What is DNS?
Each computer directly connected to the Internet has at least one specific IP address. However, users do not want to work with numerical addresses such as 184.108.40.206 but with a domin name or more specifically addresses (called FQDN addresses) such as www.commentcamarche.net.
It is possible to associate names in normal language with numerical addresses thanks to a system called DNS (Domain Name System).
At the beginning of TCP/IP, since the networks were not very extensive, or in other words the number of computer connected to the same network was low, network administrators created files called manual conversion tables. These manual conversion tables were sequential files, generally called hosts or hosts.txt, associating on each line the IP address of the machine and the related literal name called the host name.
Introduction to the Domain Name System
However, the previous system of conversion tables required manual updating of the tables for all computers in the event of an addition or modification of a machine name. So with the explosion in the size of networks and their interconnection, it was necessary to implement a management system for names which was hierarchical and easier to administrate. The system called Domain Name System (DNS) was developed in November 1983 by Paul Mockapetris (RFC 882 and RFC 883) then revised in 1987 in RFCs 1034 and 1035. DNS has been subject to many RFCs.
This system offers:
- an hierarchical namespace allowing the uniqueness of a name to be guaranteed in a tree structure, like Unix file systems.
- a system of distribution servers enabling namespace to be made available.
- a client system making it possible to “resolve” domain names, i.e. interrogate the servers to find out the IP address corresponding to a name.
The structure of the DNS system relies on a tree structure where the higher level domains (called TLD, for Top Level Domains) are defined, attached to a root node represented by a dot.
Each node of the tree is called a domain name. Each node has a label with a maximum length of 63 characters.
All domain names therefore make up an inverse tree where each node is separated from the following node by a dot (“.”).
The end of a branch is called the host, and corresponds to a machine or entity on the network. The host name given to it must be unique in the respective domain, or if the need arises in the sub-domain. For example a domain’s web server generally bears the name www.
The word “domain” formally corresponds to the suffix of a domain name, i.e. the tree structure’s collection of node labels, with the exception of the host.
The absolute name relating to all the node labels of a tree structure, separated by dots, and finished by a final dot is called the FQDN address (Fully Qualified Domain Name). The maximum depth of the tree structure is 127 levels and the maximum length of a FQDN name is 255 characters. The FQDN address makes it possible to uniquely locate a machine on the network of networks. So, www.commentcamarche.net. is an FQDN address.
Domain name servers
The machines called domain name servers make it possible to establish the link between domain names and IP addresses of machines on a network.
Every domain has a domain name server, called a primary domain name server, as well as a secondary domain name server, able to take over from the primary domain name server in the event of unavailability.
Every domain name server is declared in the domain name server of the immediately higher level, meaning authority can implicitly be delegated over the domains. The name system is a distributed architecture, where each entity is responsible for the management of its domain name. Therefore, there is no organization with responsibility for the management of all domain names.
The servers relating to the top level domains (TLD) are called “root name servers“. There are 13 of them, distributed around the planet with the names “a.root-servers.net” to “m.root-servers.net”.
A domain name server defines a zone, i.e. a collection of domains over which the server has authority. The domain name system is transparent for the user, nevertheless, the following points must be remembered:
- Each computer must be configured with the address of a machine capable of transforming any name into an IP address. This machine is called the Domain Name Server. Don’t panic: when you connect to the Internet, the service provider will automatically change your network parameters to make these domain name servers available to you.
- The IP address of a second Domain Name Server (secondary Domain Name Server) must also be defined: the secondary domain name server can take over from the primary domain name server in the event of malfunction.
The most commonly used server is called BIND (Berkeley Internet Name Domain). This is free software available under UNIX systems, initially developed by the University of Berkeley in California and now maintained by ISC (Internet Systems Consortium).
Domain name resolution
The consistent mechanism for finding the IP address relating to a host name is called “domain name resolution“. The application making it possible to conduct this operation (generally integrated in the operating system is called “resolving“.
When an application wants to connect to a known host by its domain name (e.g. “www.commentcamarche.net”), it interrogates a domain name server defined in its network configuration. In fact, each machine connected to the network has the IP addresses of its service provider’s two domain name servers in its configuration.
A request is then sent to the first domain name server (called the “primary domain name server”). If this domain name server has the record in its cache, it sends it to the application, if not, it interrogates a root server (in our case a server relating to the TLD “.net”). The root name server sends a list of domain name servers with authority over the domain (in this case, the IP addresses of the primary and secondary domain name servers for commentcamarche.net).
The primary domain name server with authority over the domain will then be interrogated and will return the corresponding record to the domain host (in our case www).
A DNS is a distributed database containing records known as RR (Resource Records), relating to domain names. They alone are concerned with reading the information after the people responsible for the administration of a domain, the operation of domain name servers being totally transparent to users.
