I have explained what is DNS and why we need it in previous post. In this post, I will talk about how DNS works!
DNS Component
Before we deep dive into how DNS can find the IP address from the domain name, we will list the components that contribute to the search result.
Fig.1 – DNS Component.
DNS resolver (a.k.a DNS recursor): Acting as the librarian of the library, the library here is the Internet.
Root name server: Acting as a large bookshelf, numbered according to 13 letters (from A to M) and placed in different locations around the world, in addition, each has a separate IP address. To put it simply, there will be 13 numbered bookshelves placed in different places
Top Level Domain (TLD) server: Acting as each floor of a bookshelf, each floor will contain data for a different TLD (eg .com, .gov, .xyz, etc)
Authoritative name server: Acting as a book, it contains data (CNAMEs, MX records, IP addresses, etc) related to domain names, and each domain name is one book.
How does DNS work
Now we will talk about how a website’s IP address is found.
The search will be in local and DNS, to increase the performance and user experience, it will be in local first and DNS later.
Local
In local, IP addresses will be store in Browser Cache and Operating System Cache (OS Cache)
Fig.2 – Local Workflow
User uses the browser to access the website (ex: www.facebook.com)
Browser will find the IP in the browser cache first:
If it has, return the IP directly to the browser.
If it hasn’t, continue search in the OS Cache
Browser will access the website through IP
If the IP doesn’t exist in local, the browser will start to find through DNS
DNS
Fig.3 – DNS Workflow
Browser send request to DNS resolver, resolver will find in DNS cache first:
If it has, return the IP directly to the browser.
If it hasn’t, the resolver will call to root name server
When resolver call to root name server, it will respond the IP of Top Level Domain server (ex: facebook.com -> TLD will be ‘.com’)
After that, resolver will continue call to TLD server with the IP address provided by the root nameserver
When resolver call to TLD, TLD will find in cache also:
If it has, return the IP directly to the resolver.
If it hasn’t, return the IP of the Authoritative Name server to the resolver and resolver continue call to that
In here, Authoritative Name server will check that domain has access or not, if yes, it will return the IP of that domain to resolver
Question
Q: Why is the number of Root Name servers only 13?
A: Because in development, they believed 13 Roots were enough to handle all DNS needs. But it does not mean only having 13 Root Name servers, each Root Name would have many physical server differences around the world
Q: What determines which Root Name server will be called by the DNS resolver
A: Based on many things like location, network latency or availability
Q: Where is Root Name server info stored?
A: It is stored in Resolver config or supplied by Internet Service Provider (ISP)
Q: Is that in Resolver config always has 13 Root Name?
A: Yup, that right. Resolver config always has 13 Root Name
Q: Can be restricted access of 1 in 13 Root Names by ISP?
A: Can but it not recommend
Q: What is the data difference in 13 Root Names?
A: Data of all root names is the same, difference of each are access name (A.root-server.net,…, M.root-server.net) and IP address
Summary
Finally, I have explained what, why, and how DNS works, phew 🤪….I have tried to write my best so if it was not clear or I missed something, please comment to let me know.
Happy Coding! 😎
