What is the DNS protocol?

When a DNS client makes a DNS request using a hostname, such as www.example.com, a series of functions connect that request with the corresponding IP address. These functions provide the authentication of IP addresses (both IPv4 and IPv6) and make internet usage more accessible by translating customizable domain names into complex numerical addresses.

To complete these functions, DNS protocol relies on four types of DNS servers that, when functioning properly, make the process fast and secure. DNS servers use DNS records—records such as A records and CNAME records that contain information that guides the resolution process—to properly route DNS requests. These records are text-based files known as “zone files,” written in DNS syntax.

DNS resource records are stored on authoritative DNS servers also known as authoritative name servers. They contain information related to the domain, including how long a server will keep DNS records cached, a period known as time-to-live (TTL). These records enable the linking of domain and subdomains and the proper routing of emails, assist with DNS security and more.

Through the following process, DNS queries are resolved, and users are connected with the IP address of the web server hosting the site:

• When you use a DNS client such as your computer, smart device, any web browser, or application to connect to a domain name, you set off what’s known as a recursive query, DNS request, DNS lookup or DNS query.
  
  
• When a request for a DNS record is made from a device like a smartphone, computer or tablet, a browser (such as Google Chrome) will first check its cache for the record. If no record exists, an operating system level resolver is queried. This operating system component, called a stub resolver, checks for the record.
  
  
• If the requested record is not cached at the local level, DNS queries are then directed through a series of external DNS servers that help resolve the request.
  
  
• The first server at work is the recursive DNS server, also known as the DNS recursor or recursive DNS resolver, which is often operated by an internet service provider (ISP). If possible, the recursive resolver uses DNS cache data to reach the desired site; if this data is not available it moves the request forward to the root name server.
  
  
• Root name servers, or root DNS server, take the request and are able to route it to a server known as the top level domain or TLD name server, based on the site’s extension: .com, .org or .net, for instance.
  
  
• TLD name servers take requests for specific extensions and sends them to the authoritative name server, also known as the authoritative DNS server or authoritative domain name server.
  
  
• The authoritative name server contains information for the DNS zone it manages, including information related to specific domain names stored in DNS resource records, and connects domain names with corresponding IP addresses.
  
  
• The information is returned to the DNS client, completing a DNS resolution.

When a DNS server is unable to retrieve a complete answer, it sets off an iterative DNS query. Servers will continue to bounce the request through different servers until an IP address is found or a time out or error is reached.

The DNS namespace governs public DNS hostnames on the internet. The namespace creates a hierarchy that is structured like a tree, and each node in the tree has a textual label and DNS resource records that describe the domain. The domain name is made up of the label along with the label of its parent notes (these sections are separated by a dot, as in “example.com”), and is separated into zones. Each zone is delegated to a specific legal entity for administration and management. This structure allows for websites to be given unique names.

The domain name creates a hierarchical structure with different levels. Domain names consist of one or more parts called labels and each part is separated by a dot. A label can contain up to 63 characters.

Example: forum.support.example.com

In the example above, “.com” represent the top-level domain, “example” represents the domain name, “support” is a subdomain under “example” and “forum” is a subdomain under “support.”

A recursive DNS server, also known as a DNS recursor or recursive DNS resolver, communicates with other DNS servers to locate and return an IP address. This server receives a DNS query and can connect a user to the desired site using cached data. If site data is not cached, it sends a follow-up request to the authoritative name servers.

The authoritative name server is usually the final stop in the process of resolving a DNS query. This server contains the resource records for all domains in that zone. On occasion, authoritative name servers must send a request to another name server to find information about specific subdomains.

DNS messages consist of queries and replies and contain the following fields:

• A header containing identification, flags, the number of questions and answers, the number of authority resource records (RRs), and the number of additional resource records.
  
  
•  A flag field indicating message type and if a name server is authoritative, the status of a query, and whether it was recursive or truncated.
  
  
• A question section with the domain name and record type being resolved.
  
  
• The answer section with the resource records of the queried name.

DNS uses the User Datagram Protocol to answer DNS queries due to its speed and low overhead. For DNS responses that are larger than 512 bytes, or if a server is managing zone transfers (the transferring of DNS records from primary to secondary DNS servers) or similar tasks, it uses the Transmission Control Protocol (TCP). TCP enables data integrity checks and breaks a message down into smaller packets to help ensure it reaches its destination as quickly as possible.

DNS master files are stored on DNS name servers. They are text files that define DNS information for a single DNS zone such as:

• Global time to live (TTL): This defines the amount of time records should be stored in local DNS caches.
  
  
• Start of authority (SOA) record: This establishes the primary authoritative name server for a given zone.
  
  
• Resource records: These records are used to store hostnames, IP addresses and other information in DNS name servers.

On a small scale, a user should not even notice this process is happening. On an enterprise scale, understanding how DNS works is important for maintaining both internal and external web services and selecting a managed DNS solution.

Use cases for managed DNS solutions include:

A content delivery network (CDN) is global network of servers that helps improve delivery performance and reduce latency. A multi CDN system allows for dynamic use of several CDNs to provide the best service.

When servers are overloaded, they can fail or slow down performance. Load balancing is the process of distributing network traffic across various servers, and GSLB distributes workloads efficiently across data centers around the world.

Managed DNS solutions facilitate automated routing based on the geographic location of end users, speeding network and application performance.

Traffic steering gives organizations the power to optimize connections to applications, services and content based on real-user monitoring (RUM) data, load and network conditions.