Because of the cache system enabling the DNS system to be distributed, the records for each domain have a lifetime known as TTL (Time to Live) enabling the intermediary servers to know the information’s expiry date and therefore know if it is necessary to verify it or not.
Generally, a DNS record contains the following information:
|Domain name (FQDN)||TTL||Type||Class||RData|
- Domain name: the domain name must be a FQDN name, i.e. must end in a dot. If the dot is missing, the domain name is relative, that is the principal domain name will suffix the entered domain;
- Type: a value out of 16 bits specifying the type of resource described by the record. The resource type may be one of the following:
- A: this is a base type establishing the correspondence between the canonical name and an IP address. Moreover, there can be several A records relating to different network machines (servers).
- CNAME (Canonical Name): this enables an alias to be linked to the canonical name. It is particularly useful for supplying alternative names relating to different services on the same machine.
- HINFO: this is solely a descriptive field allowing the description in particular of the host’s hardware (CPU) and operating system (OS). You are generally advised not to complete it in order to avoid supplying information which can be useful to computer pirates.
- MX (Mail eXchange): relates to the email server. When a user sends an email to an address (user@domain), the outgoing mail server interrogates the domain name server with authority over the domain in order to obtain the MX record. There can be several MX records per domain, in order to supply a repetition in the event of the breakdown of the principal email server. So, the MX record allows a priority with a value between 0 and 65,535 to be defined:
www.commentcamarche.net. IN MX 10 mail.commentcamarche.net.
- NS: relates to the domain name server with authority over the domain.
- PTR: a pointer towards another part of the domain namespace.
- SOA (Start Of Authority): the SOA field allows the description of the domain name server with authority over the zone, as well as the email address of the technical contact (where the “@” character is replaced by a dot).
- Class: the class can either be IN (relating to internet protocols, so this is the system used in our case), or CH (for the chaotic system);
- RDATA: this is the data relating to the record. Here is the expected information according to the record type:
- A: a 32 bit IP address;
- CNAME: a domain name;
- MX: a priority 16 bit value, followed by the host name;
- NS: a host name;
- PTR: a domain name;
- SOA: several fields.
Top level domains
There are two categories of TLD (Top Level Domains):
- Domains known as “generic”, called gTLD (generic TLD). gTLDs are top level generic domain names offering a classification according to the sector of activity. So each gTLD has its own access rules:
- historic gTLD:
- .arpa relates to machines from the original network;
- .com initially related to companies with a commercial purpose. However, this TLD became the “default TLD” and the purchase of domains with this extension is possible, including by individuals.
- .edu relates to educational organizations;
- .gov relates to governmental organizations;
- .int relates to international organizations;
- .edu relates to military organizations;
- .net initially related to organizations dealing with the networks. Over several years this TLD has become a common TLD. The purchase of domains with this extension is possible, including by individuals.
- .org usually relate to not for profit organizations.
- new gTLD introduced in November 2000 by ICANN:
- .aero relates to the aeronautical industry;
- .biz (business) relating to commercial companies;
- .museum relating to museums;
- .name relating to the name of people or imaginary people;
- .info relates to organizations dealing with information;
- .coop relating to cooperatives;
- .pro relating to liberal professions.
- special gTLD:
- .arpa relates to the network management infrastructures. The arpa gTLD also serve for the inverse resolution of network machines, enabling the name relating to an IP address to be found.
- historic gTLD:
- Domains known as “national”, called ccTLD (country code TLD). The ccTLD relate to the different countries and their names relate to the country name abbreviations defined by the ISO 3166 standard. The table below summarises the list of ccTLD.
|AE||United Arab Emirates|
|AG||Antigua and Barbuda|
|CD||Democratic Republic of Congo|
|CF||Central African Republic|
|EDU||Organisation with educational links|
|FK||Falkland Islands (Malvinas)|
|FX||France (European Territory)|
|HM||Heard and McDonald Islands|
|IM||Isle of Man|
|IO||British Indian Ocean Territory|
|KN||Saint Kitts and Nevis|
|MP||Northern Mariana Islands|
|NET||Organisation with Internet links|
|ORG||Non referenced organization|
|PG||Papua New Guinea|
|PM||Saint-Pierre and Miquelon|
|PR||Puerto Rico (USA)|
|SJ||Svalbard and Jan Mayen Islands|
|ST||Sao Tomé and Principe|
|TC||Turks and Caicos Islands|
|TF||French Austral Territories|
|TT||Trinidad and Tobago|
|UM||US Minor Outlying Islands|
|VC||Saint-Vincent and the Grenadines|
|VG||British Virgin Islands|
|VI||American Virgin Islands|
|WF||Wallis and Futuna|