DNS

DNS stands for Domain Name System (DNS) services. When we access a website,
we are using this service to locate the server where the domain’s website is located.
When browsing the web, we usually type in a domain name like www.google.com
into our browser. This is better than trying to remember an IP address linked to a
Google server.

Behind the scenes, a conversion happens using this service which converts
www.google.com to 172.217.12.46. The IP address designates the location of a
server on the Internet. This conversion process is called a query. This is an integral
part of how devices connect with each other to communicate over the internet. To
understand the query process, let’s review how this query works.

How Does the DNS Process Work?

Step 1: Requesting Website Information

Let’s visit a website by typing a domain name into a web browser. Our computer will
start resolving the hostname, such as www.liquidweb.com. Our computer will then
look for the IP address associated with the domain name in its local DNS cache. This
cache stores this information that our computer has recently saved. If it is present
locally, then the website will be displayed. If our computer does not have the
information, it will perform a DNS query to retrieve the correct information.

Step 2: Contact the Recursive DNS Servers

If the information is not in your computer’s local cache, then it will query another
server. Recursive DNS servers have their local cache, much like your computer.
Many ISP’s use the same recursive DNS servers, it’s possible that common domain
name is already in its cache. If the domain is cached, the query will end here and the
website displayed to the user.

Step 3: Query the Authoritative DNS Servers

If a recursive DNS server or servers do not have information stored in its cache
memory, it looks elsewhere. The query then continues up the chain of authoritative
DNS servers. The search will continue until it finds a nameserver for the domain.
These authoritative name servers are responsible for storing these records for their
respective domain names.

Step 4: Access the DNS Record

To locate the IP address for liquidweb.com, we will query the authoritative name
server for the address record (A record). A Recursive DNS server accesses the A
record for liquidweb.com from the authoritative name servers. It then stores the
record in its local cache. If another query requests the A record for liquidweb.com,
the recursive server will have the answer. All DNS records have a time-to-live value,
which shows when a record will expire. After some time has passed, the recursive
DNS server will ask for an updated copy of the records.

Step 5: Final DNS Step

The Recursive DNS server has the information and returns the A record to your
computer. Our computer then stores the record in its local cache. It reads the IP
address from the DNS record and passed it to our browser. The web browser will
connect to the web server associated with the A records IP and display the website.

The entire lookup process, from start to finish, takes only milliseconds to complete.
For a better understanding, let’s break down the components that make up the
lookup process.

DNS Servers

Authoritative DNS Server

An authoritative name server is a server that stores DNS records (A, CNAME, MX,
TXT, etc.) for domain names. These servers will only respond to queries for locally
stored DNS zone files. Say a server in our network has stored an A record for
example.com. That server is the authoritative server for the example.com domain
name.

Recursive Nameserver

A recursive name server is a DNS server that receives queries for informational
purposes. These types of servers do not store DNS records. When a query is
received, it will search the cache memory for an address linked to the IP address. If
the recursive name server has the information, then it will return a response to query
sender. If it does not have the record, then the query will be sent to other recursive
name servers. This continues until it reaches an authoritative DNS server that can
supply the IP address.

DNS Zones
A DNS zone is an administrative space within the Domain Name System. A zone
forms one part of the DNS namespace delegated to administrators or specific
entities. Each zone contains the resource records for all of its domain names.
DNS Zone File
A DNS zone file is a text file stored on a server. It contains all the records for every
domain within that zone. It is mandatory for the zone file to have the TTL (Time to
Live) listed before any other information. The TTL specifies how long a DNS record
is in the server’s cache memory. The zone file can only list one record per line. It will
display the Start of Authority (SOA) record listed first. The SOA record contains
essential domain name information including the primary authoritative name server
for the DNS Zone.

DNS Record Types

DNS records are stored in authoritative servers. These records provide information
about a domain, including its associated IP address for each domain. It is mandatory
for all domains to have a specific set of default records. Below are a list of the most
common record types and frequently utilized DNS records. Let’s look over each type
of record.

A (Address) Record

An A record (or Address Record) points a domain name to an IP address. For example,
when you type www.google.com in a web browser, the DNS system will translate that
domain name to the IP address of 172.217.12.46 using the A record information stored in a
DNS Zone file. The A record links a website’s domain name to an IP address that points to
the server where the website’s files live.

CNAME (Canonical Name) Record

A CNAME record forwards a domain name to a different domain name. This record does not
contain an IP address. We can utilize this type of record only when there are no other
records on that domain name. Otherwise, a conflict is introduced by the other records which
would interfere with its resolution. As an example, the following CNAME record can redirect
web traffic to go from www.google.com to simply google.com but not to an additional domain
name such as gmail.com. In the CNAME records below, we see the FTP service being
redirected to the main domain and mail being redirected to the “webmail” service on a
server.

MX (Mail Exchanger)

The MX record routes email messages to a specific mail server linked to a domain from a
designated mail host on a different server. MX records use a priority system if there is more
than one MX record used for a domain that is using more than one mail server.

The priority number to the right of the MX specifies the order of access to the mail servers.
Counterintuitively, the lower the number is, the higher the priority. For example, the priority
number of 10 set within the MX record will receive the email messages first. The MX record
with the priority number of 20 will be a backup if the MX record with the priority of 10 is
unavailable.
TXT (Text) Record

A TXT record is utilized for information and verification purposes. The TXT record discloses
information about your domain to other servers such as what services the domain is using. A
Sender Policy Framework (SPF) record is an example of a TXT record that is added to help
identify, verify and confirm an email message is actually coming from the server it is being
sent from.

NS (Name Server) Record

The NS or Name Servers records denotes which DNS server is authoritative for a domain.
This simply means it identifies which server contains the current records for a domain. These
servers are usually found at a registrar, ISP, or hosting company. The highest level of
authority comes from the 13 top level DNS servers which actually contain all the active
records for every domain. These servers track and share DNS info with all the other DNS
servers at the businesses noted above. NS records are created to identify the nameservers
used for each domain name within a given zone.

SOA (Start of Authority) Record

The SOA record is a resource record which stores information regarding all the DNS
records within a given zone. An SOA record contains properties of a zone such as:

 The name of the primary DNS server

 The Email address of the responsible party for that zone
 The serial number that is used by a secondary DNS server to assess if the
information a zone contains has changed.
o If the information within a zone has changed on the primary server,
those changes are shared to other DNS servers and this updates the
serial number on the zone file to indicate and update has taken place.
 Refresh Interval or TTL
o This shows how frequently the DNS servers check for updates or
changes to any of the records, as determined by the TTL or Time to
Live. This number can be modified to increase or decrease the
timeframe when those changes occur,
 Retry Interval
o The retry interval displays how frequently the secondary DNS servers
should retry checking if any changes are made to the zone if the first
refresh fails.
 Expire Interval
o Shows how long the zone TTL will be valid after a refresh.
 Minimum (default) TTL (Time to Live)
o The SOA records are outlined in
https://www.ietf.org/rfc/rfc1035.txt under “Domain Names –
Implementation and Specification”.

SRV (Service) Record

The SRV records are created to establish connections between services and
hostnames. For example, if an application is searching for a location of a service that it
needs, it will look for an SRV record with that information.

PTR (Pointer) Record

A PTR record (Reverse DNS record) does the opposite of an A record. It resolves an IP
address to a domain name. The purpose of this record is mainly administrative. It verifies
that an IP address links to a domain name. Not all DNS hosting providers offer this type of
record.