Detailed explanation of DNS query principle

Original link: http://www.ruanyifeng.com/blog/2022/08/dns-query.html

Through DNS query, the IP address of the domain name can be obtained to access the website.

So, how exactly is DNS lookup done? This article describes the steps behind it in detail through examples.

1. DNS server

The IP address corresponding to the domain name is stored in the DNS server.

We enter the domain name, and the browser will automatically send a request to the DNS server in the background to obtain the corresponding IP address. This is a DNS query.

For example, if I enter the domain name es6.ruanyifeng.com , the browser will query the DNS server for what its IP address is, and then send an access request to that IP.

There are many public DNS servers on the Internet. This article selects 1.1.1.1 provided by Cloudflare for demonstration.

2. The dig command

The command-line tool dig can interact with DNS servers, and we’ll use it to demonstrate DNS queries. If you haven’t installed it yet, you can search for the installation method, it is very easy under Linux system.

Its query syntax is as follows (the dollar sign $ is the command line prompt).

 $ dig @[DNS 服务器] [域名]

To query the domain name from 1.1.1.1, execute the following command.

 $ dig @1.1.1.1 es6.ruanyifeng.com

Normally, it would output a whole bunch of stuff.

Find the ANSWER SECTION section in it, which gives the answer to the query, and the IP address corresponding to the domain name is 104.198.14.52.

3. The tree structure of domain names

You may ask, does the DNS server (such as 1.1.1.1) store the IP addresses of all domain names (including second-level and third-level domains) in the world?

of course not. DNS is a distributed system, 1.1.1.1 is only the user query entry, it also needs to query other DNS servers to obtain the final IP address.

To explain the complete query process of DNS, we must understand that the domain name is a tree structure .

The top-level domain name is the root domain name (root), then the top-level domain name (TLD for short), then the first-level domain name, the second-level domain name, and the third-level domain name.

(1) Root domain name

The starting point of all domain names is the root domain name, which is written as a dot . and placed at the end of the domain name. Because this part is the same for all domain names, it is omitted. For example, example.com is equivalent to example.com. (with one more dot at the end).

You can try, add a dot at the end of any domain name, and the browser can interpret it normally.

(2) Top-level domain names

The level below the root domain name is the top-level domain name. It is divided into two categories: generic top-level domains (gTLDs, such as .com and .net) and country-specific top-level domains (ccTLDs, such as .cn and .us).

Top-level domain names are controlled by ICANN, an international domain name management organization, which entrusts commercial companies to manage gTLDs and countries to manage their own country-specific domain names.

(3) First-level domain name

A first-level domain name is a domain name registered by yourself under a certain top-level domain name. For example, ruanyifeng.com was registered under the top-level domain name .com .

(4) Second-level domain name

A second-level domain name is a subdomain of a first-level domain name, which is set by the domain name owner without permission. For example, es6 is the second-level domain name of ruanyifeng.com .

Fourth, the domain name query step by step

The significance of this tree structure is that only the upper-level domain name can know the IP address of the lower-level domain name, which needs to be queried step by step.

Each level of domain name has its own DNS server, which stores the IP address of the lower-level domain name.

Therefore, if you want to query the IP address of the second-level domain name es6.ruanyifeng.com , you need three steps.

The first step is to query the root domain name server to obtain the IP address of the top-level domain name server .com (also known as the TLD server).

The second step is to query the TLD server .com to obtain the IP address of the first-level domain name server ruanyifeng.com .

The third step is to query the first-level domain name server ruanyifeng.com to obtain the IP address of the second-level domain name es6 .

The three steps are shown in turn below.

5. Root Domain Name Server

There are a total of 13 root name servers in the world (all of them are server clusters). Their domain names and IP addresses are as follows.

The IP address of the root domain name server is unchanged and integrated in the operating system.

The operating system will select one of them and query the IP address of the TLD server.

 $ dig @192.33.4.12 es6.ruanyifeng.com

In the above example, we select 192.33.4.12 and issue a query to it asking for the IP address of the TLD server for es6.ruanyifeng.com .

The output of the dig command is as follows.

Because it cannot give the IP address of es6.ruanyifeng.com , there is no ANSWER SECTION in the output, but only one AUTHORITY SECTION, which gives the domain names of com. ‘s 13 TLD servers.

There is also an ADDITIONAL SECTION below, which gives the IP addresses of the 13 TLD servers (including both IPv4 and IPv6 addresses).

6. TLD server

After we have the IP address of the TLD server, we can choose another one and then query.

 $ dig @192.41.162.30 es6.ruanyifeng.com

In the above example, 192.41.162.30 is a randomly selected TLD server for .com, and we ask it for the IP address of es6.ruanyifeng.com .

The returned result is as follows.

It still has no ANSWER SECTION part, only AUTHORITY SECTION, which gives two DNS servers for the first-level domain name ruanyifeng.com.

The following ADDITIONAL SECTION is the IP address corresponding to the two DNS servers.

Seven, the DNS server of the first-level domain name

The third step is to query the DNS server of the first-level domain name for the IP address of the second-level domain name.

 $ dig @172.64.32.123 es6.ruanyifeng.com

The returned result is as follows.

This time, I finally got ANSWER SECTION, and got the IP address of the final second-level domain name.

So far, the three-step DNS query has been completed.

8. Types of DNS Servers

To sum up, there are a total of four servers mentioned above.

  • 1.1.1.1
  • root name server
  • TLD server
  • first-level domain name server

They both belong to DNS servers and are used to accept DNS queries. But the roles are different and belong to different categories.

8.1 Recursive DNS Servers

The latter three servers are only used to query the IP address of the next-level domain name, while 1.1.1.1 automates the step-by-step query process, so that users can get the results at one time, so it is called a recursive DNS server (recursive DNS server), that is Automatic recursive query.

The DNS server we usually talk about generally refers to the recursive DNS server. It automates DNS lookups, just query it.

It has a cache inside, which can save the results of previous queries. The next time someone queries, it will directly return the results in the cache. So it can speed up the query and reduce the burden on the source DNS server.

8.2 Authoritative DNS Servers

The official name of the first-level name server is called the Authoritative Name Server.

“Authoritative” means that the IP address of the domain name is given by it, unlike a recursive server that cannot control itself. After we purchase a domain name, setting the DNS server is setting the authoritative server for the domain name.

8.3 Four DNS Servers

To sum up, DNS servers can be divided into four types:

  • root name server
  • TLD server
  • authoritative name server
  • recursive nameservers

Their relationship is as shown below.

Knowing the principle of DNS query, it is not difficult to write a recursive DNS server by yourself. There are many references on the Internet, if you are interested, you can try it out.

9. Reference URL

(Finish)

document information

  • Copyright statement: Free to reprint – non-commercial – non-derivative – keep attribution ( Creative Commons 3.0 license )
  • Date of publication: August 2, 2022

This article is reproduced from: http://www.ruanyifeng.com/blog/2022/08/dns-query.html
This site is for inclusion only, and the copyright belongs to the original author.

Leave a Comment

Your email address will not be published.