1.1 About DNS Flashcards
What is DNS, and why is it called the “backbone of the internet”?
DNS stands for Domain Name System. It acts like the internet’s phonebook, translating human-readable domain names (like google.com) into machine-readable IP addresses (like 142.250.190.78). Without DNS, we’d have to remember complex numbers to access websites, which isn’t practical. DNS is called the “backbone of the internet” because it’s essential for connecting users to websites and services seamlessly.
What are the different types of DNS servers, and what roles do they play?
There are three main types of DNS servers in the DNS hierarchy:
DNS Resolver: This is the first server your browser talks to. It checks its cache for the IP address. If it doesn’t have the answer, it queries other servers.
Root Name Servers: These servers know where to find the Top-Level Domain (TLD) servers (like .com, .org). There are 13 logical root servers globally.
Authoritative Name Servers: These servers hold the actual DNS records (like IP addresses) for specific domains. When you update DNS records, you’re updating these servers.
Each server type plays a specific role in resolving domain names to IP addresses.
Describe the step-by-step process of a DNS query when you type google.com in your browser.
Browser Cache: The browser first checks its own cache for the IP address of google.com.
OS Cache: If the browser doesn’t have the answer, it asks the operating system, which also has a cache.
DNS Resolver: If the OS doesn’t have the answer, it contacts the DNS resolver (like your ISP or Google’s 8.8.8.8).
Root Name Server: If the resolver doesn’t have the answer, it asks the root name server, which directs it to the .com TLD server.
TLD Name Server: The .com TLD server provides the IP address of the authoritative name server for google.com.
Authoritative Name Server: The resolver contacts this server, which returns the IP address for google.com.
Response: The resolver sends the IP address back to the OS, which sends it to the browser. The browser then loads the website.
This process ensures that the correct IP address is found, even if it involves multiple steps.
What are root name servers, and why are they important in DNS?
Root name servers are the first step in resolving a domain name. They store the IP addresses of the Top-Level Domain (TLD) servers (like .com, .org, .net). There are 13 logical root servers worldwide, each with a unique IP address. However, each root server is backed by multiple physical servers distributed globally. Using anycast routing, users are automatically directed to the closest physical server, ensuring fast and reliable responses. Without root servers, the DNS system wouldn’t know where to start looking for domain information.
What is a TLD name server, and what does it do?
A TLD (Top-Level Domain) name server is responsible for storing information about domains under a specific TLD, like .com, .org, or country-specific TLDs like .uk or .de. For example, the .com TLD server knows the IP addresses of the authoritative name servers for all .com domains. When a DNS resolver queries a TLD server, it gets the address of the authoritative server for the specific domain (like google.com). This step is crucial for narrowing down the search to the correct authoritative server.
What is an authoritative name server, and why is it important?
An authoritative name server is the final stop in a DNS query. It holds the actual DNS records (like IP addresses) for a specific domain. When you register a domain, the registrar (like GoDaddy or Namecheap) provides default authoritative servers, but you can change them to others (like AWS Route 53 or Cloudflare). These servers provide authoritative answers to DNS queries, meaning they are the ultimate source of truth for a domain’s DNS information. Without authoritative servers, DNS resolvers wouldn’t know where to find the IP address for a domain.
What is DNS propagation, and why does it take time?
DNS propagation is the time it takes for DNS changes (like updating an IP address) to spread across all DNS servers worldwide. This happens because DNS records have a TTL (Time to Live), which specifies how long servers should cache the record before checking for updates. Some TTLs are set to long durations (like 24 hours), so it can take time for all servers to refresh their cache. Additionally, some DNS resolvers don’t honor TTLs, further delaying propagation. To speed up updates, you can reduce the TTL in advance, giving servers time to adopt the shorter cache duration.
What are the best practices for updating DNS records on a live, high-traffic system?
To safely update DNS records:
Reduce TTL in Advance: Lower the TTL (e.g., to 60 seconds) for the record you plan to change. This gives DNS servers time to adopt the shorter cache duration.
Keep Old Server Running: After updating the DNS record, keep the server on the old IP address running until traffic decreases. This ensures users still reach the site, even if some resolvers haven’t updated their cache.
Monitor Traffic: Only decommission the old server when traffic to it drops to an acceptable level.
These steps minimize downtime and ensure a smooth transition during DNS updates.
Why is DNS designed to be decentralized, and how does this make it robust?
DNS is decentralized because it uses a hierarchical system with multiple layers of servers (root, TLD, and authoritative). This design ensures no single point of failure. If one server fails, others can still resolve queries. Additionally, the use of caching at every level (browser, OS, resolver) reduces the load on servers and speeds up responses. The global distribution of root and TLD servers, combined with anycast routing, ensures users are always directed to the closest server, making DNS highly reliable and efficient.
