Domain Name System (DNS)

To identify hosts, IP addresses  are cumbersome for humans to use and remember. The Internet supports the use of host names to identify hosts, both clients and servers. In order to be used by protocols such as TCP and IP, host names are converted into IP addresses using a process known as name resolution. There are different forms of name resolution in the Internet, but the most prevalent and important one uses a distributed database system known as the Domain Name System (DNS). DNS runs as an application on the Internet, using IPv4 or IPv6 (or both). For scalability, DNS names are hierarchical, as are the servers that support name resolution.

The DNS Name Space

The DNS name space is the set of all names used with DNS. This space is partitioned hierarchically and is case insensitive.

The current DNS name space is a tree of domains with an unnamed root at the top. The top echelons of the tree are the so-called top-level domains (TLDs), which include:

  • Generic TLDs (gTLDs)
  • Country-code TLDs (ccTLDs)
  • Internationalized country-code TLDs (IDN ccTLDs)
  • A special infrastructure TLD called, for historical reasons, ARPA [RFC3172].

The DNS Protocol

The DNS protocol consists of two main parts:

  • Query/response protocol used for performing queries against the DNS for particular names
  • Protocol for name servers to exchange database records (zone transfers)

It has other functionalities:

  • Notifying secondary servers that the zone database has evolved and a zone transfer is necessary (DNS Notify)
  • Dynamically updating the zone (dynamic updates).

DNS name resolution is the process of mapping a domain name to an IPv4 address, although IPv6 addresses mappings work in essentially the same way. DNS query/response operations are supported over the distributed DNS infrastructure consisting of servers deployed locally at each site or ISP, and a special set of root servers. There is also a special set of generic top-level domain servers used for scaling some of the larger gTLDs, including COM and NET.

As of mid-2011, there are:

  • 13 root servers named by the letters A through M; 9 of them have IPv6 addresses.
  • 13 gTLD servers named by A through M; 2 of them have IPv6 addresses.

Recursive query :

A full resolution that is unable to benefit from preexisting cached entries takes place among several entities, as shown in the figure below:


Here’s what happened:

  • Message 1. The resolver software (assuming it does not know the IP address for the server on A.HOME first makes a request to its local name server, local.server.
  • Message 2 through 6.
    • If local.server does not already know the IP address for or the name servers for either the domain or the COM TLD, it forwards the request to another DNS server (called recursion), in this case, an ISP-provided DNS server.
    • Assuming that the ISP-provided DNS server also does not know the required address or other information, it contacts one of the root name servers (message 3).
    • The root servers are not recursive, so they do not process the request further but instead return the information required to contact a name server for the COM TLD. For example, it might return the name A.GTLD-SERVERS.NET and one or more of its IP addresses (message 4).
    • With this (the above) information, the ISP-provided server contacts the gTLD server (message 5) and discovers the name and IP addresses of the name servers for the domain  (message 6). In this case, one of the servers is A.IANA-SERVERS.NET.
  • Message 7 through 10.
    • Given the correct server for the domain, the ISP-provided server contacts the appropriate server (message 7), which responds with the requested IP address (message 8). At this point, the ISP-provided server can respond to GW.HOME with the required information (message 9).
    • local.server  is now able to complete the initial query and responds to the client with the desired IPv4 and/or IPv6 address(es) (message 10)
  • The DNS message format has a fixed 12-byte header. The entire message is usually carried in a UDP/IPv4 datagram and limited to 512 bytes. DNS UPDATE (DNS with dynamic updates) uses the field names ZOCOUNT, PRCOUNT, UPCOUNT, and ADCOUNT. A special extension format (called EDNS0) allows messages to be larger than 512 bytes, which is required for DNSSEC (see Chapter 18).