What is a Domain Name Server (DNS)?
A DNS is a computer server that contains a database of many IP addresses and their associated domain names. It serves to translate a requested domain name into an IP address, so that the computer knows which IP address to connect to for the requested contents. The Internet is a network of connected computers, and they communicate with each other through IP addresses. A DNS plays an important role in helping us to conveniently use the Internet and it is one of the most essential foundations of the Internet as we know it today.
It is much easier for us to remember a domain name, webnic.cc, rather than a string of numbers, 18.104.22.168 (IP address) to WebNIC’s website. Both the domain name and the DNS are extremely important and they work together to make this possible. Read our blog here if you are unsure what is a domain name.
A great example is to see a DNS as a phone book, which matches a name to a telephone number. You can search for the name you want and find the corresponding phone number. It is also a similar concept to your smartphone’s contact list, which will match a contact name to a phone number. Remembering domain names is definitely easier for us than to remember a string of numbers. DNS helps us to do this by match domain names to IP addresses, and simplifies our web surfing experience significantly.
How Does a DNS Work?
A DNS starts working immediately after a user enters a domain name in the address bar of a browser. It will search through the Internet to find the IP address that is associated with the entered domain name. After successfully identifying the IP address, it then guides the user’s browser to connect to it, which will then serve the requested website contents. The process happens very quickly with little delay and the user will be on his requested website almost immediately. However, in the background, a DNS has executed many processes.
The first step that a DNS does is to send a DNS query to several other DNS servers. A DNS is not just a single server responding to over billions of domain name requests, but instead it is distributed globally across a network of DNS, which stores the IP address directory in a distributed manner.
With this in mind, all the DNS servers work together to attend to the billions of domain names requests worldwide. The reason behind this is to cut down the time for users to get a response for their requests. If a user is looking for a specific site and there is only one DNS server to process it, then it will take significantly longer to search through the millions of records in the directory. What if at the same time there are also millions, if not billions of users who are also doing the same? That is going to take a long time, and the users’ browsing experience will definitely be affected negatively.
Therefore, DNS is set up to work collaboratively across several servers to provide the best browsing experience to users. When a website address is entered by a user in an Internet browser, a DNS query is initiated and a DNS server sends the query to several other DNS servers, each tasked with translating a different part of the domain name the user entered. There are mainly four servers which work together to translate the website address into a computer readable IP address, namely the DNS Resolver server, the root server, the Top-level Domain (TLD) server and the Authoritative Name Server. The DNS Resolver is the server who does most of the process in translating a domain name to an IP address. It receives the DNS query and in turn acts like a client to query the three other DNS servers mentioned above to translate the domain name.
It first queries the root server and the root server responds to the query by returning the IP address of a TLD server (like .com, .net, .org etc.). A TLD server stores the information for its domains, and will return the IP address of the Authoritative Name Server to the DNS Resolver. This is where the requested website is actually located. It then returns the actual IP address of the requested website to the DNS Resolver, which in turn response to the initial DNS query the actual IP address. Check out the illustration below to have a clear picture of the step-by-step processes of how a DNS work.
Another point worth mentioning is point number 9 as shown in the illustration. The DNS Resolver will perform a caching function to cache the data for a limited time, after it has retrieved the correct IP address for a given website. The purpose of doing so is that in case the user requests for the same domain name again, it can immediately direct the user to the right web server without having to do the entire process of translating the domain name again. It is also beneficial in a sense that if there are other users who request for the same domain name, their request can be processed instantly, and they can enjoy a great browsing experience.
The Importance of a DNS
DNS helps to increase the efficiency of organising and locating more than 300 million domain names and their corresponding IP addresses around the world. It is not hard to see why DNS is an important foundation of the Internet we know today. The many DNS servers around the world work together to provide an optimised Internet browsing experience. The DNS system has been in existence for more than 30 years and has proven to be a stable and essential part of the Internet infrastructure to connect the world globally. However, hackers are also taking advantage of the system to exploit and scam the public through DNS attacks.
DNS attacks can occur in a few ways. The most common way is through malware attacks on a user’s computer. A malware attack can change the DNS server settings of the user’s computer to connect to a hacker’s DNS server. The hacker’s server can then direct users to other fake websites, and scam them of their confidential information such as their identity information, bank information or any other forms of sensitive information. This kind of attack is known as a DNS cache poisoning.
Another way of DNS attack is bombarding the user’s computer with high-volume data from DNS Resolver servers. It will cause the victim’s machine to be overwhelmed with data inflow and it will become inoperative to provide its original services. Hackers can then blackmail victims or force them to pay ransom to release their machines from the attacks. This kind of attack is known as a DNS reflection attack.
Last but not least, DNS attack can also occur through system resource exhaustion. Hackers can clog the DNS infrastructure of Internet Service Providers (ISP) of users and render it inoperative. This is done by hackers through registering a domain name and using the victim’s DNS servers as that domain’s authoritative server. They then send large number of requests for the domain and also add in large number of non-existent subdomains requests, which leads to a flood of the DNS resolving processes, eventually crashing the victim’s DNS system. This kind of attack is known as DNS resource exhaustion attack.
The existence of DNS is truly a great thing, as this technology makes everything on the Internet we know today possible. Without DNS, the Internet surfing experience will likely be very painful and extremely troublesome. The Internet and the world we know today will probably be very different without DNS. Next time when you browse the Internet, make sure to appreciate the existence of DNS and realise how convenient it has made life for us all. Make sure to also take proper measures to protect your computer to prevent DNS related attacks by hackers.
WebNIC is a trusted domain registrar with more than 20 years of experience in the domain wholesale and reseller service. We currently manage our own DNS to ensure a satisfying domain name reselling experience for all our valuable partners. We offer a wide range of domains and web solutions to help our partners to grow their web business. If you are interested to become our partner, contact us at [email protected].
WebNIC is an accredited registrar for ICANN, and various countries including Asia, Europe, America, Australasia, and Africa. With offices in Singapore, Kuala Lumpur, Beijing, Taipei and Jakarta, we serve 5,000+ active resellers over 70 countries. To join us and become a reseller, live chat with us or email us at [email protected].