Ever heard about the term “DNS” when using the Internet? DNS stands for Domain Name System. Before we go ahead and talk about what is DNS and how DNS lookup works, let us understand what the D in the DNS stands for.
What Is A Domain
You know that the format of a web URL is http://www.domainname.tld. In this example, TLD (tld) refers to the top-level domain. In the early days of the web, TLD was one of the following:
- .com (refers to commercial organizations)
- .org (refers to non-profit organizations)
- .net (commercial websites again)
- .gov (government websites)
- .edu (educational)
- .mil (military purposes) and
- .int (international)
With the increase in people purchasing websites, domain types related to locations were introduced. For example, .asia, .us, .in and .ca refer to Asia, US, India and Canada respectively. Soon, several other types of TLD came in that tell us the type of website. For example, .me refers to a personal website whereas a .tv refers to a video streaming website. Increasing the TLD categories made it possible to categorize websites according to their type while catering to the increasing demands of consumers.
In the above example of the URL (http://www.domainname.tld), http refers to the mode of transfer of data, and www says it relates to the World Wide Web. Anything between www and TLD is the domain name of a website.
Earlier, people had to type in www to access a website. Since the hosting service providers allow redirection of www.domainname.tld to domainname.tld, you can skip typing www while entering the URL into the browser. An example of a domain name is “thewindowsclub”. The URL for accessing domain “thewindowsclub” is https://www.thewindowsclub.com or https://thewindowsclub.com. Here, “thewindowsclub” is part of the .com TLD. Then, there can be sub-domains. In the case of www.forums.thewindowsclub.com, “forums” is the sub-domain of “thewindowsclub”.
When you buy a domain, you get to purchase a name that goes with different TLDs. You can choose .com, .net, .us or other TLDs – provided it is not taken already by someone else. Simply buying a website will not help as people cannot reach it until it has an address. For any domain you purchase, you can create any number of sub-domains and use it for websites and other purposes. For each domain and sub-domain you create, you need to specify the address of servers that contain the content of your website. If the domain or sub-domain refers to some device (for example, a network printer), you need to specify the address of that device.
All the domains and sub-domains on the Internet have an address attached. We call them the IP address: Internet Protocol address or in other words, an address that works with the Internet. You can access a domain/sub-domain only if you know the IP address of servers containing its content.
What Is DNS
You know that there are unlimited websites on the Internet. Again, each website can have its own many sub-domains. Remembering the IP addresses of these websites is simply not possible. This is why you get to enter the domain name in your own language (using the URL format – also called alias in technical terms). There is a system at work that resolves the domain names so that you can connect to the website you mentioned in the URL. This system helps you in finding the IP address of the domain names you entered in your browser so that the browser can connect to the website. This system is called the Domain Name System or DNS for short.
Domain Name System, or DNS as it is popularly known, is a distributed database that contains the mapping of domain names to their IP addresses.
Until recently, a non-profit organization called InternNIC was responsible for managing the domain names and their IP addresses. When it went “for-profit”, its monopoly ended and now there are many companies that manage the databases related to domain names. Though the databases are maintained by different companies, they are interconnected in a manner that any DNS Service can get the IP address of any domain.
A DNS Service helps you in resolving the domain names that you enter in your web browser. It also helps in resolving the addresses when you are sending emails or when you click on active links. In general, your Internet Service Provider gives you a DNS Service. Other than your ISP, there are companies that offer Public Domain Name Services. Examples of such companies include Google, Comodo, and OpenDNS. When you click on a link or enter a URL into your web browser, the DNS Service is contacted for resolving the related DNS. It is the responsibility of the DNS service to scan the Domain Name System database and provide you with the IP address of the host to which you wish to connect.
The domain names and sub-domains can be called aliases. The servers holding database containing information on the addresses of different aliases are called Name Servers. There are two types of servers operating in the Domain Name System. The first types are the Root Servers – these hold data about Top Level Domains (TLD: .com, .net and .org, etc.). The other types contain the addresses of servers that host your domains and sub-domains.
Example 1: In case of abc.xyz.com, Root Servers will hold information about xyz being a .com. Some other Name Server will contain database entries showing the address of xyz.com. Since you also are hosting abc.xyz.com, its address can be either on the same Name server holding the address of xyz.com or on a different Name Server. If you add yet another sub-domain to abc.xyz.com, its address may again be on the same or on a different Name server depending upon where you are hosting it. The relation between the above can be established as below:
xyz is related to com
abc is related to xyz.com
If you add qwe as another sub-domain to xyz.com,
qwe is related to abc.xyz.com
To establish the address of qwe, the Domain Name System Service will have to resolve:
This is a case when the Domain Name System Service is not using any cache. We will talk about caches a little later in this article. The above shows that to resolve the DNS of qwe.abc.xyz.com, the DNS system has to scan the DNS database four times. This becomes complex given that the addresses of different parts of the URL can be on different Name Servers. But due to the speed of the Internet, you can see the page downloading in a matter of few milliseconds and in worst cases, few seconds.
How DNS Lookup Works
By now, you know that there are different servers hosting databases that contain the IP addresses of different domains and their sub-domains. You also know that there are Root Servers that hold the IP address of servers hosting Top Level Domains. These Root Servers help in reaching the servers containing databases that hold the IP address of the main domain name. If there are sub-domains, their address can be on the same servers as of the main domain name or on a different server. All these servers are accessible for finding out the IP address of the exact URL that you need to use. The process of finding out the IP address of any URL on the Internet is known as DNS lookup. To find out how DNS Lookup works, take the following example.
Example 2: Consider a network of ten computers. Each computer has its own address so that data packets traveling in the network know where to go. There is an 11th computer that hosts a database containing the alias names of each of these ten computers and their IP addresses. While the computer users can refer to the computers using their names, the data packets need the IP addresses of the computers so that they can reach the intended recipient. If computer A needs to use the printer attached to computer B, A will check the database on 11th computer to know the IP address of B and then find out the address of printer attached to B. Only after obtaining the address of the printer, A will route the print command to the printer attached to B.
In this case, the following iterations happen:
A contacts Computer11
A contacts B
A contacts printer attached to B
A similar method is used to lookup DNS records. For example, when you click on https://thewindowsclub.com, your router will contact your default DNS Service for DNS resolution. The DNS service will contact Root Servers and ask for the IP address of the server containing .com records. This address is sent back to your DNS service. The DNS service again reaches the Name Server containing addresses of .com domains and asks it for the address of https://thewindowsclub.com. Upon obtaining the IP address of the servers that host thewindowsclub.com, your DNS service will return the IP address to your computer which then fires up your browser to download the main webpage. This means your DNS service is sending at least two requests to receive the IP address of a simple domain name.
Following is an image that explains how DNS lookup works:
In the above case, if you were to look for http://forums.thewindowsclub.com, your DNS service had to run a request extra to know its IP address.
Since resolving DNS from scratch every time takes up time, many ISPs and DNS Service Providers create local caches that contain already resolved addresses. These are primarily the addresses they already fetched from Root Servers and other Name Servers at some point in time. In this case, when you send a request for a URL, instead of contacting the Root server directly, the DNS service would look up for the resolved address of the URL in its local DNS cache. If found, it would send the resolution back to your computer instantly else would go ahead and resolve the DNS using the above method of contacting Root Servers and other Name Servers.
Some operating systems too, contain a locally cached copy of addresses that you commonly use on your computer. This too, helps in saving time while using the Internet. We will talk about DNS caches in a different article at some later point of time.
Please let us know if you still have any doubts about how DNS lookup works.