DNS is a distributed system made for receiving the information about domains. Simply put, DNS servers are an equivalent of a phonebook, where a contact's name is a name of a website and a number is an IP-address on the internet. As soon as you are about to enter any website the distributed DNS system lets a browser quickly "get through" to a particular recipient, in other words - to access the resource.
A DNS server exists so that a new website is available for all internet users, not only for its creator. If the necessary settings are not applied, no one will find out about the resource. For a better fault tolerance servers are usually written in pairs, in which one DNS is used as a primary one, and others (in the amount of 1 to 12 for each domain) serve as secondary ones and turn on when the primary server goes off.
Without the use of DNS it is impossible to imagine proper work of websites, online apps, email, messengers, multiplayer video games, virtual private networks (VPN) and many other services that use the internet. Here are some tasks that require the use of technology in question:
We are not talking only about the computers because nowadays it is possible to set up a personal DNS server on a smartphone and, for example, completely block ads on websites/in apps as a result.
Depending on the specific purpose the following types of DNS servers exist:
Root servers also include DNS servers that register dynamic updates from users.
DNS works every time a user enters the internet with a certain query. As soon as you enter the name of a website in the address bar and press Enter, the browser immediately starts a search for a 'hosts' file on your computer. In this file, a match between a domain and an IP address is carried out. Usually there are no entries in the file, but if there are any, and they contain the domain typed into the address bar, the website opens immediately. Otherwise, the browser will form a DNS request and send it to the provider, who will start searching for an IP address of a needed domain.
Despite the complexity of the work of the domain names and IP addresses system, the operations listed above are performed in a few milliseconds, especially when the data is taken from the provider's cache. Different desktop and mobile apps that use the internet work the same way.
For better clarity let's have a look at the work of a DNS server system at the specific example. We will take into consideration the request in the form of 'passport.yandex.ru/name'. This address in entered in the address bar and consists of several parts:
Let's consider the path which the named query takes after being typed into the address bar.
As a result of these steps the browser will immediately open the requested page, which is passport.yandex.ru/name.
You can use Whois to find out data on your DNS server. On the main page of the website there is a blank field in which you must enter the domain and press "Check". Pay attention - the domain must be entered without http:// and www. After a couple of seconds, the information is presented in a list of DNS servers which comply with the entered name of the resource. In the report they are mentioned in 'nserver' strings. 'State' string deserves particular attention. If it shows the NOT DELEGATED status, it means the domain does not have a list of DNS servers. Consequently, this resource is not available to users. The cause of this status appearing for a properly set up website may be a forced removal of a domain delegated by a registrar/administrator. In any case, this problem needs to be resolved as soon as possible.
The DNS system works on the base of the root servers, which initially were situated in the amount of 13 on the territory of North America and belonged to different internet operators. After some time has passed, many similar servers appeared in other countries. It was done to increase the reliability and the stability of the system. As a result, the number of root servers was increased to 123. Most of them are situated in the USA.
The packing density of DNS system servers depends on the rate of internet infrastructure exploitation. Except for the USA and Canada, they can be found in Russia, Australia, Brazil, the UAE, China, Iceland, countries of Europe and other states of the world. The fastest DNS servers in Russia are located in Moscow, Saint Petersburg, Rostov-on-Don, Yekaterinburg and Novosibirsk.
Several IP addresses may be connected to a single domain simultaneously. For example: a regular website and an email server for working with electronic messages. The situation is aggravated by the fact that each domain name has one or two subdomains. DNS zones are used for a convenient storage of data about the compliance of domains and its IP addresses. There is a set of resource records, which are added to the system to provide information:
Using these types of DNS records you can specify the information which is written in the zone.
DNS servers often face external attacks, which result in problems with access to the website. Attackers may do it to blackmail owners, do it as an attempt to drive a competitor out of business or for other purposes. Attacks can be avoided if several measures to organize protection are undertaken:
There are several technologies which significantly increase the protection of DNS servers from external attacks. For example, DNSSEC – a set of extensions which minimize the success of attacks based on the DNS address spoofing. TSIG, DANE and other tools can also be of interest considering the protection.
DNS servers of different internet providers refresh once in 24 hours. Because of that a situation may arise when after а change in parameters a website may be available to one provider but unavailable to another. Generally, the problem with availability solves itself within 24 hours, often you just have to wait it out. If it did not happen do the following:
For a quick efficiency evaluation of a web source, it is better to use Google's DNS servers. They usually take less than a day (from 3 to 4 hours) to update. If your DNS server is not responding within 24 hours make sure you set it up properly. Probably a typo was made in the address and because of it the website is not available.
TTL is an abbreviation for Time to live. It is the maximum lifetime of a data packet or the ultimate number of iterations, which it can perform. TTL prevents data from circulating indefinitely and polluting traffic.
TTL is measured in hops. As the packet passes through the next intermediate node (router), the number of hops decreases by one. The lifetime of a packet may end earlier than it reaches the recipient, and in that case, it would be destroyed. For Windows, default TTL equals 128 hops, for other operating systems it is 64 hops.
The TTL parameter can be changed manually. As for IPv4 it is defined in the 8-bit field of a corresponding header. In IPv6 the TTL field is called Hop Limit.
DNS record has two parameters:
The recommended TTL of a DNS record is 24 hours, after which DNS servers stop using data from cache and refresh it.
The lifetime of a DNS record ranges from one to infinity. It is technically possible to set TTL to 0, but it may lead to the situation where the data packet may be ignored. The minimal optimal TTL is considered to be 1 hour or 3600 seconds. There is no limit for the maximum possible TTL value, however, TTL will automatically decrease to 7 days or 604800 seconds if the value set was too high.
For Linux, Mac OS and Unix users the easiest way would be to use the dig tool. Write 'dig' in the command line, press Space and add the website address in the 'example.com' format. The TTL value will be displayed in seconds.
Windows users can use the nslookup tool. To do this, you have to type 'nslookup -type=soa' in the command line, press Space and write the website address as 'example.com'. You can also use 'nslookup -type=cname -debug'.
The owners of a custom domain may set their own TTL value. It can be done from a personal account on the provider's website.
Increasing the TTL will reduce the DNS server load because of fewer incoming queries. Reducing the TTL will increase the synchronization speed.
Now you are more enlightened on the topic and you understand why we cannot avoid setting up a DNS hosting when registering a website. Always pay attention to the protection from external attacks or else the attendance rates of your web resource will experience a downfall, since the users often will not have access to the website. Don't fear spending money on hosting and domain. The investments will definitely pay off!
Discuss article on social media