What is DNS?Definition,how it works

DNS Definition

The Domain Name System (DNS) turns domain names into IP addresses, which browsers use to load internet pages. Every device connected to the internet has its own IP address, which is used by other devices to locate the device. DNS servers make it possible for people to input normal words into their browsers, such as Fortinet.com, without having to keep track of the IP address for every website.

What is a DNS Server?

A DNS server is a computer with a database containing the public IP addresses associated with the names of the websites an IP address brings a user to. DNS acts like a phonebook for the internet. Whenever people type domain names, like Fortinet.com or Yahoo.com, into the address bar of web browsers, the DNS finds the right IP address. The site’s IP address is what directs the device to go to the correct place to access the site’s data.

Once the DNS server finds the correct IP address, browsers take the address and use it to send data to content delivery network (CDN) edge servers or origin servers. Once this is done, the information on the website can be accessed by the user. The DNS server starts the process by finding the corresponding IP address for a website’s uniform resource locator (URL).

How Does DNS Work?

In a usual DNS query, the URL typed in by the user has to go through four servers for the IP address to be provided. The four servers work with each other to get the correct IP address to the client, and they include:

1. DNS recursor: The DNS recursor, which is also referred to as a DNS resolver, receives the query from the DNS client. Then it communicates with other DNS servers to find the right IP address. After the resolver retrieves the request from the client, the resolver acts like a client itself. As it does this, it makes queries that get sent to the other three DNS servers: root nameservers, top-level domain (TLD) nameservers, and authoritative nameservers.
2. Root nameservers: The root nameserver is designated for the internet’s DNS root zone. Its job is to answer requests sent to it for records in the root zone. It answers requests by sending back a list of the authoritative nameservers that go with the correct TLD.
3. TLD nameservers: A TLD nameserver keeps the IP address of the second-level domain contained within the TLD name. It then releases the website’s IP address and sends the query to the domain’s nameserver.
4. Authoritative nameservers: An authoritative nameserver is what gives you the real answer to your DNS query. There are two types of authoritative nameservers: a master server or primary nameserver and a slave server or secondary nameserver. The master server keeps the original copies of the zone records, while the slave server is an exact copy of the master server. It shares the DNS server load and acts as a backup if the master server fails.

DNS History

In the earliest days of the Internet, the only way to get to a website was to enter the IP address, that long series of numbers, into their browser window. In the early 1980s, American computer scientist Paul Mockapetris and his colleague Jon Postel developed a system that automatically mapped IP addresses to domain names—and the DNS was born. This same system still serves as the backbone of today’s Internet.

Types of DNS Service

• A recursive resolver server: When a DNS query initiates, it first lands at the recursive resolver server. Think of this as your internet concierge who takes on the initial request to translate a domain name into an IP address. If this server has previously resolved the same domain—thanks to its caching capability—it can provide a quick answer. Otherwise, it diligently moves up the hierarchy to fetch the required information.
• A root name server: Root name servers function as global reference points for all DNS lookups and are fundamental in translating readable hostnames into numerical IP addresses. Despite only 13 unique root zone nameserver addresses, each is strategically mirrored across various locations worldwide using anycast addressing to ensure response robustness and reliability.
• A top-level domain (TLD) name server: This type serves as custodian for specific slices of namespace categorized by top-level domains like .com or .org—and country codes such as .uk or .jp. It’s here where we narrow down our search further within these subdivisions. When given part of a hostname associated with their TLDs, they guide us closer by pointing towards more precise authoritative sources.
• An authoritative name server: Lastly, reaching an authoritative name server means hitting the jackpot for data specificity—they hold definitive records for individual domains, including necessary details like A records (addresses), MX records (mail exchanges), etc., allowing them to return requested mappings between particular domain names and their corresponding IPs back through channels from where queries came. 

DNS Servers and IP Addresses

Computers and various devices that use the internet depend on IP addresses to send a user’s request to the website they are attempting to reach. Without DNS, you would have to keep track of the IP addresses of all the websites you visit, similar to carrying around a phone book of websites all the time. The DNS server allows you to type in the name of the website. It then goes out and gets the right IP address for you.

DNS Server Not Responding? What Does That Mean?

You may get a message that says “DNS server isn’t responding” after entering a domain name in the URL bar of your browser. This means there was an attempt to communicate with the DNS server, but the server failed to return a result. This could be due to a few different things:

1. Your internet connection is weak or unstable, making it hard for your browser to communicate with the DNS server
2. Your DNS settings or browser need to be updated
3. There is an issue with the DNS server, such as a loss of power at the data center where it is housed

DNS Security

DNS comes with several potential security issues. Given that the system is so widely used, any kind of DNS failure could theoretically be catastrophic. That’s a major concern, said Mockapetris, the co-developer of DNS, in an interview with tech magazine “TechTarget” in 2016.Billions of devices around the world are connected by DNS. And billions more will soon be connected by the Internet of Things (IoT), Mockapetris said.

At the height of the pandemic, threat actors attacked the DNS settings of people working from home amid the global COVID-19 pandemic. Attackers changed DNS settings in Linksys routers, pointing users to what appeared to be a legitimate website that included a pop-up message with information about the pandemic. But once a user clicked through, it downloaded a fake coronavirus-related app and performed a host of nefarious activities, according to security researchers.

Best DNS Servers

Here are some of the top DNS servers available:

1. Cloudflare 1.1.1.1. This is a simple-to-use DNS service that comes with tutorials for all of the most popular operating systems, such as Mac, Windows, Android, iOS, and Linux. Users can also use Cloudflare’s service to block adult content.
2. Google Public DNS. The Google Public DNS service is different from Cloudflare’s in that it is designed for more technically adept users. But you can find tutorials if needed.
3. Quad9. Quad9’s DNS service is renowned for its fast performance. It also claims to block malicious sites using threat intelligence data.

How to Perform a DNS Lookup

Each domain has DNS records, and these are pulled by nameservers. You can check the status of the DNS records associated with your domain. You can also examine the nameservers to ascertain which records are being pulled by the servers. On a Windows computer, for example, this is done using the NSLOOKUP command. Here’s how to do it:

• Access the Windows command prompt by going to Start >> command prompt. You can also get to it via Run >> CMD.
• Type NSLOOKUP and click Enter. The default server gets set to your local DNS, and the address will be your local IP address.
• You then set the type of DNS record you want to look up by typing “set type=##” where “##” is the record type, then hit Enter. You can also use A, AAAA, A+AAAA, ANY, CNAME, MX, NS, PTR, SOA, or SRV as the record type.
• Enter the domain name you want to query. Click Enter.
• At this point, the NSLOOKUP returns the record entries for the domain you entered.