name server manages all domain names that share a common domain extension, such as.com,.net, or whatever comes after the last dot in a URL. A .com TLD nameserver, for example, contains information for every website that ends in ‘.com’. After receiving a response from a root name server, the recursive resolver would send a query to a .com TLD nameserver, which would respond by pointing to the authoritative nameserver (see below) for that domain.
The Internet Assigned Numbers Authority (IANA), a division of ICANN, is in charge of managing TLD nameservers. The IANA divides TLD servers into two categories:
Generic top-level domains: These are domains that are not country specific, some of the best-known generic TLDs include .com, .org, .net, .edu, and .gov.
Country code top-level domains: These include any domains that are specific to a country or state. Examples include .uk, .us, .ru, and .jp.
When a recursive resolver receives a response from a TLD nameserver, the resolver is directed to an authoritative nameserver. The authoritative nameserver is usually the last step in the resolver’s journey for an IP address. The authoritative nameserver contains information specific to the domain name it serves (for example, google.com), and it can provide a recursive resolver with the IP address of that server found in the DNS A record, or if the domain has a CNAME record (alias), it will provide the recursive resolver with an alias domain, at which point the recursive resolver will have to perform a completely new DNS lookup to obtain a record from an authoritative nameserver (often an A record containing an IP address).
Simply put, an authoritative DNS server is a server that stores and manages DNS resource records. This is the server at the end of the DNS lookup chain that will respond with the requested resource record, allowing the web browser to reach the IP address required to access a website or other web resources. Because it is the final source of truth for certain DNS records, an authoritative nameserver can satisfy queries from its own data without needing to query another source.