DNS

Before HTTPS/HTTP connection is done, how does it find the target's address over the internet... just like any street address? How does it find with just the name?

Why DNS was needed?
DNS stands for Domain Name System.

We all know our system understands machine language and it is hard for a human to understand that language... Comm'n we all are trying to be sane who are we kidding? That's why each device connected on the internet has a unique public IP. So that the identification becomes simplified and faster. Let's say I type hamleys.com in my browser, it won't understand it needs a machine-friendly address to look on to the internet's street... thus it will find the IP address of hamleys.com first then carries out further connection i.e. HTTP/HTTPS connection with hamleys.com site. The process of resolving the domain name to a machine-friendly address i.e. IP address... is where DNS routing picture comes in! Let's have an even better understanding as we go further.

DNS Basics

Top-level domain (TLD):
The part after the dot
EX: .com/.net/.org

Naked domain:
The name followed by TLD
EX: hamleys.com

Subdomain/fully qualified domain:
Anything that is added in front of the naked name becomes a subdomain/fully qualified domain.
EX: www.hamleys.com (completely different than hamleys.com we understand it with an example)
or server1.yada.ghost.example.com

Understanding with an Example

There are certain people on the internet whose sole purpose is to maintain the addresses and each one of them does Only One thing.
When I say people it means: a set of servers around the world.
The following are those people and That one thing!

• ISP/resolving DNS

  • The job of this person is to find the IP address of whatever domain the user is looking for instead of the system.
  • This will use the user's internet service provider. It will talk to through the following people.

• Root DNS

  • Holds information about all the TLD.
  • i.e. It knows the IP address that holds .com / .net / .org

• TLD DNS

  • He is the authorized person for the naked domain.
  • i.e. He knows who owns these naked domains... i.e. Name Server's address.

• Authoritative DNS

  • Has all the domain record.
  • It knows the IP addresses of the name servers that are holding the target IP address.
  • for example, it could be Cloudflare/Route53...

Flow

For the first time I am trying to connect Hamleys's site, i.e. for the first time I type hamleys.com in my browser.

1. It first connects to my Internet service provider DNS i.e. Airtel.

   • Asks: Hey! my girl wants to buy some soft toys from hamleys.com. Do you know where it is?.

2. ISP DNS will contact Root DNS

   • ISP DNS: Hey, do you happen to know the address of hamleys.com?
   • Root DNS: Sorry buddy. But I do know the address of a person who maintains the record of domains that ends up with .com (i.e. TLD). He can help you.

3. ISP DNS will contact TLD DNS

   • ISP: Hey lad! please help me with the address hamleys.com
   • TLD DNS: I know the servers who hold the authority for this domain. They can definitely be of great help.

4. Here is where the name server comes into the picture. It will receive the address of name servers who hold the target's IP address.

5. ISP DNS will contact Authoritative DNS

   • ISP: Ghosh! it's so sunny and I'll treat you with SMOOR's desserts if you can help me out with this address: hamleys.com. Will ya??
   • Authoritative DNS: Hell yeah!! make that two for me. This is the address you are looking for, buddy. (chuckles)

6. ISP DNS goes back. Feeds the system i.e. it tells the IP address.

7. The system will make a call to the web server i.e. hamleys.com with IP address xx.xx.xx.xx. Then HTTPS/HTTP connection happens another story goes behind the scene click here to understand this encryption.

8. And tadaaaa! that's how the name resolving happens and the connection is established. :) You guys did a great job read this silly script. :P

By the way, I forgot to tell the IP address xx.xx.xx.xx is stored in the cache of the user's system. And along with the IP address of hamleys.com Authoritative DNS also gives something called as TTL value i.e. Time To Live value. Which means... TTL defines how long the IP address is supposed to live in the user's cache whether it's 2 sec or a day... could be anything. Once that TTL time expires the entire process of resolving DNS and connection establishment happens. Thus going through the entire process and bribing people on the way with SMOOR's desserts... :P

DNS Record Types

Listed out the common ones which we kinda see in our daily life

• A: IP of a domain address

  • ex: hamleys.com is mapped to xx.xx.xx.xx IP

• NS: IP of Name Servers

  • Maps domain to a nameserver, which acts as authoritative for the domain.

• CNAME: one domain's address points to another domain.

  • Also known as Alias
  • ex: hamleys.com is mapped to xx.xx.xx.xx IP
  • www.hamleys.com is mapped to hamleys.com
  • So when hit on either of the domains it will point to the same destination.

• MX: IP address of mail servers, like an A record.

  • If hosting your own mail server this comes into play.

• SOA: Start of authority, record indicating who is the owner of the domain. Usually, it will be one of the nameservers.

• TXT: Additional domain information/validation

  • One can add their domain in google maps, with the help of this does some verification stating the user is the actual owner of this domain none is just dumping some random crap. Benefits of it are pretty good if I explore about this in the future I'll definitely post it :)

Happy Learning!