Have you ever wondered how by simply typing a domain name into the address bar of a web browser, you can access the correct website. The short answer to this is through domain name system (DNS) servers.
DNS works as the address book on the internet where you can look up whatever you want by typing its name, and DNS servers return the requested files. DNS came into existence even before Tim Berners-Lee developed the World Wide Web (WWW).
This blog discusses what DNS server is along with good cyber practices. Understanding these basics is useful if you are setting up a domain name with platforms like GoDaddy or choosing any DNS server.
What is DNS?
DNS is the domain naming system for computing systems and other resources accessible via internet or Internet Protocol Networks.
When a device is connected to a network, a protocol called Dynamic Host Configuration Protocol (DHCP) automatically assigns unique IP addresses, based on IPv4 or IPv6 protocols.
A domain name server (DNS) is a machine that contains the database of these IP (Internet Protocol) addresses mapped to their corresponding string values called domain names.
When you search for domain names via the URL bar of your browser, DNS servers convert the names to their correct IP addresses. DNS clients are in-built into most computing devices, which enable web browsers to interact with these servers.
What Is DNS Server?
A DNS server is a machine with a software that can search its database to find the corresponding IP address for a queried domain name.
When you enter the URL address in the URL bar of your browser, the system communicates with the DNS servers that convert the names to their correct IP addresses.
Basics of DNS
Here, we discuss some of the basic terminologies apart from DNS server meaning.
- IP Address:
IP address is the unique alphanumeric address assigned to the location of a device within a network. Earlier, there were 4 sets of numbers with up to three digits in each set (xxx.xxx.xxx.xxx) in IPv4 protocol. IPv6 protocol, which uses 128-bit hexadecimal addresses instead of 32-bit addresses was introduced later.
- Domain Name:
A domain name is a unique string (alphanumeric) that identifies a website or Internet resource. It is usually formed from the alphabets in English and contains words that are easy to remember.
For instance, if you own a pastry shop, your domain name could be ‘xyzpastryshop.com’. The domain name system will allow users to access files on the server that contains information about your shop.
- Fully Qualified Domain Name (FQDN):
A fully qualified domain name is the absolute domain name that contains the complete location with each parent domain including top level domain (TLD) and not just the relative location. Example of this is ‘docs.microsoft.com.’
- Top-Level Domain (TLD):
Top Level Domain is the furthest portion in the domain name whose distribution is controlled by ICANN (Internet Corporation for Assigned Names and Numbers). Common examples include com, gov, org, io, net, etc.
A subdomain is a part of the domain that is added to the beginning of the domain name to separate the content of a specific function from the other functionalities of your website. For instance, ‘admissions’ is the extension of the parent domain in ‘www.admissions.university.edu.’
- DNS Namespace:
DNS Namespace is the naming arrangement for complete domain name (FQDN) that includes the root domain, top-level domain, second-level domain, and subdomains.
A DNS Zone is a part of the DNS namespace that is controlled by a specific administrator or organization. It is only used for delegating control and there can be several subdomains and zones within it. For example, if the blog page of a company requires extensive administration, it can be put in a DNS zone separate from the main website.
- Zone File:
It is a text file in name server, which includes the mapping of domain names to their IP addresses or where one can go to get the information.
A record contains a single name and the associated domain resource in the zone file. This can be domain name and IP address mapping, mail servers and name servers for the domain, etc.
- Time to Live (TTL):
TTL in DNS is a value in seconds that tells the local DNS resolver how long it should wait before requesting a new, updated query for the cache.
Types of DNS Servers
DNS service providers like Cloudflare, Microsoft Azure, and Oracle have different types of DNS servers for a variety of purposes based on their configuration file. Let us look at the common types of DNS servers.
- Root Server:
DNS root servers form the top of DNS hierarchy and are responsible for linking domain to IP addresses. All the data about TLD zones is maintained in these servers and their functioning is taken care of by ICANN (Internet Corporation for Assigned Names and Numbers).
- Authoritative Name Server:
Authoritative Name Servers are responsible for responding to queries from their area of authority in a particular zone. If this DNS server fails, the root name server takes over this responsibility.
- Non-authoritative Name Server:
These DNS servers collect data on different specific zones by iterative or recursive DNS queries.
- Primary Server:
A primary server is an authoritative server that handles all tasks and changes for a specific zone. This includes the creation of subdomains and alterations to resource records in zone files. It also updates and syncs secondary servers.
- Secondary Server:
Secondary server is a backup DNS server that receives a copy of data for its served domains from the primary or other secondary servers of the zone. The server ensures load balancing, traffic reduction, and fault tolerance.
