# DNS
People often compare DNS to the phonebook of the internet. Think about calling a friend without knowing their name. You would have to memorize that full ten digit phone number every time. It sounds pretty inconvenient right. The internet faces a similar issue if we rely on remembering IP addresses like `142.250.185.78`. Instead we just type in something simple like `google.com`.
DNS steps in to handle this problem. The **Domain Name System** translates those easy to read domain names into the IP addresses machines actually use. Because of DNS we can visit websites and send emails without ever touching those complicated numbers. Online services become straightforward too.
**Why DNS Exists**
Computers always talk through IP addresses during communication. Humans though find names much easier to handle. DNS fills that space with its distributed and hierarchical setup for naming things. The internet would not work well without it. Picture bookmarking and memorizing an IP address for every single site.
| **Concept** | **Without DNS** | **With DNS** |
| --------------- | ------------------------------ | ----------------------------------------- |
| Website Access | Must remember `142.250.185.78` | Just type `google.com` |
| Email Delivery | Must send to IP of mail server | Use `@gmail.com` and DNS finds the server |
| User Experience | Complex, error-prone | Simple, user-friendly |
**How DNS Resolution Works**
When you enter `www.example.com` into your browser address bar, the name resolution process kicks off right away. It handles turning that domain name into an actual IP address. There are two primary ways this happens in DNS systems:
1. **Recursive Resolution**\
The DNS resolver handles everything, whether it's your Internet service provider's or a public option such as Google DNS at 8.8.8.8. It manages the entire process independently without the need for external help.
2. **Iterative Resolution**\
The resolver does not handle everything on its own. Instead, it asks each DNS server along the way which one to try next. It continues to follow this chain until it reaches the authoritative server. That server contains the precise IP address for the domain.
**The Resolution Path**
| **Step** | **Description** |
| ------------------------ | ------------------------------------------------------------------------ |
| Root DNS Server | Points to the right Top Level Domain (TLD) server (`.com`, `.org`, etc.) |
| TLD DNS Server | Directs the query to the authoritative server for the domain |
| Authoritative DNS Server | Holds the actual DNS records and provides the IP address |
At the end of this process, your computer receives the correct IP and can connect to the website.
**DNS Records Explained**
DNS doesn’t just store IP addresses. It uses different types of records for different purposes:
| **Record Type** | **Purpose** | **Example** |
| --------------- | ------------------------------------------------------- | ------------------------------------- |
| **A** | Maps a domain to an IPv4 address | `93.184.216.34` |
| **AAAA** | Maps a domain to an IPv6 address | `2606:2800:220:1:248:1893:25c8:1946` |
| **CNAME** | Points one domain to another | `www.example.com` → `example.com` |
| **MX** | Directs emails to the correct mail server | `mail.example.com` |
| **TXT** | Stores text for verification/security (SPF, DKIM, etc.) | `v=spf1 include:_spf.google.com ~all` |
**Practical Example with nslookup / dig**
You can manually query DNS with simple tools:
**Using nslookup** (Windows/Linux/macOS):
```
nslookup www.example.com
```
**Using dig** (Linux/macOS):
```
dig www.example.com
```
To trace the resolution step by step:
```
dig +trace www.example.com
```
This shows every hop: Root → TLD → Authoritative.
**Caching and TTL**
DNS gets set up mainly for quick performance. It stores query results in caches to prevent repeating the exact same requests all the time. Those caches happen right on local devices and also through various DNS resolvers.
Every single record includes its own **TTL** value. That stands for **Time To Live**. The value sets the exact duration for keeping the cached info valid. After that time passes, the system needs to perform a new lookup for fresh details.
| **Scenario** | **TTL** | **Effect** |
| --------------------------------- | ------- | ------------------------------------------ |
| Example.com record | 3600s | Cached for 1 hour, then refreshed |
| High-traffic services (e.g. CDNs) | 60s | Allows frequent updates for load balancing |
| Rarely changing records | 86400s | Cached for 24h, reduces DNS traffic |
**Recursive vs Authoritative Servers**
| **Type** | **Role** |
| -------------------- | -------------------------------------------------------------- |
| Recursive Resolver | Acts on behalf of the client, usually ISP or public DNS server |
| Authoritative Server | Holds definitive records for a domain |
**DNS in IPv6**
DNS in IPv6 works a lot like how things go with IPv4.
IPv4 sticks with **A records** for addresses. IPv6 switches over to **AAAA records** to handle those longer addresses. Most modern networks run both setups side by side. This lets DNS servers hand back multiple records at once in what they call a dual-stack approach. Clients on the network pick which one to use. They usually go for IPv6 first if it is available and working.
**DNS Problems**
Even though DNS is fundamental, it comes with challenges:
* **Propagation delay** hits when you update a DNS record. The change has to ripple out across the whole internet. Caching mechanisms and TTL settings slow that down. It can take several hours for the new info to show up everywhere. Sometimes that wait stretches out to a full 48 hours or so.
* **DNS cache poisoning** is another nasty issue. Attackers slip in fake IP addresses right into those caches. This tricks users into heading to phony websites instead. From there it opens the door to phishing scams. It can also spread malware pretty easily.