How DNS Works

I - What's DNS & Why DNS?

In the beginning, people use numerical identifiers(IP) to represent network devices. But human is good at remembering meaningful names, not numbers, so here comes the host name. In early days, there is a global file that stores the name/ip mapping, which is known as hosts file.

As there are more and more devices in Internet, a single hosts file can't solve the mapping problems. So people invented DNS.

The Domain Name System(DNS) is a hierarchical naming system for computers, services, or any resource participating in the Internet. It associates various information with domain names assigned to each of the participants. Most importantly, it translates domain names meaningful to humans into the numerical (binary) identifiers associated with networking equipment for the purpose of locating and addressing.

DNS essentially functions as a distributed database using a client/server relationship between clients that need name resolution (mapping host names to IP addresses) and the servers that maintain the DNS data.

II - Related Concepts

1. Host & Host Name

Each device on the Internet is called a Host. Whether the host is a computer, printer, router, and so forth, as long as it has a unique IP address, it’s a host. Just as the IP address identifies the host uniquely, so does the Host Name.

2. Zone, Domain & Delegation

A Zone is a portion of the DNS database that contains the resource records with the owner names belonging to a contiguous portion of the DNS namespace.

A Zone starts as a storage database for a single DNS domain name. If other domains are added below the domain used to create the zone, these domains can either be part of the same zone or belong to another zone. Once a subdomain is added, it can then either be:
  • Managed and included as part of the original zone records, or
  • Delegated away to another zone created to support the subdomain
A DNS database can be partitioned into multiple Zones. A DNS server is considered authoritative for a domain name if it loads the Zone file containing that name.

Delegation is a process of assigning responsibility for a portion of a DNS namespace to a DNS server owned by a separate entity.

3. DNS Database Replication

There could be multiple zones representing the same portion of the namespace. Among these zones there are three types:

  • Primary
  • Secondary
  • Stub

Primary is a zone to which all updates for the records that belong to that zone are made. A secondary zone is a read-only copy of the primary zone. A stub zone is a read-only copy of the primary zone that contains only the resource records that identify the DNS servers that are authoritative for a DNS domain name.

Any changes made to the primary zone file are replicated to the secondary zone file. DNS servers hosting a primary, secondary or stub zone are said to be authoritative for the DNS names in the zone. A DNS server hosting a primary zone is said to be the primary DNS server for that zone.

4. Resource Record

A DNS database consists of resource records (RRs). Each RR identifies a particular resource within the database. There are various types of RRs in DNS. The common RR types are: Start of Authority(SOA), Name Server(NS), Mail Exhanger(MX), Host(A), Alias(CNAME). Please read[3] for detailed description on each RR type.

III - How DNS Works

DNS is essentially a distributed client/server system, where communication is mainly done by send/receive DNS query.

DNS queries can be sent from a DNS client (resolver) to a DNS server, or between two DNS servers. A DNS query is merely a request for DNS resource records of a specified type with a specified DNS name. For example, a DNS query can request all resource records of type A (host) with DNS name "abc.com".

There are two types of DNS queries that may be sent to a DNS server:

  • Recursive
  • Iterative

A recursive query forces a DNS server to respond to a request with either a failure or a successful response. With a recursive query, the DNS server must contact any other DNS servers it needs to resolve the request. When it receives a successful response from the other DNS server(s), it then sends a response to the DNS client.

An iterative query is one in which the DNS server is expected to respond with the best local information it has, based on what the DNS server knows from local zone files or from caching, without contacting other DNS servers. If a DNS server does not have any local information that can answer the query, it simply sends a negative response.

When iteration is used, a DNS server answers a client based on its own specific knowledge about the namespace with regard to the names data being queried. For example, if a DNS server on your intranet receives a query from a local client for “www.microsoft.com”, it might return an answer from its names cache. If the queried name is not currently stored in the names cache of the server, the server might respond by providing a referral - that is, a list of NS and A resource records for other DNS servers that are closer to the name queried by the client.

As shown in the graphic above, a number of queries were used to determine the IP address for www.whitehouse.gov. The query sequence is described below:

  1. Recursive query for www.whitehouse.gov (A resource record)
  2. Iterative query for www.whitehouse.gov (A resource record)
  3. Referral to the .gov name server (NS resource records, for .gov); for simplicity, iterative A queries by the DNS server (on the left) to resolve the IP addresses of the Host names of the name server’s returned by other DNS servers have been omitted.
  4. Iterative query for www.whitehouse.gov (A resource record)
  5. Referral to the whitehouse.gov name server (NS resource record, for whitehouse.gov)
  6. Iterative query for www.whitehouse.gov (A resource record)
  7. Answer to the interative query from whitehouse.gov server (www.whitehouse.gov’s IP address)
  8. Answer to the original recursive query from local DNS server to Resolver (www.whitehouse.gov’s IP address)

IV - RFCs about DNS
  • RFC 1034 -- Domain Names — Concepts and Facilities
  • RFC 1035 -- Domain Names — Implementation and Specification
  • RFC 1123 -- Requirements for Internet Hosts — Application and Support
  • RFC 1886 -- DNS Extensions to Support IP Version 6
  • RFC 1995 -- Incremental Zone Transfer in DNS
  • RFC 1996 -- A Mechanism for Prompt Notification of Zone Changes (DNS NOTIFY)
  • RFC 2136 -- Dynamic Updates in the Domain Name System (DNS UPDATE)
  • RFC 2181 -- Clarifications to the DNS Specification
  • RFC 2308 -- Negative Caching of DNS Queries (DNS NCACHE)
  • RFC 2535 -- Domain Name System Security Extensions (DNSSEC)
  • RFC 2671 -- Extension Mechanisms for DNS (EDNS0)
  • RFC 2782 -- A DNS RR for specifying the location of services (DNS SRV)
1. Wiki On Domain Name System
2. HowStuffWorks on Domain Name System
3. MS TechNet on How DNS Works
4. Understanding Domain Name System (Part I, Part II)

Papers on Designing/Implementing Internet
1. Rethinking the Design of the Internet
2. End to End Argument In System Design
3. End to End Principle

No comments: