Inner Workings of the Domain Name System (DNS)
One of the most underrated mechanisms in use by anyone with an Internet connection is the Domain Name System (DNS). From the laymen's perspective, connecting to Google for a daily search is very simple. But what really needs to happen for that "simple" connection to work? This article takes a look at the capabilities of DNS and how it's used in everyday communications.
What Information Does DNS Provide?
Beyond the complexity of offering a physical connection into a network, the next step is to implement an addressing system that allows for every device to be reachable to facilitate communication. A common example of an addressing system is the numbering system used around the world for telephone numbers; your phone needs to be reachable both for you to make calls and for other people to be able to call you. But how does anyone know which number to call?
Typically, we find a phone number in two main ways: by getting the number from the source or another person (someone gives you the number) or by looking it up in some type of directory (Yellow Pages, search engine, and so on). The mechanism used for Internet addresses is quite similar: When you need to look for a specific service, you typically search for it in a directory (search engine) and then use this information to reach the intended site.
The next question is how this address is remembered. If you like a particular hardware store, do you memorize the number to that store, or write down the number, or enter it as a contact on your phone? In general people memorize a few numbers they use often, but most of the time they create a new contact on the phone. This system allows for easy lookup because the number can be associated with an easy-to-reference name such as "Bob's Hardware." For Internet addresses, DNS performs the number storage.
DNS has a number of capabilities, but one of its most fundamental is translating an easy-to-remember site name into an Internet address (IP); for example, translating www.google.com into 188.8.131.52. DNS also provides reverse lookup (translating an Internet address into a name), email server lookup (finding which server acts as a specific site's postmaster), and many more services.
Basic DNS Operations
Before we get into the specific DNS records that are used, we first need to see how the basic operations work. Figure 1 shows the most common type of lookup.
Figure 1 Initial site communications.
In Figure 1, the end user wants to access the Google website, entering the characters www.google.com in a browser. The system must first find out what address is associated with those characters. To find this information, it performs a DNS lookup, and a successful result gives it the information needed to access the desired site.
From a DNS configuration perspective, this action requires the creation of an authoritative DNS server (the server that ultimately has the authority to control records for a specific domain) and a single DNS record. This type of record entry is referred to as an address record; the record contains a simple mapping between a name and an Internet address. There are two different types of address record:
- An A record is used for IPv4 Internet address entries.
- An AAAA record is used for IPv6 Internet address entries.
The difference between IPv4 and IPv6 is outside the scope of this article.
Pointer (PTR) Records
Sometimes DNS is required to look up an address and find out what name is associated with it. Figure 2 shows this type of lookup, called a reverse lookup. The exchange with the DNS server is very similar; instead of asking for an associated address, it requests an associated name. On the DNS server, this is configured with a different record type called a pointer (PTR) record.
Figure 2 Reverse lookup example.
A third type of record associated with address records is an alias or CNAME record. This type of record is used when a site can be accessed using a number of different names, as shown in Figure 3.
Figure 3 Alias (CNAME) example.
For example, what if www.google.com also wanted to be accessed via just google.com, or web.google.com? Having multiple address records could become a configuration nightmare because for any address change you would need to change each specific record. An alias record can be "pointed" at an address record and told to use whatever address is configured with that record. The example in Figure 3 shows the creation of an address record for google.com; then an alias record for www.google.com points to the address record entry for google.com. With this setup, if the address changes, it would only need to be altered once, at the original address record.
Mail Exchanger (MX) Records
The last type of record we'll cover is a mail exchanger (MX) record. This record type is used when sending email between users. To determine the server that's used to process mail for a specific domain, a client or the client's server performs a DNS lookup for an existing MX record. The record includes the name of the server which is in charge of incoming email for a specific domain; it can be implemented as a prioritized list of multiple servers as well. Figure 4 shows an example.
Figure 4 Mail server lookup.
Most DNS records are configured by a DNS administrator and are not intended to be altered often. However, some records need to be altered more often; in this case, dynamic DNS is often used. Typically, dynamic DNS is used when the IP address of a client changes during each session, or when the client moves around between locations.
A common use case is small businesses or home users whose Internet connection doesn't include a static IP address. In these cases, it's possible that the Internet Service Provider (ISP) will change the IP address in use. Dynamic DNS offers the ability to link a static name with a changing IP address; it does this by having the client (or a client device, such as a router) update the IP address being used in the record. With this design, the IP address returned with an address lookup is correctly configured with the current address.
Dynamic DNS is also used in environments where a client (using a laptop, for example) moves around between locations often and requires a static naming entry. In these situations, the same type of mechanism updates the address record when the client connects to the network. This type of functionality is often seen in larger enterprise networks where the dynamic DNS abilities are built into a user's profile.
DNS is a technology used every day by most Internet users, but it isn't well known outside the technical community. It is essential in almost all Internet communications and often is not given the respect that it deserves. Network engineers need to know how DNS works and understand the services it provides. This information will be used many times over almost every network engineer's career.