Himanshu-Sharma
DNS Simplified: Your Guide to the Internet's Phonebook

DNS Simplified: Your Guide to the Internet's Phonebook

himanshu's photo
himanshu
·

8 min read

Table of contents

Your web browser is kind of dumb. When you type the name of the website you want to visit, your web browser does not know where to find the website because it does not know the IP address of the website, which is like the phone number of the website, and your browser does not know it. But if you hit enter, it gets there. What am I talking about? Imagine this: you want to call your friend, and someone gives you their phone and says, "call your friend," but you don’t know his phone number because who remembers these numbers? But if you get your phone, you can call your friend by looking up the number in the phone book. That is DNS, the domain name system. Your browser does not know the phone number or the IP address, so it has to check its contacts, and in this case, that’ll be the DNS server. Let’s learn more about DNS.

What is DNS ?

DNS, also known as the Domain Name System, is arguably one of the most important aspects of the internet. It ensures that the internet is user-friendly and runs smoothly, loading the content users request quickly and efficiently. DNS is a hierarchical and distributed naming system that translates human-readable website names into numerical IP addresses, which helps computers communicate with each other over the internet.

Lets learn about the basic terms in DNS

IP address :

IP address is the group of numbers separated by dots. Each computer have its own IP address, which helps them to connect with other computers over the internet. Some of the IP addresses are :

142.251.40.206
31.13.71.36
31.13.71.174

Domain Name :

Domain names are the human-readable names of websites. Domains can be purchased from a domain registrar, or they can be provided for free by your hosting provider. Without domain names, you cannot search for websites through web browsers because you would have to remember the website's IP address (which is not easy).

By the way, there can be up to 127 levels of subdomains, and each label can have up to 63 characters. The total domain character length can have up to 253 characters.

Domain Name System :

DNS is a large network of servers that store the distributed database of domain names and IP addresses located across the globe. Often referred to as the phone book of the internet, it helps connect the domain name to the IP address.

So when you enter the domain name (name of the website), the DNS server will provide the IP address of the domain name, and your browser will retrieve the website and its content.

142.251.40.206 = Google.com
31.13.71.36 = Facebook.com
31.13.71.174 = Instagram.com

How the DNS works ?

So you open your web browser and type www.chaicode.com. Now, before your browser asks another server for the IP address of the website, it might already know the IP address. It will use its stub resolver (the client server running in your system). The stub resolver will check its cache to see if the IP address of the website you want to visit is already there. If it is, then it doesn't need to go to other servers. But if not, your stub resolver knows it needs help and has to ask its DNS server. The common DNS server you might use is Google. So, the stub resolver will send the DNS query to the DNS server (Google) asking, “Hey Google, do you know the IP address of this website? You might know it.” And Google says, “No, I don’t.” Wait, what? Yes, Google might not know the IP address of the website because it is a recursive DNS server. But it knows someone who knows someone who can tell it the IP address. Just like the stub resolver, the DNS server has a cache used to get the IP address if someone has already visited the website. But if not, it will ask other DNS servers. There is a hierarchy of DNS servers involved in storing the IP address.

DNS Server Hierarchy

  • Root nameserver: These are the top-level servers responsible for directing the DNS server (recursive DNS server) to the TLD (Top Level Domain) nameserver, based on the extension of the website like .com, .in, .net, etc. There are 13 root servers in the world maintained by big organizations like NASA, etc. When the Google DNS server asks this root nameserver for the IP address of a website, it says, "I don’t know the IP address, but I know a guy who might know the IP address of the website."

  • TLD nameserver: The TLD (Top Level Domain) nameserver is the next stop for the DNS server. It contains all the information about the domains within a single domain extension (.com, .net, .in, etc). The Google DNS server will ask the TLD nameserver, "Do you know the IP address of this website?" and the TLD nameserver replies, "No, I don’t, but I know a guy who might know the IP address of the website," and it will direct the Google DNS server to the authoritative nameserver.

  • Authoritative nameserver: This is the last stop for the DNS server. It stores the IP address of the website. These are the domain websites or organizations that store all the IP addresses of the domains they sold. If the domain of the website you want to visit is registered by Cloudflare, then they surely know the IP address of the website. This responds with the IP address of the website.

Importance of DNS

Surely, after all the above information, you might have an idea of how important DNS is.

Without the DNS, you would have to remember all the IP addresses of the websites you want to visit (which is not easy).

DNS is designed to handle the immense growth of the internet. Its hierarchical and distributive nature ensures efficient and scalable domain name resolution.

DNS is a global system, enabling users from anywhere in the world to access websites and services by their domain names. It plays a crucial role in making the internet truly global.

Vulnerability in DNS and How to deal with it

All the above processes used to get the webpage are done using UDP port 53 by default. This is done in plain text, meaning they are not encrypted. It's exposed for anyone to see. So, if I were a hacker, I could intercept that traffic and look at it without any problems. If I were a malicious hacker, I could intercept and pretend to be the DNS server, sending the IP address of a malicious DNS server.

This is what happens all the time. It's called DNS Spoofing, and it's not just hackers you need to worry about. Your ISP (Internet Service Provider), the person providing your internet, can also see your DNS queries, which means they can see what websites you are visiting. You might have seen this when you open incognito mode; it says that your internet provider can see the websites you visit. That’s why DNS security has become a pretty big thing.

Thankfully, we do have a solution. A big hero to rescue is a thing called DOH, which is really cool. It stands for DNS over HTTPS. This HTTPS is a protocol used to access the content of a website securely. So, when you visit a website like Hashnode, you are connected via HTTPS. This connection is secure, and the hacker cannot see what you are seeing.

So, HTTPS is secure and encrypted. When DNS goes over HTTPS, it also becomes a secure connection. So, we get things like encryption. Even if a hacker happens to be in the middle of a conversation, sniffing your web traffic, they wouldn’t be able to see that DNS query because it’s hidden. Not only is it hidden, but it is also wearing a costume. It’s wearing an HTTPS costume. You see, normally it is pretty easy to identify DNS traffic when you are looking at traffic captures. You can search for the things that are using UDP port 53, but if DNS is using HTTPS along with all the other web traffic, a hacker can’t identify DNS traffic; it’s just all the website traffic.

So how do you use DNS over HTTPS? Well, the short answer is it's pretty easy. There are a couple of considerations. You have to know, for example, that your browser has to support DOH, which thankfully most do nowadays. Also, the DNS server you're connecting to, the one you choose to connect to, also needs to support DOH. Choose a DNS server that supports DOH. Just search for Cloudflare or Google. They all have it, and make sure your client has DOH enabled.

Conclusion

In conclusion, the Domain Name System (DNS) is an essential component of the internet, acting as its phonebook by translating human-readable domain names into numerical IP addresses. This system ensures that users can easily access websites without needing to remember complex numerical addresses. The hierarchical structure of DNS, involving root, TLD, and authoritative nameservers, facilitates efficient and scalable domain name resolution. However, DNS is not without vulnerabilities, such as DNS spoofing, which can compromise user privacy and security. Solutions like DNS over HTTPS (DOH) have been developed to enhance DNS security by encrypting DNS queries, making it difficult for malicious actors to intercept or manipulate them. As the internet continues to grow, the importance of DNS and its security measures will remain critical in maintaining a safe and user-friendly online environment.

ChaiCodeWeb DevelopmentdnsSoftware Engineering