What is DNS?
- A system that translates domain names into IP addresses.
- Makes it easier for humans to access websites without remembering numerical IP addresses.
Why DNS Required?
- Computers communicate using IP addresses, but humans find it easier to remember names.
- DNS bridges this gap by converting names into machine-friendly IP addresses.
How does DNS works?
When you type a URL into a browser, the DNS finds the corresponding IP address and connects you to the website.
Steps in DNS Resolution
- User Request: You enter a URL (e.g., www.google.com) in your browser.
- Browser Cache: The browser first checks its cache to see if it already has the IP address for the domain.
- Operating System Cache: If the browser cache doesn’t have the IP, the OS checks its local DNS cache.
- Query to Recursive Resolver: If the IP isn’t found locally, the request is sent to a DNS Recursive Resolver (usually provided by your ISP or a public DNS like Google DNS or Cloudflare DNS).
- Recursive Resolver Checks Cache: The resolver looks for the IP address in its own cache.
- Contact Root DNS Server: If no match is found, the resolver queries a Root DNS Server. Root servers direct the query to the appropriate TLD (Top-Level Domain) Server.
- Contact TLD Server: The TLD server (e.g., .com, .org) points the resolver to the Authoritative Name Server for the domain.
- Query Authoritative Name Server: The resolver asks the Authoritative Name Server for the IP address of the domain.
- Return IP Address: The IP address is returned to the resolver, which passes it back to the browser.
- Connection to Website: The browser uses the IP address to connect to the website and display the content.
Types of DNS Servers:
- Recursive Resolver:
- Acts as a middleman between the user and other DNS servers.
- Does the heavy lifting to find the IP address.
- Root DNS Server:
- The starting point of DNS queries.
- Redirects queries to the appropriate TLD server.
- TLD (Top-Level Domain) Server:
- Responsible for domains with specific extensions like .com, .org, .net, etc.
- Authoritative Name Server:
- Stores the actual IP address for a specific domain.
- Provides the final answer to the query.
Types of DNS Records:
- A Record: Maps a domain name to an IPv4 address.
- AAAA Record: Maps a domain name to an IPv6 address.
- CNAME Record: Alias for another domain (e.g., www.example.com → example.com).
- MX Record: Specifies mail servers for handling emails.
- TXT Record: Stores text information for verification purposes (e.g., SPF, DKIM).
- NS Record: Identifies the authoritative name servers for a domain.
- PTR Record: Maps an IP address back to a domain name (reverse DNS).
DNS Protocols:
- UDP: Most DNS queries use UDP for speed. The message size is usually 512 bytes or less.
- TCP: Used for larger queries or zone transfers.
- DNS over HTTPS (DoH) and DNS over TLS (DoT): Encrypt DNS queries for improved privacy and security.
How to check DNS in Browser and Local OS
How to Check DNS Cache in Browsers?Type the following in the address bar and press Enter:
- Google Chrome:
chrome://net-internals/#dns
- Microsoft Edge:
edge://net-internals/#dns
How to Check Local DNS Cache?
Here are the commands for different operating systems to view or clear the DNS cache:
- Windows:
ipconfig /displaydns ipconfig /flushdns - Linux: systemd-resolved
sudo systemd-resolve --statistics sudo systemd-resolve --flush-caches - Linux: nscd
sudo nscd -g sudo service nscd restart
List of global DNS providers:
- Amazon Route 53 (AWS)
- Google Cloud DNS
- Cloudflare DNS
- Microsoft Azure DNS
- Dyn (now part of Oracle)
- Verisign
- Akamai
Interview Questions and Answers
Q1: How does DNS caching work, and how can it impact the resolution process in both positive and negative ways?
DNS caching involves storing DNS query results temporarily on various levels (browser, OS, ISP, etc.) to speed up subsequent requests for the same domain.
Caching reduces latency, decreases the load on DNS servers, and improves the overall user experience.
- Reduced Latency: Queries for cached domains resolve faster because they don’t need to go through the entire DNS lookup process.
- Lower Server Load: Reduces the number of queries sent to authoritative DNS servers, decreasing their load.
- Outdated Records: If the DNS records change before the cache expires (based on TTL), users might be directed to old, incorrect IP addresses.
- Prolonged Downtime: In case of an IP change, users might still reach the old, possibly down, server until the cache expires.
Q2: How would you troubleshoot a situation where a user can access a website via IP address but not through its domain name?
- Use tools like nslookup, dig, whois to verify if the domain’s DNS records are correctly configured and propagated.
- Ensure that the A record for the domain points to the correct IP address.
- The user’s system might be serving a stale DNS record. Clear the DNS cache (ipconfig /flushdns on Windows, sudo killall -HUP mDNSResponder on macOS).
- Ensure the user's device is using the correct DNS server and that it’s operational. They can try switching to a public DNS server like Google’s (8.8.8.8).
- Check if the domain might be blocked by a firewall or ISP DNS filtering.
Q3: Explain how DNS load balancing works and describe a scenario where it might fail to distribute traffic evenly.
- DNS load balancing distributes traffic across multiple servers by associating a single domain with multiple IP addresses (using multiple A records).
The DNS server can return different IP addresses in response to DNS queries, distributing the load across the available servers.
- If a DNS resolver or client caches an IP address for too long, subsequent traffic might not be distributed evenly.
This can lead to one server being overloaded while others remain underutilized.
- Sticky Sessions: Some clients may repeatedly connect to the same IP address due to cached results, leading to uneven load distribution.
DNS caching involves storing DNS query results temporarily on various levels (browser, OS, ISP, etc.) to speed up subsequent requests for the same domain. Caching reduces latency, decreases the load on DNS servers, and improves the overall user experience.
- Reduced Latency: Queries for cached domains resolve faster because they don’t need to go through the entire DNS lookup process.
- Lower Server Load: Reduces the number of queries sent to authoritative DNS servers, decreasing their load.
- Outdated Records: If the DNS records change before the cache expires (based on TTL), users might be directed to old, incorrect IP addresses.
- Prolonged Downtime: In case of an IP change, users might still reach the old, possibly down, server until the cache expires.
- Use tools like nslookup, dig, whois to verify if the domain’s DNS records are correctly configured and propagated.
- Ensure that the A record for the domain points to the correct IP address.
- The user’s system might be serving a stale DNS record. Clear the DNS cache (ipconfig /flushdns on Windows, sudo killall -HUP mDNSResponder on macOS).
- Ensure the user's device is using the correct DNS server and that it’s operational. They can try switching to a public DNS server like Google’s (8.8.8.8).
- Check if the domain might be blocked by a firewall or ISP DNS filtering.
- DNS load balancing distributes traffic across multiple servers by associating a single domain with multiple IP addresses (using multiple A records). The DNS server can return different IP addresses in response to DNS queries, distributing the load across the available servers.
- If a DNS resolver or client caches an IP address for too long, subsequent traffic might not be distributed evenly. This can lead to one server being overloaded while others remain underutilized.
- Sticky Sessions: Some clients may repeatedly connect to the same IP address due to cached results, leading to uneven load distribution.