DNS – The Internet Phonebook

DNS stands for Domain Name System and is the technology that enables you to use domain names. A domain name is what you type into a browser when you want to go to a website. These are all examples of domain names:

  • google.com
  • whitehouse.gov
  • wikipedia.org

DNS is pretty complicated so let’s break it down.

In The Beginning There Were Only Numbers

The first version of the internet grew out of a bunch of universities connecting their networks together. They quickly realized that all the computers on their new network needed addresses, so they could all talk to each other.

The addresses they came up with are called IP addresses. An IP address, or IP, is four numbers between 0 and 255 that are separated by a dot. Here’s one of the IPs for Google.

216.58.205.46
Every computer attached to the internet has one and it’s unique. This includes the computer that you are reading this on. You can check this by searching, “what is my IP address“, on Google.

After every computer on the early network had a unique numerical address they could use to talk to each other. This was great for the computers but not so great for their human operators.

People aren’t that great at remembering numbers.

If people were great at remembering numbers then there would be no Yellow Pages and your phone wouldn’t come with a contact list.

People are great at remembering names and words. So, why not have a way to convert easy-to-remember names into a hard-to-remember numbers?

The inventors of the first internet came up with a solution. The solution was an online directory that allows an easy-to-remember domain name to be to convert to a hard-to-remember IP address that could be queried by programs which they called the Domain Name System or DNS.

The Layers of DNS

It’s easy to think of DNS as a single directory that contains a simple list of all the domain names and a corresponding IP address that they convert to.

Unfortunately, the real world is much more complicated than that and the DNS has to accommodate every use case that people have thought of putting the internet to.

The first complication is that there are lots of different domain endings, such as “.com”, “.uk”, “.info” and many others. Every different domain ending is managed by a different organization and every country in the world has their own domain extension. Many of these organizations also allow third-party companies to register domains on their behalf.

This system looks like a mess, and it is a mess. Fortunately, the creators of the DNS designed it so that it was capable of adapting to as much complexity as the world could throw at it.

Their brilliant idea was to make the DNS hierarchical. There is one starting location for any DNS lookup that every program knows how to make. The result of this query is not the answer but some more DNS servers. The new DNS servers will be more specialized that the previous one. The root servers cater for all domains and the next ones may only know about e.g. .net domains. Each successive query will take the browser closer to the ultimate DNS servers that old the actual information that the browser needs.

Understanding how this works is easier if we imagine your browser trying to find out the IP address of an example domain, e.g. rocket.net as a dialogue between your browser and the DNS servers:

Browser #> Hi root server, I've got this domain, onrocket.com, and I need to find its IP address.

root-servers.net #> I don't have the IP, but I do know who handles all the .com domains. Go ask them at gtld-servers.net.

Browser #> Hi .com servers, I need the IP for the onrocket.com domain.

gtld-servers.net #> I don't have the IP for you but I do know authoritative servers that have all that information. They're over at Cloudflare.
Browser #> Hey Cloudflare, I've got this domain, rocket.net, that I need the IP for.

Cloudflare DNS #> I can absolutely help you with that. The IP is 104.19.154.92.

As you can see, the process starts by asking the root servers and following the path of responses to the final nameservers, know as the Authoritative Nameservers. These are the servers that contain the actual DNS information for the domain. The structure of DNS means that the system can accommodate any number of domain endings and any number of registered domains.

Now that you know how the DNS functions let’s look at some of the types of DNS records that the authoritative DNS servers can hold.

DNS Records

So far, we have only looked at domain name to IP address conversion record. There are other types of records that DNS servers hold. The following are a quick summary of the most common types of DNS records that you are likely to encounter.

A Records

An A record is the record type that we have used so far in this article. It’s a straightforward mapping of a domain name (rocket.net) or subdomain (www.rocket.net) to an IP address.

MX Records

The MX stands for Mail eXchange, and they are used for sending email. When your mail client needs to find out which email server to send an email to it asks the DNS system for the MX record for the domain name in the email address.

Email addresses are composed of two parts that are separated by a @ e.g. j.smith @ example.com. Your email program will ask the DNS system for the MX record for example.com when you send an email to [email protected].

The MX record points to an A record, which in turn points to the IP address of the mail server.

CNAME Records

These records are more complicated but can be thought of as shortcuts that say, “Copy all of the records from this other domain”. They are usually used to avoid duplicating lots of information for domains that all do the same thing.

TXT Records

These records allow a domain name to have some unstructured text associated with it. This is used for a variety of reasons but the one you are most likely to encounter is for an SPF record.

SPF is an email anti-spam technique that says, “Only these mail serves are authorized to send email from my domain name”. This stops spammers sending spam that use your domain name to try and pretend their spam is legitimate.

There are other types of records but you are unlikely to encounter them in everyday DNS management.