DNS Magic: Unveiling the Secrets and Internals Behind Every Click #chaicode

First, Let's Understanding the Domain Before We Explore DNS

A domain is a human-readable address used to identify a website on the internet. It acts as the address people type into their browsers to visit a specific website, making the web more user-friendly by replacing complex IP addresses with easy-to-remember names.

For example, chaicode.com is a domain name, where chaicode is the unique name identifying the website, and .com is the top-level domain (TLD) indicating the type of domain. Understanding domains is essential, as they are the foundation of the DNS system, which helps us navigate the internet.

If you want to learn about HTTP and how it works, please visit this article, where I have covered all the details about HTTPS and its internals. HTTP : The Backbone of Web Communication

---

Let's Start Understanding DNS

DNS (Domain Name System) is like the phonebook of the internet. When you want to visit a website, you type its name (like chaicode.com) in your browser. However, computers don’t understand website names — they use IP addresses (like 192.168.1.1) to identify websites.

DNS : Domain Name System : It helps your computer find websites using their names.

DNS translates the human-friendly website names into machine-friendly IP addresses. It works by asking a series of servers (DNS resolvers, root servers, etc.) to find the correct IP address for the website you want to visit.

Flow chart Representing the Working of DNS

DNS Workflow

Here’s a high-level breakdown of how DNS works :

1. User Enters URL:

   • A user types a URL like www.chaicode.com into their browser.

2. Browser Cache Check:

   • The browser checks its local cache to see if it has the IP address for the domain.

3. Operating System Cache:

   • If not found in the browser cache, the OS's DNS resolver checks its cache.

4. Recursive DNS Resolver:

   • If the OS doesn’t have the IP, it queries the Recursive DNS Resolver (provided by the user’s ISP or a third-party like Google DNS or Cloudflare DNS).

5. Root DNS Servers:

   • The resolver contacts one of the 13 Root DNS Servers to find the Top-Level Domain (TLD) server responsible for .com.

6. TLD DNS Server:

   • The TLD server provides the address of the Authoritative Name Server for chaicode.com.

7. Authoritative DNS Server:

   • The resolver queries the Authoritative Name Server, which contains the IP address for chaicode.com.

8. IP Address Returned:

   • The resolver returns the IP address to the browser.

9. Browser Connects:

   • The browser connects to the IP address and requests the webpage.

Now, Let's Explore Each Point in Detail :-

Browser Cache

If the IP address is found in the Browser Cache Check, the DNS resolution process skips all further steps (like querying the OS cache, recursive resolver, and DNS servers)

The browser directly uses the cached IP address to establish a connection to the server associated with the domain. example : www.chaicode.com

Since the browser skips additional DNS lookups, the page loads faster. This improves user experience by reducing latency.

• Latency - Data transfer mein der (delay in data transfer from one computer to other).

• TTL - Time to Live - Expiry Date of data.

Cache Expiry : Every DNS record has a "Time to Live" (TTL) value, which tells the browser how long to keep the record before checking for an update. When the TTL expire, the browser will ask again for the latest information.

Operating System Cache

The OS DNS Cache is a temporary storage maintained by the operating system's DNS resolver. It stores the results of DNS queries (domain names and their associated IP addresses) that were recently resolved.

Storing recent DNS queries locally avoids the need for external lookups, reducing latency.

Where is the OS DNS Cache?

The OS DNS Cache resides in your computer's memory (RAM). It acts as a temporary storage area for recently resolved domain names and their corresponding IP addresses.

Commands to interact with it in windows :

View cache :

ipconfig /displaydns

Clear cache :

ipconfig /flushdns

Recursive DNS Resolver

When your computer doesn't know the IP address of a website, it asks a "Recursive DNS Resolver" for help. This resolver is usually provided by your internet service provider (ISP) or can be a third-party service like Google DNS or Cloudflare DNS. The resolver will find the IP address for you.

To speed up the process, the resolver stores (or caches) the DNS records for a certain period. So, if someone else asks for the same website shortly after, it can provide the answer without needing to ask the original server again.

