What is a Domain Name Server (DNS)?
DNS is a computer server that contains a database of many IP addresses and their associated domain names. It is used to translate the requested domain name to an IP address so that the computer knows which IP address to connect to for the requested content. The Internet is a network of connected computers that communicate with each other through IP addresses. DNS plays an important role in helping us use the Internet easily, and it is one of the most important foundations of the Internet as we know it today.
It's easier for us to remember a domain name webnic.cc than a string of numbers 104.20.73.209 (IP address) to WebNIC's website. Domain names and DNS are both very important, and they work together to make this possible. If you're not sure what a domain name is, read our blog here.
A good example is to think of DNS as a phone book, which matches names to phone numbers. You can search for the name you want and find the corresponding phone number. It is also a similar concept to a smartphone's contact list, which matches contact names with phone numbers. Remembering a domain name is definitely easier for us than remembering a string of numbers. DNS helps us do this by matching domain names to IP addresses and significantly simplifies our web surfing experience.
How does DNS work?
DNS starts working as soon as the user enters the domain name in the browser address bar. It will search through the Internet to find the IP address associated with the entered domain name. After successfully identifying the IP address, it directs the user's browser to connect to it, and the browser will then serve the requested website content. The process happens very fast with almost no delay and the user goes to the website he requested almost immediately. However, behind the scenes, DNS performs many processes.
The first step DNS does is to send DNS queries to several other DNS servers. Rather than just a single server responding to billions of domain name requests, DNS is distributed across a global DNS network that stores a directory of IP addresses in a distributed fashion.
With this in mind, all DNS servers work together to handle billions of domain name requests worldwide. The reason behind this is to reduce the time it takes for the user to get a response to the request. If a user is looking for a specific site and there is only one DNS server to handle it, it will take longer to search the millions of records in the directory. What if there are millions or even billions of users doing the same thing at the same time? This takes a long time and the user's browsing experience will definitely be negatively affected.
Therefore, DNS is set up to work together across multiple servers to provide users with the best browsing experience. When a user enters a website address in an Internet browser, a DNS query is initiated and the DNS server sends the query to several other DNS servers, each tasked with translating a different part of the domain name entered by the user. There are mainly four servers working together to translate website addresses into computer-readable IP addresses, namely DNS resolution servers, root servers, top-level domain (TLD) servers, and authoritative name servers. A DNS resolver is the server responsible for most of the process of translating domain names into IP addresses. It receives the DNS query and then queries the other three DNS servers mentioned above to translate the domain name like a client.
It first queries the root server, which responds to the query by returning the IP address of the TLD server (eg .com, .net, .org, etc.). TLD servers store information for their domains and return the IP addresses of authoritative name servers to DNS resolvers. This is the actual location of the requested website. It then returns the actual IP address of the requested website to the DNS resolver, which in turn responds to the initial DNS query for the actual IP address. Check out the diagram below for a clear step-by-step process of how DNS works.
Another point worth mentioning is point 9, as shown. After retrieving the correct IP address for a given website, the DNS resolver performs a caching function to cache the data for a limited time. The purpose of this is that if the user requests the same domain name again, it can immediately direct the user to the correct web server without having to go through the whole process of domain name translation again. In a sense, if other users request the same domain name, their request can be processed immediately and they can enjoy a great browsing experience.
The Importance of
DNS DNS helps improve the efficiency of organizing and locating more than 300 million domain names and their corresponding IP addresses worldwide. It's not hard to see why DNS is an important foundation of the Internet as we know it today. Numerous DNS servers around the world work together to provide an optimized Internet browsing experience. The DNS system has been around for over 30 years and has proven to be a stable and vital part of the Internet infrastructure that connects the global world. However, hackers are also using the system to exploit and deceive the public through DNS attacks.
DNS Attacks
DNS attacks can occur in several ways. The most common method is to attack a user's computer with malware. A malware attack can change a user's computer's DNS server settings to connect to a hacker's DNS server. The hacker's server can then direct users to other fake websites and trick them out of confidential information, such as their identities, banking information, or any other form of sensitive information. This attack is called DNS cache poisoning.
Another form of DNS attack is to bombard a user's computer with a flood of data from DNS Resolver servers. It will cause the victim's machine to be inundated with the influx of data and it will be unable to provide its original service. Hackers can then extort victims or force them to pay a ransom to keep their machines safe from attack. This attack is called a DNS reflection attack.
Last but not least, DNS attacks can also occur through system resource exhaustion. Hackers can clog the DNS infrastructure of a user's Internet Service Provider (ISP) and make it inoperable. This is done by hackers by registering a domain name and using the victim's DNS server as the authoritative server for that domain. They then flooded the domain with requests for subdomains that didn't exist, which flooded the DNS resolution process and eventually crashed the victim's DNS system. This type of attack is called a DNS resource exhaustion attack.
Conclusion
The existence of DNS is truly a remarkable thing, because this technology enables everything on the Internet as we know it today. Without DNS, the surfing experience can be very painful and cumbersome. Without DNS, the Internet and the world as we know it today could be very different. Next time you browse the Internet, be sure to appreciate the existence of DNS and realize the convenience it brings to all of us. Make sure you also take appropriate steps to protect your computer from DNS-related attacks by hackers.
Related learning materials:
https://download.csdn.net/course/detail/30340