DNS name resolution is the process of translating domain names into IP addresses and vice versa. It is essential to understand how it works, since it is a prerequisite for the F5 BIG-IP DNS course.
In this section, we will introduce the different types of DNS records and explain how name resolution process works.
DNS Record Types
To start DNS name resolution process, we first need to know how a simple DNS server translates the name into an IP address through different record types.
DNS name resolution uses different record types to translate the name into an IP address. The record types store information about the domain name, such as IP address, alias, mail server, or name server.
Suppose we have a single domain name “rayka-co.com” and a DNS server that is responsible for translating the name to IP address for that single domain name.
DNS server contains various records already created by the administrator that help users find the corresponding IP address for each name or service in that domain.
Type A, CNAME, MX and NS records are not the only record types, but the most important ones that we will get to know in a little more detail.
A Record
A record is the main record type in the DNS server and we can specify the corresponding IP address for each name.
For example, to store the IP addresses of the names “rayka-co.com” or “ftp.rayka-co.com“, you can use the record type “A” for each name in the domain.
Let’s check the IP address of some names in the “rayka-co.com” domain using the “nslookup” tool.
I change the name server to the Google DNS server “8.8.8.8”. Later we will discuss how the Google DNS server discovers various DNS records through the DNS server responsible (authoritative) for the domain rayka-co.com.
C:\Users\majid>nslookup Standardserver: speedport.ip Address: fe80::1 > server 8.8.8.8 Standardserver: dns.google Address: 8.8.8.8 >
> set type=A
> rayka-co.com
Server: dns.google
Address: 8.8.8.8
Nicht autorisierende Antwort:
Name: rayka-co.com
Addresses: 172.67.180.118
104.21.91.213
> ftp.rayka-co.com
Server: dns.google
Address: 8.8.8.8
Nicht autorisierende Antwort:
Name: ftp.rayka-co.com
Addresses: 104.21.91.213
172.67.180.118
>
CNAME record
CNAME record is an alias or canonical for another name.
For example, “www.rayka-co.com” or “mail.rayka-co.com” can be an alias for “rayka-co.com” because the services run on the same server with the same IP address.
Let’s check the alias for “mail.rayka-co.com” via nslookup.
> set type=CNAME
> mail.rayka-co.com
Server: dns.google
Address: 8.8.8.8
DNS request timed out.
timeout was 2 seconds.
Nicht autorisierende Antwort:
mail.rayka-co.com canonical name = rayka-co.com
>
MX record
MX record returns the name of the mail servers related to a domain name. It helps forward emails to the correct mail servers.
Let’s check the mail server of the domain “rayka-co.com” using nslookup and MX record type.
> set type=MX
> rayka-co.com
Server: dns.google
Address: 8.8.8.8
DNS request timed out.
timeout was 2 seconds.
Nicht autorisierende Antwort:
rayka-co.com MX preference = 0, mail exchanger = mail.rayka-co.com
>
NS record
And finally NS record, which is the most important record to understand before we discuss the DNS name resolution process.
For every domain name, there is at least one DNS server that is responsible for all records associated with that domain name. They are called authoritative DNS servers for that domain name.
NS record allows us to determine the name or IP address of the name server authoritative for each domain name.
Let’s find out who is an authoritative DNS server for the domain “rayka-co.com” via nslookup.
> set type=ns > rayka-co.com Server: dns.google Address: 8.8.8.8 Nicht autorisierende Antwort: rayka-co.com nameserver = terin.ns.cloudflare.com rayka-co.com nameserver = wanda.ns.cloudflare.com >
Of course, these are not the only record types in the name server, but they are the most important ones, which makes us ready to start discussing the name resolution process.
DNS name resolution process
As I have already discussed, there are many DNS servers in the world, each of which is responsible for one or more domain names.
When we want to get an IP address from a domain name, we ask the authoritative DNS server to provide the IP address that corresponds to the name we want to get.
But the question is, who knows the authoritative name server for each domain name? That’s exactly what we’re going to discuss.
There is a hierarchy of DNS servers that helps us find out who is the authoritative name server for each domain.
DNS Hierarchy simple Definition
root DNS servers
At the root of the hierarchy are “root DNS servers,” which are 13 names. The servers are spread all over the world and there is more than one physical server for each name.
All DNS servers know the anycast IP address of these 13 root name servers, which is embedded in the operating system.
Root DNS servers know which name servers are responsible for top-level domain names such as “.com”, “.org”, “.net”, “.gov” and all other top-level domain names.
TLD (Top Level Domain) DNS servers
At the second level of the DNS hierarchy are top-level domain (TLD) DNS servers.
TLD name servers know who are the authoritative name servers for each domain name.
For example, TLD name servers for “.com” know who are the authoritative name servers for each domain in the “.com” hierarchy. Or TLD name servers for “.net” know who are the authoritative name servers for each domain in the “.net” hierarchy.
authoritative DNS servers
And finally at the third level or the lowest level of the DNS hierarchy are authoritative DNS servers.
Authoritative DNS servers are responsible for their own domain name and are the actual DNS servers that return the IP address of the requested names.
recursive and iterative name resolution
Every client at home, in an enterprise, or on the Internet points to a DNS server called a local DNS server (LDNS). This can be a corporate DNS server, an ISP DNS server, or public DNS servers like Google DNS server.
If you ask the local DNS server to resolve a name to an IP address, it will immediately respond to you if it is authoritative for that name. Otherwise, the local DNS server has to find the IP address for you.
There are two methods by which a local DNS server can resolve a name to an IP address if it is not authoritative for that name and cannot find also the name in the DNS cache. Recursive or Iterative.
recursive name resolution
With recursive name resolution, the client requests the local DNS server to resolve a name. The local DNS server delegates the task to another DNS server if it does not know the name and cannot find it in the cache. The second DNS server can also delegate the task to another DNS server.
This process continues until a DNS server knows the name or can resolve it in a recursive or iterative method.
In this method, it is enough to configure the IP address of second DNS server in your local DNS server.
For any name resolution request where the name is not known, the local DNS server forwards the request to the second DNS server and waits for it to receive the IP address.
iterative name resolution
In the iterative name resolution process, the local DNS server forwards the request directly to the root DNS server.
The root DNS server does not know the name, but returns the address of the name server responsible for the top-level domain name.
For example, asking the root DNS server for “www.example.com” will return the name of the DNS server responsible for the top-level domain name “.com”.
Local DNS server, then ask the TLD name server, who is responsible for the top level domain name “.com”.
The TLD name server does not know the answer, but returns the name of the authoritative DNS server for the domain name.
In our example, it returns the name of the authoritative DNS server for the domain “example.com”.
Finally, we ask the authoritative DNS server to provide the IP address of the name “www.example.com” and it returns the final IP address.
The local DNS server then updates the cache and also the client with the IP address of the requested name.