If the resolver doesn’t know the IP address right away, it will keep asking other DNS servers (root servers, TLD servers, etc.) until it finds the answer.

Root DNS Servers

The Root DNS Servers are like the "starting point" of the internet’s address system. There are 13 main ones, and their job is to point your computer to the right place when you're trying to find a website.

Example:
If you want to visit chaicode.com, your computer might first ask a root DNS server, and the server will then tell it to check the next set of servers (which know about .com websites). From there, your computer will get the final address.

The 13 root DNS servers are spread across the world and help keep the internet running smoothly by directing traffic to the right places.

TLD Name Servers ( Top-Level Domain )

A TLD nameserver maintains information for all the domain names that share a common domain extension, such as .com, .net, .ai or whatever comes after the last dot in a URL.

These servers don’t know the specific website's IP address, but they know where to find the next set of servers (authoritative nameserver) that do, guiding your computer to the correct location.

For example:

• .com TLD Server: If you're trying to visit a website like chaicode.com, your computer will ask the .com TLD server where to find the website’s address.

.ai TLD Server: For websites ending in .ai, like hitesh.ai, it asks the .ai TLD server.

Authoritative Name Servers

An Authoritative Nameserver is the final step in the process of finding a website's address. Once your computer reaches the authoritative nameserver, it gets the exact IP address of the website you're trying to visit.

After the TLD DNS server points your computer to the right place, it asks the Authoritative Nameserver for the website's exact address.

The Authoritative Nameserver has all the information about the website, like the IP address, and gives it to your computer.

Yes, you are right! GoDaddy and Hostinger are web hosting companies, and when you purchase a domain or hosting from them, they can provide you with authoritative nameservers.

---

DNS Records

DNS record is a piece of information in a database that connects a domain name to an IP address. DNS records are instructions stored on DNS servers that tell the internet how to handle requests for a domain name.

Types of DNS Records :

1. A Record (Address record) : Connects your domain name( chaicode.com ) to an IPv4 address (computer address).

   Example : This means when someone types chaicode.com, their browser is sent to the server at IP address 192.168.10.1.

2. AAAA Record : Connects your domain name( chaicode.com ) to an IPv6 address (computer address).

   This is like upgrading from an old 10-digit phone number to a new 12-digit one for future-proofing.

   Example : This means when someone types chaicode.com, their browser is sent to the server at IP address 2401:db00:12:700b::1

3. CNAME Record (Canonical Name Record) : A CNAME Record (Canonical Name) creates an alias (उपनाम) for your domain. It allows one domain name to point to another domain name, instead of directly pointing to an IP address. This is helpful for managing multiple subdomains, commonly used for subdomains like www, mail, or shop.

   A CNAME record always redirects to the target domain, which must have its own A or AAAA record for proper functioning.

   Example:

   1. Redirecting www to the main domain:

      • CNAME Record:
        example.in → example.in

      • This ensures that visitors to example.in are redirected to example.in.

   2. Using a custom subdomain for a CDN:

      • CNAME Record:
        images.example.in → cdn.examplecdn.com

      • This means images.example.in points to the third-party service cdn.examplecdn.com while keeping a professional branding.

4. MX Record (Mail Exchange Record) : Directs emails to your mail server or Tells where to send emails for your domain (chaicode.com).

   MX record : mail.chaicode.com

   Example : It tells email systems to send all emails for chaicode.com to mail.chaicode.com.

5. TXT Record (Text Record) : DNS record that stores text information about a domain. It is primarily used for providing information to external services for verification, security, and configuration purposes.

   Example: It is used for domain verification with services like Google Workspace, Facebook, or Microsoft 365, and for email security by adding SPF, DKIM, and DMARC records. These records help prevent email spoofing and spam.

