So, lots of us have heard people talk about DNS outages and networking issues revolving around DNS. I will try to keep this short and yet explain everything in as much detail as possible.
DNS? What is DNS? At the beginning of the internet, systems were starting to communicate using IP addresses and piratically IPv4 addresses. An example I will use throughout this is www.google.com, which resolves to 188.8.131.52. By the time I am done, I will be able to recite that by memory.
Not many people think about DNS until it’s not working, but for a network or systems administrator, it’s something that’s at the front of their minds all the time. Especially redundancy, you always want a backup of your backup!
Now, let’s say you’re the typical user who opens up Google Chrome or Firefox, you don’t think much about what’s going on behind the screens. However, there’s a lot of things going on. You opened your browser, it’s loading the homepage. For us let’s say https://www.devry.edu, only that’s not the first connection that’s made. The first thing which happens is your browser begins the process of looking for www.devry.edu. Checking with your operating systems network services first, “Can you resolve www.devry.edu for me? No, Ok”. Then your PC’s OS will use the given DNS server it received from DHCP normally assigned by your home router. For some this is simply 192.168.0.1 or 192.168.1.254, almost everyone’s configuration is different so these IPs can change depending on your setup.
Now your router has a DNS cache inside of it, but before we get too far let’s discuss TTL (Time To Live). The TTL is set by the domain’s administrator on its DNS record, this is the time the record can stay cached in a local server before it is considered retired or outdated. Once the TTL expires it’s removed from the cache, this helps when you’re visiting the same site repeatedly. Let’s say it’s 10 minutes, so once the domain is resolved the DNS server can cache it for 10 mins before needing to query outside sources again. There’re several things to consider when setting your TTL’s but that’s another topic for another day.
So now your PC has responded, no to having a cached record, and queried your router. What happens if the router doesn’t have it? Well, your router has DNS servers specified in its settings also. Your DNS request will continue from server to server until it reaches the root servers of the internet. The ones which are in charge of keeping all domains sorted and accounted for. Keep in mind, there are normally several sets of servers between your router and the root servers. Most queries never make it to the root servers because the records are cached on a server lower down the line. DNS is often set up by geographical areas of your ISP, so let’s say you live in Texas and have AT&T. Its possible 2-3 levels in that all customers for ATT in your area of the state are querying the same or part of the same server cluster and just because you haven’t visited www.devry.edu, doesn’t mean someone across town hasn’t.
Now that your query has reached the root servers and no others below have been able to resolve it from the cache. The root servers are going to respond with an administrative server or NS record for the domain. It’s like saying, I see you want “devry.edu” and my database says dns1.cscdns.net is in charge of the domain. Your request is now on the way to 184.108.40.206, which resolves your request for www.devry.edu to an “A Record of 220.127.116.11”. Most queries will be answered with the “A Record” which points to the domain’s IPv4 address, if the request is made it can also answer with an “AAAA Record” which is the IPv6 IP for the host.
Well, now we know www.devry.edu points to 18.104.22.168. This response will make its way back to your machine, reversing the path it just took to find the answer. All of this happens so quickly, and we haven’t even displayed the website yet. Consider this though, you might be trying to view www.devry.edu, however, all of those ads and other content can also query other sites or domains also.
Once your browser gets its response it will open a connection using HTTP or HTTPS to the host server to retrieve the website you’re wishing to view.