DNS is internet directory. It translates humable readable domain names such as google.com to machine readable ip address. There are different types of DNS servers in DNS hierarchy, each serving a different purpose. When a browser makes a DNS query it's asking a DNS resolver, This DNS resolver could be from ISP or from popular DNS providers like cloudflare 1.1.1.1 and google 8.8.8.8.
If the DNS resolver doesn not have answer in its cache, it finds the right authoritative nameserver and asks it. The authoritative nameserver is the one that holds the answer. When we are update DNS domain records, we are updating its authoritative nameserver.
There are 3 main levels of authoritative DNS servers. They are the root name servers, TLD top level domain name servers, and the authoritative name servers for the domains. The root name server store the IP addresses of the TLD name servers. There are 13 logical root name servers. Each root name server has single ip address assigned to it. Actually there are many physical servers behind each IP address. Through the magic of anycast, we get routed to the one closest to us. The TLD name server store the ip addresses of the authoritative nameservers for all the domains under them. There are many types of TLD names. We are all familiar with .edu, .com , .org. There are also country code TLDs like .in , .uk. The authoritative nameserver for domain provide well authoritative answers to the DNS queries. When we register a domain, the registrar runs the authoritative nameservers by default, but we can change them to others. Cloud providers like AWS and Cloudflare runs robust authoritative nameservers.
This heirarchical design makes DNS highly decentralized and robust.
Life of DNS query
user types google.com in browser
The browser first check its cache. if it has no answer, it tries to make Operating system call to get the answer
The OS call would most likely would have its own cache. if the answer isn't there it reaches out ot DNS resolver
The DNS resolver first check its cache, If it's not there or if answer has expired, it asks the root name server.
The root name server responds with the .com TLD name servers. Since .com is such a common TLD, the resolver most likely already caches the ip address for those .com TLD nameservers.
The DNS resolver then reaches out to the .com TLD nameserver and the TLD nameserver returns the authoritative nameservers to google.com
And finally, the DnS resolver reaches out the google.com authoritative names server and it returns the ip address of google.com
The DNS resolver then returns the ip address to the Operating system and OS in turns returns it to the browser.
DNS propagation is slow as there is TTL on each dns record. And some of the DNS TTL are pretty long. Also not every DNS resolver is a good citizen. There are some out there that don't honor the TTL. To mitigate a risk, there are 2 practical steps to take.
First reduce the TTL for the record that we want to change to something very short. say 60 sec well in advance before the update actually happens. This gives ample time for all DNS servers to receive the shortened TTL which would allow the actual record update to take effect based on the new shortened TTL
Second leave the server running on OLD ip address for while. Ony decommision the server when traffic dies down to an acceptable level. Because some DNS resolver don't honor the TTL, this could take a bit of time and patience.
Is the DNS protocol involved when a users pings a website name?
Yes it is involved. When the user pings the website name, a DNS request packet is sent to the DNS server which would then respond with the IP address of the web server on which the website is hosted.
On a network, should the DNS server IP address be configured on the computer or the internet router for users to browse the internet?
The DNS server IP address should be configured on the computer for the users to browse the internet.
In a LAN network should the DNS server be inside the network or can it reside on the internet?
The DNS server can reside anywhere as long as the computers and devices requiring DNS service have network access to it.
How does a computer know to which DNS server it has to sent the request?
The DNS server IP address is configured on the TCP/IP adapter setting of the computer. With this information, the computer knows the DNS server to which the request has to be sent.
How many root DNS servers are available in the world
13
Which port does a DNS Server Use?
UDP port 53
A user opens the browser and types the IP address of the webserver on which a website is hosted. Is DNS protocol involved during the scenario?
The DNS protocol is used to resolve the website name into the corresponding IP address. In this case, since the IP address is already known, DNS protocol is not required and is not involved in the scenario.
Name two methods by which DNS can be configured on a computer?
It can be manually configured on the TCP/IP adapter or by a DHCP server.
If a computer is configured with a default gateway address, should the same address be used as the DNS server IP address?
It is not mandatory. The DNS server IP address can be any value provided the computer has access to it.
What happens when you ping a DNS server IP address?
A response to the ping is sent by the DNS server IP address.
No comments:
Post a Comment