   Additional Information:

   • \SPF : Sender Policy Framework - This specifies which mail servers can send emails on behalf of the domain. [ v=spf1 include:_spf.google.com ~all ].*

   • \DKIM : DomainKeys Identified Mail - Ensures email content is not tampered.* v=DKIM1; k=rsa; p=PublicKeyHere

   • \DMARC : Domain-based Message Authentication, Reporting, and Conformance - Tells receiving servers how to handle unauthorized emails.*

6. NS Record (Name Server Record) : Lists the DNS servers for your domain.

   Example:

   • Domain: chaicode.com

   • NS Records:

     • ns1.chaicode.com

     • ns2.chaicode.com
       These are the servers that handle DNS queries for chaicode.com.

7. SOA Record (Start of Authority) - Provides administrative information about the domain or details about your DNS zone. We explain DNS zone below.

8. PTR Record (Pointer Record) - Maps an IP address back to a domain name (reverse lookup).

9. SRV Record (Service Record) - Points to specific services like video calls or messaging.

---

Here are answers to your frequently asked questions about DNS

1. Why are there only 13 DNS root server addresses?

There are only 13 DNS root server addresses because of technical limitations in the early days of the internet. DNS root servers are crucial for directing internet traffic, and using just 13 makes the system easier to manage. However, these 13 servers aren't limited to just 13 physical locations. The addresses are distributed worldwide using a technique called anycast, so multiple copies of these servers exist across different locations, improving speed and reliability.

2. Who operates DNS root servers?

DNS root servers are operated by various organizations around the world. These include both government and private entities, as well as nonprofit organizations. Some of the operators include:

• ICANN (Internet Corporation for Assigned Names and Numbers)

• VeriSign

• University of Maryland

• U.S. Department of Defense

• Other independent organizations

Each root server operator helps manage and maintain the infrastructure that ensures DNS works reliably.

3. What happens if a DNS root server becomes unavailable?

If a DNS root server becomes unavailable, the anycast system ensures that the traffic is automatically rerouted to the next available copy of the server. Since there are many copies of each root server around the world, the system is resilient and can still function even if some servers go down. DNS continues to work smoothly, though a temporary slowdown might happen if multiple servers experience issues. Additionally, if a root server does go down, it usually gets restored quickly due to its global importance.

4. What is DNS TTL?

DNS TTL (Time to Live) is a value in a DNS record that indicates how long the information should be cached by DNS resolvers (servers that fetch DNS records) before they check for updates. Essentially, TTL tells how long a DNS record is valid and when it should be refreshed.

5. What is DNS zone?

A DNS Zone is a specific segment or portion of the DNS (Domain Name System) database that is managed by a particular entity, like a domain owner or a DNS hosting provider. It contains all the DNS records for a domain, such as A, CNAME, MX, TXT, and more, which define how the domain and its subdomains function.

Example:

For the domain chaicode.com, the DNS zone might contain:

• A Record: example.com → 192.168.1.1

• CNAME Record: www.chaicode.com → chaicode.com

• MX Record: chaicode.com → mail.chaicode.com

• TXT Record: v=spf1 include:_spf.google.com ~all

All these records together define the DNS zone for chaicode.com.

Types of DNS Zones

1. Primary Zone (Master Zone):
   The primary zone is the main zone file where all DNS records are created and updated.

2. Secondary Zone:
   A read-only copy of the primary zone, used for redundancy and backup purposes.

3. Forward Zone:
   Maps domain names to IP addresses.

4. Reverse Zone:
   Maps IP addresses back to domain names.

6. How can you troubleshoot DNS issues?

Troubleshooting DNS issues involves a systematic approach. Here are some steps you can take to diagnose and resolve DNS problems:

1) Check network connectivity: Ensure that the client has a working internet connection.

2) Check DNS configuration: Verify that the DNS resolver settings on the client are correct.

3) Clear DNS cache: If you suspect a caching issue, clear the DNS cache on the client or the DNS server.

4) Ping DNS servers: Test connectivity to DNS servers by pinging them.

5) Check DNS records: Use DNS query tools like nslookup or dig to query DNS records and check for errors.

6) Check firewall and security software: Ensure that firewalls or security software are not blocking DNS traffic.

7) Examine DNS server logs: Review DNS server logs for errors or unusual activity.

8) Check DNSSEC: If DNSSEC is enabled, check for DNSSEC-related issues.