We all have been using the internet these days and use a lot of services and websites. But, the fact remains that most of us do not know how exactly does the internetwork. We click a few letters which are supposed to be the website address and the site launches.
However, have you ever given a thought to a scenario where the site that launched is not exactly the site you are looking for, but, instead of a copy or a replica of the site and is a move hacker have used to dupe you and gain access to your valuable information? Well, all that is possible, and what stops you from being a victim to such an eventuality is DNS. What exactly is a DNS and how does it work?
What is DNS?
DNS is an acronym that stands for Domain Name System. In fact, it is the fundamental concept on which the resource like the internet and websites are based on. However, if you are someone who does not belong to something referred to as networking would not understand it, while you may have been using it day in and day out when you are checking the scores of the major games, sending out the emails or even doing those useless things on your browser.
DNS is something equivalent to the phonebook we used to maintain during those good old days before the advent of mobile technology. The phonebook contained the information about the numbers of telephone subscribers. DNS is actually the phonebook of the internet.
While we use the concept called URL to identify the websites, the computer or the internet as such does not understand it. It is something akin to how a telephone exchange does not understand the names associated with the phone numbers. The URL is a form for the understanding of the humans, while the machine language identifies the websites through their IP addresses. An IP address is what the computers in a network identify each other through, as they do not understand the other details like URL or website addresses.
Humans like us understand the websites by the URLs like www.msn.com; the websites interact with each other through the Internet Protocol or IP addresses. When you enter a domain name or URL, the DNS changes or translates it into the corresponding IP address thereby assisting the browsers in loading the corresponding site.
Each of the devices that are connected to the internet has an IP address associated with it. Without the IP address, the devices would not be able to identify one another and cannot send or receive information. The existence of DNS eliminates the need for memorizing the IP addresses. Imagine you need to remember hundreds of phone numbers instead of recording them against the contact names. Would you be able to remember and call your contacts except for just a few of them?
How Does DNS Work?
Now that you have understood what exactly is a DNS and why was it needed in the first place, you would equally be interested in learning how does it work. However, after learning what a DNS server does, it should be quite simple to understand how it works.
The DNS maintains a directory of IP addresses and the corresponding website addresses. The directory is not placed at some specific location and at any (imaginary) corner of the internet. Instead, it is distributed across the world and is stored in the domain name servers. These servers communicate with one another and update the information accordingly.
The process of DNS resolution involves converting the hostname into an IP address that the computer understands. When a user tries loading a webpage, you need to translate the words typed by the user into a machine-understandable address so that your browser loads the requisite webpage.
There are several hardware components within the DNS server, and the request sent from your computer goes through a few steps. However, understanding them would be of academic interest as the activity goes on behind the scenes and does not need any kind of user intervention of any nature.
The major components of a DNS server include the following –
It is that part of the server that receives the request from the clients such as the web browsers. It just receives the requests and proceeds the requests to the next component of the server.
This part of the DNS server will handle the first task of translating the human-readable form of the web address into the IP address.
The top-level domain server or TLD nameserver finds the top level domain like.com
This is the last step in the DNS query or name server query. It finds the requested record and returns the result to DNS Recursor.
And all these tasks are completed within a few seconds.
Under the ideal circumstances, the DNS Lookup takes place as per the following schedule. The DNS information may be cached locally on the computer itself or be located on a remote server. The process takes around eight steps which can be explained through the following process flow –
- You type in a web address in your browser. This query travels through the internet and is received by the DNS Recursor.
- The query is then moved to the root nameserver.
- The root name server finds the top level domain server or the extension as we know it and directs the query back to Recursor
- The Recursor then directs the query to the corresponding TLD nameserver. For instance, if the TLD is .com, the query is moved to the .com TLD nameserver
- The TLD nameserver fetches the corresponding IP address available in its directory
- This is sent to the domains name server by TLD nameserver
- Domain nameserver then directs the IP address to the Recursor.
- The Recursor now returns the query with the corresponding IP address, and the site is launched on your browser.
However, if your browser has to complete all these steps for each of the websites you look for, it would take an unnecessary delay in launching the website you requested. For this purpose, DNS uses a concept called caching.
What is DNS caching?
Caching, as we are aware of, is a process of storing the data locally on a temporary mode. This would be helpful in improving the performance reliability of your requests and the corresponding results. This will avoid the extra steps as the data is stored close enough to the client that makes the request.
The DNS caching can be much helpful in enhancing the load times and reducing the CPU consumption. The DNS data can be cached to a few different locations. The data thus cached will be available for a time period specified as TTL – Time to Live.
Browser level Caching
Latest browsers are designed to keep a DNS cache for a prescribed amount of time. Since the DNS details are located closer to the web browser, the number of steps would be reduced, and you can experience faster loading. In fact, when a DNS request is made, ideally it is the browser cache that is first checked.
OS Level Caching
This is the second and the last DNS cache when it comes to the local DNS cache. The process used for handling the query within your operating system is referred to as Stub resolver or DNS client. When a request is received from an application, the client checks its own cache to find if the corresponding details are available. If they aren’t, it sends the DNS query to a resolver within the ISP.
Why is DNS Most Important?
Well, with the rise in technology and the development therefrom, the DNS has become one of the most important aspects of communication. Users have grown unforgiving, and there has been a constant demand for faster and responsive delivery of the content. A slight slow down in the page load speeds can cost quite dearly.
If you have an application or even an E-Commerce service, the efficiency of the DNS lookup system has been much important. In fact, your application performance would solely be dependent upon the performance of your DNS lookup.
DNS has been one of the significant factors that would define the efficiency of your system. In fact, it adds efficiency to your workflow. It would help keep the things smoother, faster and reliable.
The Security Hazards in DNS Lookup
As technology has been developing, it has also been providing an option for the attackers to hijack DNS Lookup as well. There have been several tricks used by hackers to hijack a DNS lookup and lead the users to a cloned site that takes them to a malicious website.
Some of the attacks used by hackers include DNS reflection attacks, DNS cache poisoning, and DNS resource exhaustion. Of these, the DNS cache poisoning can lead the gullible users to the malicious websites. The hackers insert the wrong information in the DNS records and thus when a user requests an address, the DNS lookup returns an address that is controlled by a hacker.
To address this concern, ICANN has come up with DNSSec. The DNSSec or DNS Security Extensions. The DNSSec is designed to make sure that the communication between the servers involved in the DNS lookup more secure. As per this norm, each of servers now needs to sign the requests digitally, and thus these requests cannot be deciphered by the attackers. The concept will also check if the domain name does exist or not. If it does not, it prevents the fraud domain name being delivered.
Well, that was all we had with respect to the DNS and its functionality in a proper internet connectivity. With the hike in the number of devices and domain names, it has assumed a greater importance to devise a DNS that offers you a better degree of DNS management. In fact, many sites have been migrating to IPV6 infrastructure, and this can bring in a need for a more robust DNS management techniques.
In any case, from a beginner’s point of view, we assume we have outlined the basics of what DNS can do and how does it do it. In case we have made it possible for you to understand the basic concepts of the DNS lookup, we would treat our efforts have paid off really well enough. If still, you have any queries, we would expect you to share your thoughts with us. We will guide you to the proper resources so that you can gain more knowledge.