- Caching Server:
Caching server is non-authoritative and decreases the administrative overhead for secondary server’s zone by keeping of a local cache of looked-up names. The authoritative name server defines the time for which this server stores data from other name servers.
- Forwarding Server:
Forwarding server centralizes off-site DNS queries and decreases the redundancy while forwarding them to another DNS server.
A resolver server is a non-authoritative server that can perform local name resolution in the router or computing device.
What Does a DNS Server Provide?
With both private and public DNS servers, you can do the following:
Easily access a site without remembering its complex alphanumeric IP address.
Use a domain name hierarchy independent of IP address assignment.
Request IP address of a domain and receive it back from the server without managing it on your own or creating your DNS records.
Use the correct IP address to fetch the web pages you want.
Access your site even after it is moved to a new hosting provider and there is a change in the host’s IP address by mapping to new IP address.
Why Is DNS Server Used?
Domain name server or Internet server is used to store the mapping of domain names to IP addresses which can be used whenever users request loading of a webpage. A well-built DNS server results in a quick translation time. Hence, the best DNS servers have a better webpage loading time. You can also modify DNS settings for your system based on your needs.
DNS was created to ease communication between humans and computing devices. This is because computers and other related devices identify each other over a network via numbers but humans are better at remembering names than numbers.
How Does DNS Work?
DNS stores domain names and their corresponding IP addresses as assigned on the webpage hosting sites. Administrators can go to the site that they use for hosting their webpages and manually add the domain name of their choice to the IP address they want in the settings section.
When you type a domain name on your web browser, the system executes a process known as DNS lookup.
A DNS Server can:
Return the name resolution/ IP resolution data based on the query
Return the location of another DNS server which can help with the request
Return that the attempt to retrieve requested data was unsuccessful
First, the DNS cache is searched to find the IP address that matches the domain name. When the user has recently accessed URL of the queried domain or other users are using the same DNS resolver for similar requests, the IP address will be available immediately.
If the IP address is not found in the cache memory, the query is sent to the next level for DNS resolution. Here, the resolver server (ISP) checks its cache memory for IP address. If the search is unsuccessful, the query is escalated to the next level. At the top in DNS hierarchy, root servers are present.
Note: There are 13 sets of root servers with unique IP addresses that are controlled by 12 different organizations around the world. All these server clusters are copies of the master server controlled by Internet Assigned Numbers Authority (IANA), a department of ICANN.
The root server directs resolver to ask TLD server for the IP address, which further sends it to authoritative name servers (ANS). ANS servers have complete domain information including IP addresses.
The resolver communicates the IP address to your system, which gets stored in the cache memory. Best DNS servers complete this entire process quickly and users get an enhanced experience while surfing the net.
List of Public DNS Servers and IP Addresses
A DNS server provider can have several servers to ensure optimal performance based on the user’s geographic location. For a reliable service from even the best DNS server in India, you must configure at least two DNS addresses.
A public DNS stores publicly available domain names accessible via the Internet. However, the private DNS maintains records of internal sites for an organization and is secured by firewall. Most public options are free DNS servers.
If you are looking for the fastest DNS servers, you can check out the following public DNS servers and configure the best option in the DNS settings.
|Provider||Primary DNS||Secondary DNS|
|Cisco’s OpenDNS Home||188.8.131.52||184.108.40.206|
|Comodo Secure DNS||220.127.116.11||18.104.22.168|
|CleanBrowsing||22.214.171.124 (Security filter)||126.96.36.199 (Security filter)|
What Are the Steps in a DNS Lookup?
DNS lookup is the process of matching an IP address to a domain name and returning it so that the browser can establish a TCP connection to load the webpage. Whether you have a public DNS or a private DNS, the key steps in a DNS lookup are:
A user enters the URL address in the browser and presses Enter.
The web browser asks the operating system on the device which further asks the DNS resolver to respond with an IP address or an error. The DNS resolver is generally provided by the ISP, although you can configure the settings for it to began open-source option like Google DNS too.
The DNS resolver checks the availability of the IP address for the queried domain name in DNS cache.
If the mapping is not present in cache, the resolver queries one of the root name servers.
If there is no error, the root name server successfully returns the location (IP) of TLD servers.
The resolver then queries one of the TLD name servers. TLDs can be generic (gTLDs) or country codes (ccTLDs) by government organizations.
The TLD name server searches the domain registrar and responds with the IP address of the authoritative name server (ANS) that contains mapping for the domain. Every domain is assigned ANS at the time of registration that gets updated in the registry.
