What is DNS? — Domain Name System

What is a Domain Name and How does DNS work?

The Domain Name System (DNS) is the Internet's system for mapping alphabetic names to numeric Internet Protocol (IP) addresses like a phone book maps a person's name to a phone number. For example, when a Web address (URL) is typed into a browser, a DNS query is made to learn an IP address of a Web server associated with that name.

Using the www.example.com URL, example.com is the domain name, and www is the hostname. DNS resolution maps www.example.com into an IP address (such as 192.0.2.1). When a user needs to load a webpage, a conversion must occur between what a user types into their web browser (www.example.com) into an IP address required to locate the www.example.com webpage.

The DNS system is a worldwide network of database name servers that include 13 authoritative name servers that serve the DNS root zone, known as "root servers". A root server (also called a DNS root nameserver) receives a DNS query that includes a domain name (e.g. www.thousandeyes.com), and responds by directing that request to a top-level domain (TLD) nameserver, based on the TLD of that domain such as .com, .net, and .org. It directly responds to requests for DNS records in the root zone by returning an appropriate list of the authoritative TLD name servers for the appropriate TLD that can resolve the initial DNS lookup request for an IP address of that domain name.

What is an Authoritative DNS Server?

Authoritative DNS servers are the DNS infrastructure that satisfies requests from recursive DNS servers (discussed below) with the corresponding IP address information. Authoritative DNS servers also provide essential DNS information for each website (corresponding IP addresses, a list of mail servers and other DNS record information).

An authoritative DNS server holds and maintains DNS records. It is the last server in a DNS lookup chain that responds with the queried DNS record. It ultimately allows a web browser with the URL request to reach the IP address needed to access a website or other web resources. An authoritative DNS domain name server is a definitive source for DNS domain name resolution.

DNS security technology is used to protect DNS information stored as a record in the Domain Name System (DNS). It provides secure authentication for the origin of the DNS data, helping to safeguard against attacks and protect data integrity.

What is a Recursive DNS Server?

All websites are assigned a unique IP address on the Internet. When a website address is typed into a browser, like google.com, the browser needs converts this URL into the correct IP address for this website. The web browser starts this process by utilizing an internal cache of recent DNS query results. This cache is the first place the browser checks (if it has this capability) to find the IP address of the requested domain. If this does not result in a DNS resolution, a client-side DNS resolver sends a DNS query to a recursive DNS server that could reside at an Internet Service Provider (ISP) or public DNS provider.

Every DNS record has a TTL or time-to-live parameter that specifies how long a recursive DNS server can cache it. If the DNS recursive server has the DNS record cached or stored for some time as the TTL parameter specifies, then it answers the DNS query by providing the cached source or IP information.

If the DNS record is not in the recursive DNS server's cache, it queries the root DNS server for the TLD of the domain the user/client is trying to reach in this example, google.com. The Root DNS server then responds with a pointer to forwards the DNS lookup request to the TLD nameserver that identifies the authoritative DNS server that is responsible for returning the corresponding IP address of the website enabling the browser to access the desired website.

ThousandEyes Offer Network Intelligence into DNS

ThousandEyes is a network intelligence platform that delivers visibility into every network an organization relies on, enabling organizations to optimize and improve application delivery, end-user experience, and ongoing infrastructure investments.

This is made possible through the ThousandEyes SaaS platform that allows customers to test application and network performance against assets owned by the organization, and assets owned by the organization's Service Providers (SaaS, Outsourcers, etc.). These tests are executed using Endpoint Agents, Enterprise Agents, and Cloud Agents and comprised of Network Tests, DNS Tests, and Web Tests.