What is the Domain Name System (DNS)?

The Domain Name System (DNS) is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet. It associates various information with domain names assigned to each of the participating entities. Most prominently, it translates human readable domain names (for example, www.mlytics.com) to machine readable IP addresses (for example, IPv4: 76.223.15.141). DNS can be compared to a phonebook, wherein a person’s name would correspond to the domain name, while the person’s phone number would correspond to the website’s IP address.

All devices connected to the Internet, from your smartphone or laptop, to the servers, locate and communicate with one another by using IP addresses. However, when you open a web browser on your device and access a website, you usually don’t type the IP address. Instead, you simply enter the domain name. But even with just the domain name, you will still be able to access your desired website. How your browser manages to obtain the IP address by simply using a domain name is called name resolution (or DNS lookup). Name resolution is a complex process that involves, not just one server, but several DNS servers working together.

Name Resolution Process (And The 4 Types of DNS Servers)

Below is an example that describes the step-by-step procedure on how a recursive DNS query works, and how various DNS servers work together to route an end user request from the browser to the website (or web application).

1. A end-user enters www.mlytics.com in the address bar of the web browser.
2. The browser routes the request (query) for www.mlytics.com to a recursive resolver (also known as DNS resolver). 
   • The recursive resolver is a DNS server designed to receive queries directly from end-user’s machines through applications such as web browsers, and then it initiates and sequences queries to higher level servers in order to resolve (translate) the resource being sought i.e. IP address of a website. 
   • This is called a “recursive” resolver because it routes the request to several DNS servers until the IP address is found.
   • Recursive resolvers are typically managed by the end-user’s Internet Service Provider (ISP). 
3. The recursive resolver queries a root name server (or DNS root server).
   • The root name server is a DNS server for the root zone of the DNS. They perform the first step of translating human readable host names into IP addresses that are used in the communication between servers. It serves as a reference for more specific top-level domain servers.
4. The root name server then responds to the recursive resolver with the address of a Top-Level Domain (TLD) server. When searching for mlytics.com, the request is routed to the .com TLD name server.
   • TLD name server is a DNS server that hosts information for all the domain names that share a common domain extension, such as ‘.com’, ‘.net’, ‘.org’, or whatever comes after the last dot in a url. For example, a .com TLD name server contains information for every website that ends in ‘.com’.
5. The recursive resolver then queries to one of the TLD name servers for .com domains.
6. The TLD name server for .com domains then responds to the recursive resolver with the name of the authoritative nameserver (or the “domain nameserver”) that is associated with the mlytics.com domain.
   • Authoritative nameserver is a DNS server that actually knows what the sought IP address is. Authoritative nameserver has the final authority over a domain, and is responsible for providing the IP address information back to the recursive resolver. 
7. The recursive resolver chooses that authoritative nameserver and forwards the request for www.mlytics.com.
8. The authoritative nameserver looks for the www.mlytics.com record, gets the associated value, i.e. the IP address 76.223.15.141, and returns the IP address to the recursive resolver.
9. The recursive resolver finally returns that IP address to the web browser.
10. Now that the web browser has the IP address, the web browser then makes an HTTP GET request to the web server having the IP address 76.223.15.141.
11. The web server then returns the web page for www.mlytics.com to the web browser, and the web browser displays the webpage for the end-user.

DNS was designed to be fast and efficient. Thus, the whole process described above usually takes only around tens to hundreds of milliseconds.

DNS Caching

As described, DNS is used to resolve a particular domain name to its corresponding IP address. You might have noticed, there are a lot of steps taking place. When a new website request is made, the end-user would query the DNS resolver, which then queries the DNS root server, then the TLD name server, then the authoritative name server, and then the DNS resolver will submit the information to the end-user. In short, a single end-user query requires the participation of multiple DNS servers. Needless to say, each individual query, to a specific type of DNS server, piles up additional waiting time for the end-user, before he receives the IP address that he needed.

