1. How DNS works
DNS is the technology that translates human-adapted, text-based domain names to machine-adapted, numerical-based IP. When users type domain names into the URL bar in their browser, DNS servers are responsible for translating those domain names to numeric IP addresses, leading them to the correct website.
Any Internet-connected computer can be reached through a public IP address, either of the below
- IPv4 address (e.g.
- IPv6 address (e.g.
Computers can handle such addresses easily, but people have a hard time finding out who’s running the server or what service the website offers. IP addresses are hard to remember and might change over time.
So, In the following image, we see the basic operation of the DNS server.
- First, computer looks its local DNS cache, which stores information that the computer has recently retrieved.
- If computer does not retrieved DNS details from your local computer, it needs to perform a DNS query outside from Recursive DNS servers which have their own cache,
- if Recursive DNS servers don’t know the answer they query Root nameservers which look at the first part of domain example.com and direct query to TLD
- Then, we have to go all the way back to the root name servers.
- Then we ask the COM top level domain (TLD) nameservers that handle all the traffic for sites ending in .com
From here, the .com name servers identify what name servers example.com is a responsible for, If TLD nameservers don’t have the information we need it directs the query to authoritative nameserver which know all information about specific domain which are stored in DNS records, then it retrieves “A record”.
The following are the most common DNS server types that are used to resolve hostnames into IP addresses.
A DNS resolver (recursive resolver), is designed to receive DNS queries, which include a human-readable hostname such as “www.example.com”, and is responsible for tracking the IP address for that hostname.
The root server is the first step in the journey from hostname to IP address. The DNS Root Server extracts the Top Level Domain (TLD) from the user’s query — for example, www.example.com —... provides details for the .com TLD Name Server. In turn, that server will provide details for domains with the .com DNS zone, including “example.com”.
There are 13 root servers worldwide, indicated by the letters A through M, operated by organisations like the Internet Systems Consortium, Verisign, ICANN, the University of Maryland, and the U.S. Army Research Lab.
Higher level servers in the DNS hierarchy define which DNS server is the “authoritative” name server for a specific hostname, meaning that it holds the up-to-date information for that hostname.
The Authoritative Name Server is the last stop in the name server query—it takes the hostname and returns the correct IP address to the DNS Resolver (or if it cannot find the domain, returns the message NXDOMAIN).
DNS servers create a DNS record to provide important information about a domain or hostname, particularly its current IP address. The most common DNS record types are:
- Address Mapping record (A Record)—also known as a DNS host record, stores a hostname and its corresponding IPv4 address.
- IP Version 6 Address record (AAAA Record)—stores a hostname and its corresponding IPv6 address.
- Canonical Name record (CNAME Record)—can be used to alias a hostname to another hostname. When a DNS client requests a record that contains a CNAME, which points to another hostname, the DNS resolution process is repeated with the new hostname.
- Mail exchanger record (MX Record)—specifies an SMTP email server for the domain, used to route outgoing emails to an email server.
- Name Server records (NS Record)—specifies that a DNS Zone, such as “example.com” is delegated to a specific Authoritative Name Server, and provides the address of the name server.
- Reverse-lookup Pointer records (PTR Record)—allows a DNS resolver to provide an IP address and receive a hostname (reverse DNS lookup).
- Certificate record (CERT Record)—stores encryption certificates—PKIX, SPKI, PGP, and so on.
- Service Location (SRV Record)—a service location record, like MX but for other communication protocols.
- Text Record (TXT Record)—typically carries machine-readable data such as opportunistic encryption, sender policy framework, DKIM, DMARC, etc.
- Start of Authority (SOA Record)—this record appears at the beginning of a DNS zone file, and indicates the Authoritative Name Server for the current DNS zone, contact details for the domain administrator, domain serial number, and information on how frequently DNS information for this zone should be refreshed.
Now that’s we’ve covered the major types of traditional DNS infrastructure, you should know that DNS can be more than just the “plumbing” of the Internet. Advanced DNS solutions can help do some amazing things, including:
These capabilities are made possible by next-generation DNS servers that are able to intelligently route and filter traffic. Learn more about NS1’s intelligent DNS platform and take DNS to the next level.