• Animesh Gupta

What is DNS?

Updated: Jul 14, 2018



A DNS server is a computer server that contains a database of public IP addresses and their associated hostnames, and in most cases, serves to resolve, or translate, those common names to IP addresses as requested.

DNS servers run special software and communicate with each other using special protocols.

In more easy to understand terms: a DNS server on the internet is the device that translates that www.cybertechops.com you type in your browser to the 182.50.132.242 IP address that it really is.


Note: Other names for a DNS server include name server, nameserver, and domain name system server.


Why Do We Have DNS Servers?


This question can be answered with another question: Is it easier to remember 182.50.132.242 or www.cybertechops.com ? Most of us would say it's much simpler to remember a word like cybertechops instead of a string of numbers.

When you enter www.cybertechops.com into a web browser, all you have to understand and remember is the URL https://www.cybertechops.com. The same is true for any other website like Google.com, Amazon.com, etc.

The opposite is true, too, that while we as humans can understand the words in the URL much easier than the IP address numbers, other computers and network devices understand the IP address.

Therefore, we have DNS servers because we not only want to use human-readable names to access websites, but the computers need to use IP addresses to access websites. The DNS server is that translator between the hostname and IP address.


How Domain Name Servers Work ?


You just learned that the primary job of a domain name server, or DNS server, is to resolve (translate) a domain name into an IP address. That sounds like a simple task, and it would be, except for the following points:

  • There are billions of IP Addresses currently in use, and most machines have a human-readable name as well.

  • DNS servers (cumulatively) are processing billions of requests across the Internet at any given time.

  • Millions of people are adding and changing domain names and IP addresses each day.

With so much to handle, DNS servers rely on network efficiency and Internet protocols. Part of the IP's effectiveness is that each machine on a network has a unique IP address in both the IPV4 and IPV6 standards managed by the Internet Assigned Numbers Authority (IANA). Here are some ways to recognize an IP address:

  • An IP address in the IPV4 standard has four numbers separated by three decimals, as in: 70.74.251.42

  • An IP address in the IPV6 standard has eight hexadecimal numbers (base-16) separated by colons, as in 2001:0cb8:85a3:0000:0000:8a2e:0370:7334. Because IPV6 is still a very new standard, we'll concentrate on the more common IPV4 for this article.

  • Each number in an IPV4 number is called an "octet" because it's a base-10 equivalent of an 8-digit base-2 (binary) number used in routing network traffic. For example, the octet written as 42 stands for 00101010. Each digit in the binary number is the placeholder for a certain power of two from 2 to 27, reading from right to left. That means that in 00101010, you have one each of 21, 23and 25. So, to get the base-10 equivalent, just add 21 + 23 + 25 = 2 + 8 + 32 = 42.

  • There are only 256 possibilities for the value of each octect: the numbers 0 through 255.

  • Certain addresses and ranges are designated by the IANA as reserved IP addresses, which means they have a specific job in IP. For example, the IP address 127.0.0.1 is reserved to identify the computer you're currently using. So, talking to 127.0.0.1 is just talking to yourself!




When you visit a domain such as http://cybertechops.com, your computer follows a series of steps to turn the human-readable web address into a machine-readable IP address. This happens every time you use a domain name, whether you are viewing websites, sending email or listening to Internet radio stations like Pandora.


Step 1: Request information


The process begins when you ask your computer to resolve a hostname, such as visiting http://cybertechops.com. The first place your computer looks is its local DNS Cache, which stores information that your computer has recently retrieved.

If your computer doesn’t already know the answer, it needs to perform a DNS query to find out.


Step 2: Ask the recursive DNS servers


If the information is not stored locally, your computer queries (contacts) your ISP’s recursive DNS servers. These specialized computers perform the legwork of a DNS query on your behalf. Recursive servers have their own caches, so the process usually ends here and the information is returned to the user.


Step 3: Ask the root nameservers


If the recursive servers don’t have the answer, they query the root nameservers. A nameserveris a computer that answers questions about domain names, such as IP addresses. The thirteen root nameservers act as a kind of telephone switchboard for DNS. They don’t know the answer, but they can direct our query to someone that knows where to find it.


Step 4: Ask the TLD nameservers


The root nameservers will look at the first part of our request, reading from right to left — http://cybertechops.com — and direct our query to the Top Level Domain (TLD) nameservers for .com. Each TLD, such as .com, .org, and .us, have their own set of nameservers, which act like a receptionist for each TLD. These servers don’t have the information we need, but they can refer us directly to the servers that do have the information.


Step 5: Ask the authoritative DNS servers


The TLD nameservers review the next part of our request http://cybertechops.com — and direct our query to the nameservers responsible for this specific domain. These authoritative nameservers are responsible for knowing all the information about a specific domain, which are stored in DNS records. There are many types of records, which each contain a different kind of information. In this example, we want to know the IP address for http://cybertechops.com, so we ask the authoritative nameserver for the Address Record (A).


Step 6: Retrieve the record


The recursive server retrieves the A record for http://cybertechops.com from the authoritative nameservers and stores the record in its local cache. If anyone else requests the host record for http://cybertechops.com, the recursive servers will already have the answer and will not need to go through the lookup process again. All records have a time-to-live value, which is like an expiration date. After a while, the recursive server will need to ask for a new copy of the record to make sure the information doesn’t become out-of-date.


Step 7: Receive the answer


Armed with the answer, recursive server returns the A record back to your computer. Your computer stores the record in its cache, reads the IP address from the record, then passes this information to your browser. The browser then opens a connection to the webserver and receives the website.

©2019 Security Unleashed | New Delhi