What is DNS and how does it work

DNS is a service that facilitates communication between different network segments. Its use can significantly reduce the time spent searching for information. In this article you will learn about the basic principles of operation of the service, as well as methods and forms of data transmission on the Internet.

How does it work

At the dawn of the development of the Internet, there was a “flat” naming system: each user had a separate file that contained lists of contacts he needed. When he connected to the World Wide Web, his data was sent to other devices.

However, due to the rapid development of the Internet, it was necessary to simplify data exchange as much as possible. Therefore, it was divided into smaller segments-domains. In turn, they are divided into subdomains. At the top of the address, submitted in the nominal form, there is a root - the main domain.

Since the Internet is an American development, there are two types of primary domains:

  • generic domains that belong to US institutions:
  1. com – business organizations;
  2. gov – government agencies;
  3. edu – educational institutions;
  4. mil – military missions;
  5. org – private organizations;
  6. net – Internet provider.
  • The indigenous domains of other countries consist of two letters.

The second level consists of abbreviations for cities or regions, and third-order domains denote various organizations and enterprises.

The dot acts as a separator between domains of different order. There is no dot at the end of the name. Each individual domain with a dot is called a label.

Its length should not exceed 63 characters, and the total length of the address should be 255 characters. Basically, the Latin alphabet, numbers and hyphens are used, but several years ago they began to use prefixes based on other writing systems. Letter case does not matter.

Servers are computers that contain a list of other objects within one network level, which allows for faster exchange between users. They became the basis of the new system.

Each network level must have its own server, which contains information about the addresses of users in its segment.

Searching for the necessary data goes like this:


DNS Basics

A node consisting of several domains is called a zone. Its file contains the main parameters of its segment. This includes information about the FQDN or fully qualified domain name. If such an entry ends with a dot, this means that the object name is specified correctly.

There are several types of computers that serve DNS:

  • master– main agent of the network. He can change its configuration;
  • slave– second order devices. They serve clients equally with the master and can replace him in case of problems. This allows you to relieve the network;
  • caching. Contains information about domains of foreign zones;
  • invisible. Missing from the zone description. Most often, this status is assigned to users with master status in order to protect them from attack.

The user can send one of two types of requests to them.

The browser sends it through the resolver program:

  • recursive. If the server does not contain the necessary information, in this case it obtains the necessary data from higher-level computers and sends a response to the client. This allows you to reduce the number of requests and saves time and your traffic;
  • iterative. The server sends a ready response, selecting information only from its own cache (memory). If it does not have suitable data, it provides a link to other computers. The browser then goes to this address.

There are two types of responses:

  1. authoritative– if the data is sent from a device that serves the network;
  2. non-authoritative. Sent by a third-party computer that obtains the necessary data from its own cache or after an iterative request.

Video: DNS Service

Names and IP addresses

The DNS service provides translation of website names into IP addresses. On the Internet, each device can be tracked by 2 main parameters - domain name and IP address. They can be assigned to the user's computer, network printer, or router.

However, this is very conditional, since a computer may not have a domain name, but use several addresses. In addition, each IP address must match all domain names. However, a domain can only contain information about one IP address.

Operating mode

Servers can operate in the following modes:

  1. maintenance of your own zone. Data exchange takes place between the master and slave computers. However, requests from unauthorized users are not accepted;
  2. performing a recursive question;
  3. forwarding– the server sends a request to another zone.

Changing DNS settings

Typically, these parameters are set automatically by the network. In order to reset the data, you need to go to the “Network Connections” section.

After that, you need to enter the protocol used to maintain the network.

In the “Properties” section you can set the necessary parameters. Usually the main IP address of the server and an alternative one are indicated.

Message Format

The message that is used to exchange information between the service begins with a 12-byte header. This is followed by an identification field that allows you to determine which request was answered.

The flags field (the next 16 bits) includes the information:

  1. message type;
  2. operation code;
  3. identification of authoritativeness (i.e. shows whether the serving computer belongs to the network);
  4. TC flag. Displays whether the message arrived truncated or full.
  5. recursion flag, i.e. requirements for the server to send requests to higher-order computers;
  6. recursion capability flag. Shows the server's ability to redirect messages;
  7. return code. Displays whether the response was sent with errors or not.

The last 16-bit field shows the total number of parameters taken into account.

Questions in DNS request

Part of the resource record in the response

Any response contains information about the party that sent the message. It contains the following data: response, server credentials and additional information about it.

In addition to them, the message contains:

  • domain name;
  • request type;
  • validity period of the cached version;
  • resource record length – an estimate of the amount of information.

Index queries

Pointer queries are aimed at searching for a page in inverse mode, i.e. searching for a resource name by IP address, given as a text string separated by dots.

To send it, the host address is written in the opposite order with the addition of a certain suffix (most often in the form in-addr.arpa).

The operation can be performed if the resource contains a PTR record. This allows control of the zone to be transferred to the owner of the IP addresses.

Resource records

This is a list of the main programs used by the service. Within one domain, these records are unique. Duplicates of these records may exist at different levels of the network.

This data includes the following types of records:

  1. SOA–start of powers. It allows you to compare a domain and the computers serving it. They also contain information about the validity period of the cached version, and the contact person who services the server of a certain level;
  2. A contain a list of IP addresses and their corresponding hosts. They allow you to identify the address of domain resources;
  3. NS (Name Server) include a list of computers that serve the domain;
  4. SRV (Service) display all resources that perform the most important functions of the service;
  5. MX (Mail Exchanger) allow you to automatically configure the distribution of data to serving computers within the boundaries of one domain;
  6. PTR (Pointer) used to search for a resource name if the user knows its IP address;
  7. CNAME (Canonical Name) allow the server to be referred to under multiple aliases within the service.

Caching

To find the information you need, the browser can search for information in three segments. First, the necessary data is searched using the DNS service, i.e. at the local level. They can be found if your computer contains a Hosts file.

However, if the operation fails, the client submits a request. To speed up the search for information, cached servers are used. If it does not find the required data, then it performs a recursive query. When served, it copies data from other networks.

This allows you to save traffic without subsequently contacting authoritative users. But an open entry remains valid for a limited period. Its validity period is set in the zone file. The default minimum is 1 hour.

UDP or TCP

The service supports both UDP and TCP protocols.

UDP is used to send messages over global networks. The size of messages sent via this protocol is limited. Incomplete answers contain the TS label. This means that the response size exceeded 512 bytes, so the rest did not reach the computer.

It is less reliable because it does not have a specific timeout for request response. However, such a system is suitable for transmitting huge amounts of information.

TCP is used to transmit such data because it allows you to receive any amount of data divided into segments of a certain size.

This protocol is also used by secondary servers when they request data from host computers every three hours to learn about updates to the network configuration file.

The DNS service has a complex hierarchical structure. However, the server system provides flexible and fast interaction between all users and devices of the Network.

To find out the necessary information, the client sends a request. The response contains basic data about the object of interest and the computer serving the zone. To carry out this exchange, the UDP and TCP protocols are used.