DNS Uncovered: How the Internet’s Address Book Powers Cloud Connectivity

What is DNS?

‍

The Domain Name System (DNS) serves as the phonebook of the Internet. When humans access information online, they typically use domain names such as http://nytimes.com or http://espn.com. Web browsers then interact through Internet Protocol (IP) addresses. DNS plays a crucial role in translating these domain names to IP addresses, enabling browsers to load Internet resources effectively.

Every device that is connected to the Internet is assigned a unique IP address, which serves as its identifier for communication with other devices. DNS servers play a crucial role in translating domain names into these numerical IP addresses, sparing users from having to remember complex strings of numbers and characters. For example, IPv4 addresses like 192.168.1.1 or more intricate alphanumeric IPv6 addresses such as 2400:cb00:2048:1::c629:d7a2 are managed by DNS servers to simplify accessibility on the web.

‍

How does DNS work?

‍

The DNS resolution process includes the conversion of a hostname (such as http://www.example.com) into an IP address (such as 192.168.1.1). Each device on the Internet is assigned an IP address, which is essential for locating the corresponding Internet device - similar to how a street address is used to locate a specific home. When a user intends to load a webpage, there needs to be a translation between what the user inputs into their web browser (http://example.com) and the machine-friendly address required to access the http://example.com  webpage.

Understanding the process behind DNS resolution requires learning about the various hardware components that a DNS query must pass through. For web browsers, DNS lookup occurs "behind the scenes" and does not require any interaction from the user's computer apart from the initial request.

‍

DNS server types

‍

There are 4 DNS servers involved in loading a webpage:

• DNS resolver: The DNS resolver (also known as a DNS recursive resolver) can be likened to a librarian tasked with locating a specific book within a library. Its role involves receiving queries from client machines via applications like web browsers and subsequently fulfilling the client's DNS query by making further requests as necessary.
• Root nameserver: The root server plays a crucial role in the process of translating human-readable host names into IP addresses. It can be likened to an index in a library, directing users to different sections where specific information is stored.
• TLD nameserver: The top-level domain server (TLD) can be likened to a particular rack of books in a library. This nameserver represents the subsequent stage in locating a specific IP address, and it manages the final segment of a hostname (In http://example.com, the TLD server is "com").
• Authoritative nameserver: The ultimate nameserver can be likened to a dictionary on a shelf of books, where a particular name can be converted into its meaning. The authoritative nameserver serves as the final destination in the nameserver query process. If the authoritative name server has the requested record, it will provide the IP address for the requested hostname to the DNS Recursor (the librarian) that initiated the request.

‍

Authoritative DNS server and recursive DNS resolver

‍

Both concepts refer to servers (groups of servers) that are integral to the DNS infrastructure, but each performs a different role and lives in different locations inside the pipeline of a DNS query. One way to think about the difference is that the recursive resolver is at the beginning of the DNS query and the authoritative nameserver is at the end.

Recursive DNS resolver

The recursive resolver plays a crucial role in responding to recursive requests from clients and taking the necessary time to track down DNS records. It achieves this by making a series of requests until it reaches the authoritative DNS nameserver for the requested record, or times out or returns an error if no record is found. Fortunately, recursive DNS resolvers can leverage caching as a data persistence process to minimize the need for multiple requests, thereby serving the requested resource record earlier in the DNS lookup process.

‍

‍

Authoritative DNS server

In simple terms, an authoritative DNS server is a server that holds and is responsible for DNS resource records. It serves as the bottom of the DNS lookup chain, responding with the queried resource record to enable web browsers to access websites or other web resources by reaching the necessary IP address. An authoritative nameserver can fulfill queries from its own data without relying on another source, serving as the ultimate source of truth for specific DNS records.

‍

It is important to note that when dealing with a query for a subdomain like foo.genesiscloud.com or blog.genesiscloud.com, an extra nameserver will be included in the sequence following the authoritative nameserver. This additional nameserver is responsible for storing the CNAME record of the subdomain.

