Are you curious to understand how browsers like Google Chrome understand addresses like www.name_of_website.com ?. Ah,they dont really send packets by looking at these addresses. They ask somebody to translate these addresses into a form (numerical addresses) that they understand viz. IP addresses. Who is this somebody that does this translation?. It’s the DNS ! .You maybe wondering how addresses like www.name_of_website.com get resolved to their actual numerical addresses(IP addresses). Hold back and continue reading :).

What Do DNS Servers do?

Internet is a huge web of hosts and web servers.Every Web server and hosts have an unique address. These addresses are numerical addresses known as IP(internet protocol address) address. In order to make things simpler for humans, addresses are represented in words. Humans find it difficult to remember numbers and are comfortable with words. Hence all the addresses of websites are represented in words. However for hosts to communicate with actual servers( Computers are cool with numbers :P),these verbal addresses( like www.name_of_website.com) have to be resolved to their respective IP addresses. Who does this? DNS servers do this. DNS aka Domain name servers are servers with only work of resolving verbal addresses to their respective numerical addresses. These servers have large databases consisting of names of websites and their corresponding ip addresses.

DNS servers roughly can be classified as:
1. Recursive dns servers.
2. Iterative dns servers.

Iterative servers are the ones who have actual database of addresses for translation. Recursive servers are the servers who query iterative servers for addresses. Seems complex? Not really! Look at the following explanations.

What are recursive DNS servers?

There are multiple internet vendors that provide us internet service. They are known as Internet service providers(ISP). eg: Centurylink, Airtel etc. These internet service providers have DNS servers . These DNS servers are the recursive DNS servers. Are they the actual DNS servers? Not really,they forward our DNS service requests on our behalf. They query the iterative servers for translation.

The ISP DNS is automatically set when an internet connection is setup. You can check your ISP DNS with following command (works in ubuntu!).

     nm-tool

Scroll down and towards the bottom,this is what is the output

IPv4 Settings:

DNS:  205.171.*.*....This is my ISP DNS.

All operating systems have the option of setting the DNS manually as well. In case of automatic configuration the ISP sets it up for you :)

What are Iterative DNS Servers?

Iterative DNS servers are the actual DNS servers! .They are organised in hierarchical structures. There are 3 levels (roughly) ie Root level domain, top level domain and second level domain(second level can have subdomains).

Root Level:

At the top there are root servers. There are 13 such addresses(IP) which are hosting the DNS service. Now many people confuse themselves by assuming that there are only 13 root servers in entire world. NO! There are many root servers. However there are only 13 addresses. You may wonder what address the other servers have as root DNS addresses are only 13 in number.Thanks to anycasting. Multiple DNS servers have same Ip address. This is done to reduce the query time for dns query. Assuming that host is in INDIA and wants to visit www.name_of_website.com. The root level DNS server is somewhere in Europe. In this case the DNS query packet has to travel all the way down to europe and get a response. This can be avoided. Place a dns server with same address (using anycasting) in INDIA. Effectively the time for query will be reduced and load on each server will be local queries(within a specified region) .This idea really works well.Do these root servers have name and IP mapping of all website in this world? No !! They just direct the query to respective top level domains. Just imagine how large the database would be if these servers happened to store everything. How would they service such big number of requests daily from all over the world?. Hence DNS has a hierarchical structure.

Check the physical location of all this servers here (http://www.root-servers.org/).

Top level domains servers:

The next level of these servers are top level domains. Top level domains can be classified into 2 types. Generic top level domain(eg .edu,.gov,.net) or country specific top level domain(.uk,.in).Even these servers don’t store mappings of all websites. They direct the query to respective name servers. That is how the load of DNS requests are spread out in the entire hierarchy

Nameservers

The next level is second level domains. They are also called as name servers. These are the ones that are immediately next to top level domains( this will be more clear in following examples!).Do they contain mappings? .Yes!!. These are the servers who have mapping entries.These servers reply with actual IP address to the ISP DNS server that queried.

The actual approach(without caching) would be

  1. User enter www.name_of_website.com . The browser checks with the OS resolver for IP address for every query. If it exists then using the IP address, immediate http request starts. This saves time. If not,it will query the recursive dns.In majority case this is the ISP DNS.
  2. The recursive DNS will query the root servers. The recursive DNS already has those 13 IP addresses of root servers :). The root servers will reply with address of top level domain server that has address entries of name servers responsible for maintaining address entries ending with ‘com’.
  3. The recursive DNS then queries the top level domain server . The top level domain server replies with the name of name server(next level) that contains the actual address of destination.
  4. The recursive DNS server queries the name server and gets the IP of destination and replies with this IP to source.
  5. Now the recursive DNS will cache the name servers address as well destination address.Similar requests in future will be queried directly to name server and not the top level servers or root servers as their TTL(Time to Live ) entries are very high.

And host gets the reply . Now HTTP request is sent.

Image

A quick representation of path of a DNS query, assuming that entry is not cached.

Dns 

Host->ISP DNS server

ISP DNS server-> Root level servers

Root level servers->ISP DNS (reply with address of top level server with 'com' address ranges)

ISP DNS server-> Top level server

Top level server -> ISP DNS (address of name server that has IP entry of destination)

ISP DNS->Name server

Name server-> ISP DNS(with actual IP address)

ISP DNS server-Host.

This process seems as if it will take time. Most of the times many intermediate steps don’t take place due to caching at ISP DNS and OS resolver .However each cache entry has a Time to live. After the TTL a fresh request has to be made.Thanks to caching :)

This command will summarize the entire thing. Very powerful command and my favorite too (ubuntu):

dig +trace recursive www.name_of_website.com

There are a lot of content on web explaining these. However a single place to understand the entire thing is hard to find on the web. I tried to simplify stuff in this blog covering the core concepts briefly.

Hope you loved the article. Enjoy networking :)

P.S : The commands used above are tools. You may have to install them beforehand and use.

References:
1. Root-Servers
2. Dig
3. nm-tool

Some helpful links:
Howstuffworks