DNS Basics

iPad displaying the google "This site can't be reached" error screen

DNS basics and what do you need to know about it.

In this series, we will be discussing the significance of both using DNS effectively and monitoring it appropriately. If you’re interested in following and learning more about DNS, sign up in the sidebar to receive updates over the next few weeks as we discuss this topic in depth!

By translating a hostname to an IP address when we type in a memorable name like google.com into our browsers, DNS is a gateway to everything on the internet and that makes it essential to everything from security to availability. While DNS made its debut in the 80s, and we’ve discussed the importance of highly available DNS before, we wanted to start this series off with some DNS basics before we started getting into the nitty-gritty details about why it’s so important.

What is DNS?

DNS, at its core, is a system that allows end-users to translate a hostname into a correct IP address.

So what does that mean? Well, it means that people want to communicate with machines using memorable names (Google, Amazon, Facebook, etc.), but machines speak using numbers. Because of this natural incompatibility, DNS is used to intake hostnames (words) and quickly run them through the correct series of recursive, root name, TLD, and authoritative DNS servers that make up the internet to obtain the correct IP address. Once a computer has the IP address, it is able to connect the end user to the server they requested. All in a matter of milliseconds.

What is caching DNS?

Caching DNS adds another layer to the process of translating a hostname to an IP address. Once you have received an answer to your query in the form of an IP address, the data will be stored temporarily in a set of nonauthoritative caching/resolving nameservers to further improve latency, and help prevent potential outages if your local server is experiencing an issue. These servers are typically provided by your Internet Service Provider (ISP), or they can be owned by private enterprises like Google who more recently have been making these servers publicly available. Resolving nameservers can also be utilized to improve security and performance, in addition to making a hostname more available.

However, after the time to live (TTL) on a DNS record has passed, the local nameserver will purge the previous IP address to ensure you have the most up-to-date version of that hostname. Thus, the next time you make a request for a hostname you’ve already visited, the process will start at the beginning, even if you’re using, for example, a router with caching DNS.

Who are the Key Players in this whole process?

There are a few different entities that DNS looks to when it is trying to attach an IP address to a domain name.

Root Nameservers: The Root Nameservers, a network of hundreds of servers which direct queries to the correct TLD-specific registries which are managed by Internet Assigned Numbers Authority (IANA).

Registries: These are the companies that are responsible for managing the registration and maintaining the database of ownership for top-level domains (TLDs) like .com, .net, and .org.

Registrars: Companies that act as a broker between the end user and the registries, registrars like GoDaddy provide an easy way for users to search for availability across all TLDs. They also provide authoritative DNS services.

Authoritative DNS Service:
Often, authoritative DNS services are provided by the Registrar and bundled with the hostname to make things easier for the end user. However, there are independent authoritative DNS providers such as Cloudflare and DynDNS which can provide more availability, security, reliability, and a whole lot of useful services.

Resolving Nameservers:
Nonauthoritative servers provided by ISPs or companies like Google and CloudFlare which cache data locally and resolve DNS queries to reduce latency and increase resilience.

DNS Basics: Diagram of the Modern DNS Process

For example, when you type google.com into a browser, DNS will query the Root Nameservers to find out which entity is authoritative for the TLD (.com), after receiving an answer, DNS then queries the correct registry to find out who is the authoritative DNS provider for the hostname (google). Once the registry has responded to the query with the correct provider, whether that be a registrar like GoDaddy or another independent provider like DynDNS, the company which provides authoritative DNS services for the hostname will then reply with the correct IP Address. The last step is to deliver the IP Address to a caching nameserver which will store the data until the TTL on the DNS record is up before purging the record.

If you’re interested in learning more about the details about how this all works, check out this great article from DynDNS about DNS.

How should you pick an authoritative DNS provider?

Choosing an authoritative DNS provider is like choosing the right insurance. You want to be sure it provides all the services you need it to, and that it will effectively cover you if anything fails. From cloud providers like Amazon Web Services and Google Cloud Platform to the previously mentioned DynDNS, authoritative DNS providers offer a range of options and services that you can use to your advantage. The most important thing is that you choose your provider carefully and do your research on important features like Anycast, reliability, APIs for automation, number of nameservers, and scalability. We’ll talk about this in more depth when we move away from DNS basics get into the best practices for setting DNS up next week.

Next in the Series: Common Questions and Best Practices for DNS Set Up

Interested in learning more about DNS Basics? Subscribe in the sidebar to get notified when this series updates!