How DNS lookup works

  sonic0002        2022-09-09 23:11:03       1,304        0    

When accessing a website, a domain name would be needed normally. To get to the actual web server, the domain name must be mapped to an actual IP address and the IP address will be used to reach the web server. The process of finding the IP address from a domain name is called DNS lookup. 

How does DNS lookup work? There are tons of domain name and IP address around the world, there must be some well-designed architecture to support fast lookup. This post will explain how this works.

DNS Server

The mapping between domain name and IP address is stored in DNS servers. When typing a domain name, web browser will automatically send a DNS lookup request to DNS servers to obtain the IP address. There are lots of public DNS server around the world, Cloudflare's 1.1.1.1 will be sued as an example in this post.

dig command

The command line tool dig can be used to interact with DNS servers. For a simple lookup, can type below command.

dig @[DNS SERVER] domain.name

So to find the IP address of es6.ruanyifeng.com, can type

dig @1.1.1.1 es6.ruanyifeng.com

Normally it would produce lots of output

The important part might be the ANSWER SECTION, it tells the lookup result which tells the corresponding IP address is 104.198.14.52.

Domain name tree structure

Given that one can send DNS lookup request to 1.1.1.1, does that mean the DNS server 1.1.1.1 stores all the mappings of domain name and IP address? No, DNS lookup system is a distributed system, 1.1.1.1 is just the entry point, it needs to send lookup request to other DNS servers. To explain the complete process of DNS lookup, the domain name structure needs to be explained as well. Basically domain name is a tree structure, the top one is the root, then comes with the top-level domain, first-level domain and second-level domain etc.

root domain

All domains start with a root domain which is a dot(.)., it is at the end of each domain name, and it's the same for every domain, hence normally it is omitted. example.com and example.com. are essentially the same.

top-level domain

There are two kinds of top-level domains: gTLD and ccTLD. gTLD is general purpose top-level domain name, e.g, .com and .net. ccTLD is country controlled top-level domain, e.g, .cn and .us. top-level domains are managed by ICANN, but it normally delegates companies to manage gTLD and delegates governments to manage their own ccTLD.

first-level domain

first-level domain is the domain one registers at some websites like GoDaddy and it normally belongs to some top-level domain. For example, ruanyifeng.com is registered under .com domain.

second-level domain

second-level domain is also called subdomain. It can be created by the first-level domain owner. For example, es6.ruanyifeng.com is a subdomain.

DNS lookup chain

The good part of this kind of tree structure is that you just need to look up level-by-level if you wanna finds an IP address of some domain. Each level has its own DNS servers. Hence if wanna look up a second-level domain es6.ruanyifeng.com, it needs below three steps.

  1. Look up the root name server and get the IP address of .com domain(TLD)
  2. Look up the TLD name server and get the first-level domain name server IP address for ruanyifeng.com
  3. Look up the first-level domain name server and get the IP address of second-level domain es6.

Root name server

There are 13 root domain name servers around the world. Their domain names and IP addresses can be found below.

The IP addresses of root name server will never be changed, they are hardcoded in operating system. OS will choose one domain name server to look up IP address of TLD.

dig @192.33.4.12 es6.ruanyifeng.com

In above command, 192.33.4.12 is chosen and it will tell the IP address of the TLD for .com.

Since this DNS server cannot give the exact IP address of es6.ruanyifeng.com, it will not have the ANSWER SECTION, instead it has an AUTHORITY SECTION which gives the domain names of 13 TLD name servers.

TLD name server

With the TLD server IP addresses, can look up further.

dig @192.41.162.30 es6.ruanyifeng.com

This time, the output looks like

It still doesn't have the ANSWER SECTION, but it gives the first-level name servers IP address for ruanyifeng.com in the AUTHORITY SECTION.

first-level name server

Do the lookup again with the first-level name server

dig @172.64.32.123 es6.ruanyifeng.com

It produces the output

Now it has the ANSWER SECTION and it gives the final IP address of the domain es6.ruanyifeng.com.

Types of DNS server

Four types of DNS server in total

  • Root Name Server
  • TLD Name Server
  • Authoritative Name Server
  • Recursive Name Server

1.1.1.1 is not a root name server as can see from the 13 root name server IP addresses above, but why it can be used as the entry-point for lookup? It is because 1.1.1.1 is a recursive name server which can automate the different steps of DNS lookup and give the final result to end users. Normally it means recursive name server when people talk about DNS server. Also this kind of DNS server has caches which will cache search result to speed up the lookup and save resource as well.

Authoritative name server is the formal name of first-level name server. Unlike recursive name server, it can determine the final IP of a domain. Normally when setting the DNS server for a newly registered domain name, it is the authoritative name server.

References

DNS  DNS LOOKUP 

       

  RELATED


  0 COMMENT


No comment for this article.



  RANDOM FUN

Life is too short to remove USB safely