‍

Authoritative servers play a crucial role in domain name resolutions within their specific domain. These servers store the accurate name-to-IP address mappings for a given domain, and they are responsible for providing the definitive answer when queried. While caching mechanisms exist to expedite domain name resolutions, it is the authoritative servers that offer the correct and final response. Domain owners or administrators configure their domain's records, but the maintenance and operation of the actual infrastructure (the DNS servers) are often handled by DNS hosting providers or registrars such as Cloudflare, Namecheap, GoDaddy, and others.

‍

How does DNS lookup work?

‍

In most cases, DNS primarily deals with translating a domain name into the corresponding IP address. Understanding how this process unfolds involves tracing the journey of a DNS lookup from a web browser, through the lookup process, and back again. Let's delve into each step.

Please note that DNS lookup information is often cached either locally within the querying computer or remotely in the DNS infrastructure. A standard DNS lookup comprises 8 steps; however, when information is cached, certain steps are omitted from the process to expedite it. The following example illustrates all 8 steps when no caching occurs.

The 8 steps in a DNS lookup:

1. When a user enters 'http://example.com' into a web browser, the query is transmitted over the Internet and reaches a DNS recursive resolver.
2. The resolver first queries a DNS root nameserver (.).
3. The root server responds to the resolver with the address of a Top Level Domain (TLD) DNS server (such as .com or .net), which stores the information for its domains. When searching for http://example.com, our request is directed toward the .com TLD.
4. The resolver proceeds by requesting the .com top-level domain (TLD).
5. The TLD server will respond with the IP address of the domain’s nameserver, such as http://example.com. This process helps in mapping domain names to their respective IP addresses for efficient internet communication.
6. Finally, the recursive resolver sends a query to the domain’s nameserver.
7. The IP address for http://example.com is subsequently sent back to the resolver by the nameserver.
8. The DNS resolver responds to the web browser by providing the IP address of the initially requested domain.

After the 8 steps of the DNS lookup have successfully provided the IP address for http://example.com, the browser can proceed to request the web page.

9. The browser initiates an HTTP request to the specific IP address.
10. The IP address of the server is responsible for delivering the webpage content to be displayed in the web browser.

‍

‍

DNS resolver

‍

The DNS resolver plays a crucial role in the DNS lookup process. It is responsible for handling the initial client request and initiating a series of queries that ultimately result in translating a URL into the required IP address.

It's important to note that a typical uncached DNS lookup will involve both recursive and iterative queries.

It is crucial to distinguish between a recursive DNS query and a recursive DNS resolver. The query pertains to the request made to a DNS resolver, which necessitates the resolution of the query. A DNS recursive resolver is a computer that receives a recursive query and handles the response by initiating the required requests.

‍

‍

DNS queries

‍

During a typical DNS lookup, three types of queries are involved. By utilizing a combination of these queries, it is possible to optimize the process for DNS resolution and reduce the distance traveled. In an ideal scenario, cached record data will be accessible, enabling a DNS name server to provide a non-recursive query.

There are 3 types of DNS queries:

1. Recursive query: In a recursive query, a DNS client needs a DNS server (usually a DNS recursive resolver) to provide the client with either the requested resource record or an error message if the resolver is unable to locate the record.
2. Iterative query: In this scenario, the DNS client enables a DNS server to provide the most accurate response available. If the queried DNS server lacks a match for the query name, it will issue a referral to a DNS server that has authority over a lower level of the domain namespace. The DNS client will then send a query to the referred address. This sequence persists with successive DNS servers along the query chain until an error or timeout occurs.
3. Non-recursive query: This situation usually arises when a DNS resolver client requests a DNS server for a record that is within its authority or already exists in its cache. DNS servers commonly cache records to reduce bandwidth usage and alleviate the load on upstream servers.

‍

DNS caching

‍

Caching aims to temporarily store data in a location, leading to enhancements in performance and reliability for data requests. DNS caching specifically entails storing data closer to the requesting client, enabling earlier resolution of DNS queries and reducing the need for additional queries further down the DNS lookup chain. This ultimately improves load times and reduces bandwidth/CPU consumption. DNS data can be cached in various locations, each of which will retain DNS records for a specific amount of time determined by a time-to-live (TTL).

‍

Browser DNS caching

Modern web browsers are configured to automatically cache DNS records for a specific duration. This design choice aims to streamline the process by minimizing the number of steps required to access the cached information and send requests to an IP address. When a DNS record is requested, the browser cache is the primary location examined for the desired record.

