What is the DNS?

The Domain Name System (DNS) is a decentralized naming schema of resolving domain (host) names into numerical IP Addresses. The IP Addresses are assigned to various computing devices and services on the Internet but because remembering a series of numbers is more difficult for people, it's easier to remember them by their corresponding domain names and have the DNS translate it into the relevant IP address. In this way, the DNS is equivalent to a telephone directory where you would look up a person's telephone number by their name. This is accomplished by having the DNS map domain names to the aforementioned Internet resources by giving authoritative name servers (Top Level Domain name servers) for each domain. This then allows network administrators to create their own sub-domains on their domain and have them connect to other name servers; thus, allowing for a decentralized, fault-tolerant, and distributed database. As this is the DNS main purpose, the handling of the domain name hierarchy namespace and IP Address translations, it is an integral part of the Internet communication at the Application Layer of the Internet Protocol Suite.

Structure and Functions

When you type a domain name into a web browser (i.e. iplocation.net), your device searches its local DNS Cache to find an IP Address of the domain name. If the local DNS does not have the IP Address of the hostname you're requesting, it sends the query to the DNS servers your device knows about. These servers are usually dependent on which Internet Service Provider (ISP) you're currently using and their only function is to answer queries for IP Addresses. Once the hostname is found and the query is resolved, the DNS servers will keep a history of the lookup and store them in its cache for future lookups. If the DNS server can't resolve the IP Address of the domain name, it recursively sends the query to upper DNS server until it reaches the root name server. The root name server reads the hostname extension first (in our scenario, it would be “.net” of iplocation.net) and sends the query to the Top Level Domain (TLD) name server. The TLD name server would identify which authoritative name server to forward the query based on the extension of the domain name after reading the second-level domain name ("iplocation"). As the authoritative name server contains all the information about the relevant extension, it would then be able to find the IP Address of the query and then pass it down the chain to the device which made the query. This is how the IP addresses are retrieved from local DNS cache level to the extended authoritative DNS servers.

Types of DNS Servers

There are two types of DNS servers; Private and Public DNS. The private DNS Servers are usually the commercial servers provided by ISPs which are accessible only through the services provided by that ISP. Basically, a person on one ISP (Sprint) can't use the DNS Server of another ISP (Verizon). On the other hand, Public DNS Servers are open and accessible to everyone as anyone can configure their device to use Public DNS Servers. The main reason one might do this is because Public DNS Servers are faster and more secure than Private DNS Servers. As mentioned before, the process for translating a hostname into an IP Address can involve several hops until the query is resolved; and this is typically a problem with Private DNS Servers because of fewer people using them. As a Public DNS Server is open to any and everyone, it is expected to have a more robust database, filled with DNS records because more people can access them. In this way, the Public DNS servers have more IP Address records and are less likely to recursively push a query to the higher level name servers of the domain for resolution. Furthermore; because Public DNS Servers are open to everyone (like Google), they support and use security protocols, such as Domain Name System Security Extensions (DNSSEC), to prevent cyber attacks such as DNS Spoofing and DNS Poisoning. DNSSEC, in particular, does this through digital signatures and thus; every DNS request is verified on every step.

Smart DNS is a more recent innovation that was launched in 2012 which functions like a Virtual Private Network (VPN) except the communication is not encrypted. It is widely used to resolve the geo-restricted (or geo-blocked) websites by users around the world. For example, certain users cannot use Netflix's services because of their location but a Smart DNS Proxy Server would re-route their DNS query to allow them access at regardless of their geographical location. While this method does not encrypt your data or hide your IP Address, it is a much faster solution than using a VPN as it only re-routes the query and not all of your data. Unfortunately, however, some ISPs use DNS Filtering technology to block the use of Smart DNS Proxy Servers which make them less viable.

At the moment, DNS is an important player of the internet world and is deeply involved with how we use it in today's world. Without it, traversing the web would be a lot more toiling as users would require IP addresses to access the websites. As innovation within this space continues to grow, we could see the birth of even more types of DNS Servers which improve speed, reliability, and security even further like with the birth of Smart DNS Proxy Servers and Public DNS Servers.

Search Our Website



Incapsula DDos Response Plan

Privacy Articles

Wiki What is Cybersecurity?
Wiki What is Cyberbullying?