How does DNS work? For dummies!
I get a lot of people asking how DNS works, my response is always that your computer asks a server what IP address a domain points to and then goes and makes it's request to that address. But how does DNS really work and why does it work the way it does? That question is a little more involved but i've tried to answer in the simplest way possible without dumbing it down too much.
https://mydomain.org.uk is a domain, when you type that into your address bar, your computer asks a server called a Domain Name Server (DNS) where to load that site from, the DNS Server responds with an IP Address which works just like you might use a house number & postcode to find a house in the real world, an IP address can be used to find a server on the internet.
Your browser then goes to that IP Address and says, what content have you got for https://mydomain.org.uk, and if that server does indeed host the website, you’ll see it load up in your browser.
It’s the same for anything internet related, when you send an email to firstname.lastname@example.org the mail server your sending from asks a DNS Server the IP Address of the Mail server that it needs to send to and then once it has a response, sends the email to it.
The main domain record types:
- A: This is what’s called a host record, it contains an IP address of a server that hosts a service.
- CNAME: This is just a pointer, it represents the same value as another record, for example: www.mydomain.org.uk has been configured as a CNAME because it’s hosted at the same place as mydomain.org.uk (which is an A record). This is done so that if we ever change server IP Address of our website, then we only have to update the one record and the changes will be reflected on both, though it does require an extra lookup.
- MX: A Mail Exchanger record specifies what mail servers are responsible for a domain and where to find the mailboxes for email addresses you might want to send to.
But how does my DNS Server know what server hosts that domain?
A DNS Server might not know who hosts https://mydomain.org.uk so it goes off to another DNS server, usually the one responsible for all .org.uk domains (called a root name server) and asks, who has the records for https://mydomain.org.uk, it returns the address of the DNS Server that knows (because it has a list of servers that are responsible for managing the records on that domain) and then caches the answer for anyone who might ask later on. This makes the lookup a little slow for the first lookup but a lot quicker thereafter.
So why does it cache?
Without caching, websites would load very slowly because of the number of computers in the chain to load a website. If your computer, for every file, image, document and stylesheet had to find out what server hosted it every time, imagine the round trip it’d have to take and how many requests those servers would be answering! It could take seconds, just to find out where a file should be downloaded from. That’s a pretty crappy user experience.
For example, you load an image in your browser, such as https://www.mydomain.org.uk/Images/logo.png, your computer first checks its internal cache, it has nothing, so it will go and ask the DNS Server within the company building if it knows, and guess what? It has no idea either, so it goes and asks the name servers that it’s been told to reference, let’s say for example Google’s domain name servers at the address 184.108.40.206, they don’t know either, so they ask a root name server which has records for the .org.uk domains, they forward the request on to the server that has the records for mydomain.org.uk and then the information is passed down the chain until it reaches your machine. Usually each machine in the chain will then cache the result so it doesn’t have to go off and do the lookup again, it can just go and ask the web server directly.
How does it know how long to cache for?
Each record on a DNS Server (no matter what type) has what’s called a TTL which stands for Time To Live, this tells your computer and any DNS Servers that have cached the record to go and look up a fresh copy of the record after the time has passed, it’s normally a few hours and is stored in milliseconds. This is because the data might have changed in that time, so if we did want to change a server address at some point, we can change the TTL from 24 hours to 1 hour, this tells all servers to update or at least invalidate their cache after 1 hour instead of 24. But be careful, because it was set to 24 hours previously, it’ll take 24 hours for the TTL change to reach all servers/computers involved.
I realise this is a little involved for a newbie, but I tried to make it fairly simple without dumbing down too much, any questions, just ask!
Published at 11 Jul 2018, 11:47 AM