To view the status of your DNS cache in Chrome, simply navigate to chrome://net-internals/#dns.

‍

Operating system (OS) level DNS caching

The DNS resolver at the operating system level serves as the penultimate stop within your local environment before a DNS query is transmitted from your device. This process, known as a "stub resolver" or DNS client, is responsible for managing such queries. Upon receiving a request from an application, the stub resolver initially examines its internal cache to determine if it contains the requested record. If not found, it proceeds to dispatch a DNS query (with a recursive flag enabled) beyond the local network to a DNS recursive resolver situated within the Internet service provider (ISP).

When the recursive resolver within the ISP receives a DNS query, it will proceed to verify if the requested host-to-IP-address translation is already stored inside its local persistence layer, just as in previous steps.

The recursive resolver possesses additional functionality based on the types of records stored in its cache.

1. If the resolver lacks the A records but possesses the NS records for the authoritative nameservers, it will directly query those name servers, bypassing multiple steps in the DNS query. This shortcut avoids lookups from the root and .com nameservers (in our search for http://example.com) and expedites the resolution of the DNS query.
2. If the resolver does not possess the NS records, it will send a query to the TLD servers (.com in our case), bypassing the root server.
3. In the rare circumstance that the resolver lacks records pointing to the TLD servers, it will proceed to query the root servers. This situation usually arises after a DNS cache has been cleared.

‍

DNS use cases

‍

DNS offers a variety of services that are essential for the smooth operation of the Internet. Here's a visual representation outlining the range of services offered by DNS.

Below, we will outline some of the essential services provided by DNS.

‍

Host-to-IP address mapping

DNS, or Domain Name System, plays a crucial role in maintaining a database of domain names and their associated IP addresses. This mapping is fundamental for enabling devices to find and communicate with each other on the internet.

Consider the domain name "http://www.genesiscloud.com". Host-to-IP address mapping involves determining the IP address associated with this domain, such as "172.67.21.11".

‍

Host aliasing

DNS supports a feature commonly known as host aliasing, enabled through CNAME (Canonical Name) records. This allows a single IP address or primary domain name to be associated with multiple domain name aliases.

Let's delve into the process step by step. Consider the primary domain "http://genesiscloud.com". It's important to ensure that your website is accessible not only via "http://genesiscloud.com", but also through various aliases such as "http://www.genesiscloud.com ", "web.genesiscloud.com", and "http://blog.genesiscloud.com". By configuring the appropriate CNAME records in DNS, all these aliases can be directed to the primary domain "http://genesiscloud.com". Consequently, users will be able to access your website using any of these domain names, all leading to the same destination IP address.

‍

Email Routing

DNS plays a vital role in the routing of emails through MX records. These records enable a domain to designate which mail servers are accountable for receiving email messages on its behalf, providing flexibility in email configurations.

For instance, consider the primary mail server assigned to receive emails for the "http://genesiscloud.com" domain as "mail.genesiscloud.com". It may be necessary to create distinct email addresses, such as those ending in "@sales.genesiscloud.com" or "@support.genesiscloud.com", while still directing all incoming mail for these addresses to the "mail.genesiscloud.com" server. By setting up MX records correctly, emails sent to any of these addresses will be directed to the designated primary mail server.

‍

IP-to-host address mapping

DNS, or Domain Name System, serves as a crucial component in translating domain names to IP addresses. In addition to this primary function, DNS can also conduct reverse lookups by translating IP addresses back to domain names. This capability is particularly valuable for security measures and logging activities.

‍

Load balancing

DNS operates by distributing incoming network traffic across multiple servers through the use of different IP addresses in response to the same domain name query. This method effectively balances the load and enhances the performance and reliability of online services.

‍

As we continue exploring the key components of networking in the cloud, our next article will dive into Load Balancing—a vital technique for distributing traffic across multiple servers to ensure high availability, reliability, and performance. Stay tuned!

‍

Keep accelerating

The Genesis Cloud team 🚀

Never miss out again on Genesis Cloud news and our special deals: follow us on Twitter, LinkedIn, or Reddit.

Sign up for an account with Genesis Cloud here. If you want to find out more, please write to contact@genesiscloud.com.