Luckily, there is a clever built-in mechanism that allows the DNS lookup process to skip some queries (or steps). This mechanism is called DNS caching. DNS caching involves temporarily storing data (i.e. DNS record) on a machine closer to the requesting end-user right after the initial DNS lookup. When a DNS record is cached, there will be no need to “re-query” the DNS server where that DNS data originally comes from. Hence, this will resolve the website’s URL to its corresponding IP address more efficiently. As a  consequence, caching will improve website loading time and reduce bandwidth consumption. 

DNS records can be cached in a variety of locations along the DNS lookup chain, each of which will store the data for a given amount of time i.e. time-to-live (TTL). Modern web browsers and computer operating systems (OS) are designed, by default, to cache DNS records. In addition, during the DNS lookup (most likely from the first request), the lookup process passes through the DNS root server, the DNS TLD server, and the DNS authoritative server. At each step, DNS records from those servers are gathered and cached by the DNS resolver for later use.

Therefore, even if the browser’s or the OS’s DNS cache are purged (emptied), the DNS resolver might still have a cached copy of the DNS information (for a certain period of time). If the TTL has not expired, queries can now avoid the need to go through the complete DNS lookup process all over again. Aside from that, the cached DNS data in the DNS resolver can also be utilized by other end-users who want to access the same website, hence making the all succeeding DNS query and website access much faster.

Is DNS Necessary?

If a person knows the IP address of a given website, it is possible to access it by simply typing its IP address in the web browser. For example, you can type 172.217.167.46 to the browser, and it will redirect you to google.com. In such cases, people may jump to a conclusion that there is no need to use DNS anymore, because as long as we know the IP address of the website, we can access it already. But let us not get ahead of ourselves. As the number of websites increases, it becomes more tedious to remember multiple IP addresses. Moreover, as the number of websites increases, the usage of IPv6 addresses becomes more and more prevalent as well. IPv6 addresses are not the kind of numbers that normal humans can easily remember. At its core, DNS eliminates the need for us to memorize these complex IP addresses, so the only thing we need to memorize are the human-friendly domain names.

DNS also separates the function of a locator (i.e. IP address) to that of an identifier (domain name). The difference between an IP address and a domain name is, the IP specifies the server’s location, while the domain name allows you to specify the service itself. The greatest advantage of DNS doesn’t rely so much on the fact that a domain name is easier to remember than an IP address, but it relies on the notion that there exists a layer of abstraction between the service and its implementation. So one can change the underlying implementation, by moving the servers (where the service is located) around without the need of changing anything from the service. Meaning, the IP address of a given website might change, but the end-user doesn’t need to know about it, and just rely on the same domain name that they are already familiar with. In addition, the website owner can change the website host provider, without changing the domain name.

Another important consideration is, it is not uncommon for one IP address to be shared by 2 different domain names. For example, stackoverflow.com and superuser.com share a common IP address 198.252.206.16. If one enters this IP address on the web browser, the web browser will return a page stating “couldn’t find site”. Since the IP address is mapped to multiple websites, the web browser will not know which website to go to. Having a domain name and DNS to resolve it can solve this issue easily.

Practical DNS Management Tips

The recursive resolvers that you use when you connect to the internet are automatically assigned by your internet service provider (ISP). If you want to know which servers act as your recursive resolvers, then there are several web utilities that can provide a bunch of information about your current network connection. Browserleaks.com is a good example.

While your ISP automatically sets default DNS servers as your recursive resolvers, you are actually under no obligation to use them. In fact, some end-users avoid using their ISP-assigned DNS servers due to some reasons. For instance, some ISPs use their DNS servers to redirect requests for nonexistent addresses to their advertisement page. Although this is not particularly dangerous, it can be annoying to some.

If you want an alternative, you can instead point your computer to a public DNS server to serve as your recursive resolver. One of the most prominent public DNS servers is Google Public DNS, having an IP address of 8.8.8.8 and 8.8.4.4. Google’s DNS services tend to be fast and Google has a page with detailed instructions on how to configure your computer/router to connect to Google Public DNS. Other notable public DNS are: Cisco OpenDNS (208.67.222.222 and 208.67.220.220); Cloudflare (1.1.1.1 and 1.0.0.1); and Quad9 (9.9.9.9 and 149.112.112.112).