The ANS provides the mapping to the correct IP address and the resolver sends the IP address to the operating system.
The browser then sends requests to the right IP address for making HTTP requests to fetch the web pages. It then caches the IP address for quick loading in the future.
How Do I Manually Set a DNS Server?
To manually set a DNS server, follow these steps:
Go to Control Panel.
Select Network and Internet > Network and Sharing Center > Change adapter settings.
Select Properties in Wi-Fi interface for Wireless connection and Ethernet interface for an Ethernet connection.
In Networking tab, choose TCP/IPv4 or TCP/TPv6 and then Properties.
Select DNS tab in Advanced.
Note the IP addresses, if present and click OK.
Choose Use the following DNS server addresses and note the Preferred DNS server or Alternate DNS server.
Replace the listed addresses with the IP addresses of the DNS servers you want.
What are DNS Caching and DNS Cache Poisoning?
DNS caching is the process used by DNS resolvers for saving the responses to DNS queries in their cache up to the time to live (TTL) value associated with the corresponding IP address. Depending on the DNS provider, the TTL value for expiration can lie between 60 to 86400 seconds.
This process enables the resolver to skip communication with other servers for the DNS query that has been resolved earlier. As DNS servers store different types of records to provide information about a domain whenever needed, the benefit is that the users get quick answers to their queries.
DNS cache poisoning or DNS spoofing arises from the misuse of DNS caching process to store incorrect data in the cache so that users get directed to wrong websites. As DNS resolvers cannot verify the data stored in cache as it uses UDP (User Datagram Protocol), the incorrect information needs manual removal. Otherwise, it continues to stay till TTL expires.
Attackers exploit the UDP protocol and forge the header data to pretend that the response is from a legitimate server. It does not use TCP protocol because at the time of creation of DNS, only trustworthy educational centers used it.
Attackers can gain physical access to DNS resolver or have knowledge of other factors like ANS, request ID number, etc. However, they have to send the fake reply within milliseconds for it to work.
DNSSEC (Domain Name System Security Extensions) was introduced to solve this issue and ensure authentication, but it has not gained much popularity as data is not encrypted.
Suggested Read: Best Free VPN for PC/Laptop, Android & iOS in 2022
Hope this article cleared up your doubts about DNS server meaning, working and examples. Your ISP’s DNS servers have knowledge of every domain you request and sometimes they monetize their service by displaying advertisements based on your search.
You can try public DNS servers, free DNS servers or private DNS servers by a VPN service. Based on your requirements, you can focus on one or multiple features of domain name server.
For example, gamers would focus on the fastest DNS servers. Simply modify configuration in DNS settings and get additional security, content filtering, and more while browsing the web.
- What are DNS reflection attacks?
DNS reflection attacks are a type of DDoS (distributed denial of service) attacks where cybercriminals use a spoofed IP address to send too many requests to DNS servers at once.
- What is a DNS Resolver?
A DNS resolver is a type of DNS lookup server that resolves a host name to its corresponding IP address.
- What is a DNS server used for?
A DNS server is used for storing and translating website hostnames to their corresponding unique IP addresses.
- How do I find my DNS server?
You can check your DNS Server address by going to Start Menu> Command Prompt. Type ipconfig/all in the prompt and press Enter. Search for ‘DNS Servers’ in the list to get address of primary and secondary DNS server.
- How do I fix a DNS server problem?
The most basic options you can try to fix your DNS server problem include switching to a different browser and restarting your router.
- How do I fix DNS in Chrome?
Depending on the issue you suspect, you can try different methods like clearing your DNS cache, performing clean reboot, changing LAN settings, etc.
- What DNS should I use?
Your DNS is provided by your Internet Service Provider, but you can also try the free public DNS Servers like OpenDNS, Google, Cloudflare, etc. VPN companies offer private DNS if you want confidentiality.
- How do I use DNS in Windows 10?
Go to Start > Server Manager. Select Add Roles in Roles Summary. Choose Next on Before You Begin. Click Install to confirm installation selections. Choose Next and then Close.
- What is the best DNS server?
You can select any of the free public DNS servers to increase your Internet speed and security. Based on your needs, the best DNS server options include Verisign, DNS Watch, Norton Connect Safe, Google, etc.
- DNS Server vs Name Server: What’s the difference?
DNS server matches domain names to IP addresses on the Internet. Name server is used for broader context as it provides network addresses for network resources, including DNS server.
- DNS server vs web server: What’s the difference?
A DNS server provides the IP address for the requested domain name while a web server fetches the requested web pages after DNS server provides the IP address.