Introduction to Important Types of DNS Servers
We hear a lot about DNS Servers in our day to day life. Most of the time, it’s actually our web browser showing us a page stating DNS request failed or something similar. So, what exactly are DNS Servers? How do they affect the whole internet? Some even said that if the DNS servers do not exist, then the whole internet would shut down. Are those threats real? Let’s take a deep look into DNS servers and how their existence affects us.
DNS Servers and Myth
So let’s get started with DNS Servers first. DNS Server is a web technology to manage names of websites on the Internet. But it just doesn’t end there. It has a lot of configurations in it as well. For example, let us say your physical address as to where you live is 42 Baker Street, California, 50001. And the latitude and longitude are 70.92854301 and 65.102840203(just a random one). So, if anyone asks you where you live, you don’t point out your lats and longs on a map. People will actually start going crazy if you do this. But the worse fact is people won’t even remember it. Even the simplest of a change in number will change the whole address. DNS Server works similarly. DNS Server or Domain Name System Server is a temporary name given to a specific web place. It can change however but is less likely with popular websites. So the lats and longs are known as IP Addresses of the internet. So, taking the example of Google, the IP address is 18.104.22.168, but do you ever remember typing that on the URL bar in your browser? Likely not. You always type www.google.com or most even just google and hit ctrl+enter (if you are lazy like me). So, Google.com is just a name given to the IP address here, and it will never change until unless you change the DNS records of google (will get back on DNS records later in the blog). This is the reason why you get DNS request failed or ‘This webpage is not available’ error on your browser when you are not connected to the Internet or if you type in something that’s not valid, because it is unable to lookup for anything with that specific name you typed in the URL bar.
There is a huge gangland myth on the internet that the whole internet will shut down if DNS Servers stopped working. Nope. That’s never gonna happen until unless a wide range Nuclear blast occurs. This is pure idiocracy. If the DNS Servers stop working, you won’t be able to call any website with its name, say, for example, microsoft.com, but however, if you know the IP Address, then you can straight away type it in the URL bar, and you are good to go. The only worse thing here is that till now, you can ping to a specific DNS Server using your terminal or your command prompt to get its IP Address, or you can even do a Who is a lookup to check it, but if the internet goes down, there won’t is a DNS Server to ping to either by command prompts and terminals or by doing a who is lookup. The only possible way to connect would be to remember or list down all the IP Addresses of the website you visit. But seriously, I don’t think the Internet is easy to go down thing. So, now since the Myth is busted, let us take a look at how things actually work in the DNS Server.
DNS Records and DNS Queries
Now that we know what a DNS Server is, let us take a look at how it works. A DNS Server consists of multiple things, but most importantly DNS records and DNS Queries. Let us take a look at them one by one:
DNS records are just a list of resource records which define how the DNS system needs to work. A DNS system consists of the IP Addresss and the mail server, and other records to point to. So, that, for example, say you have a website with the name of www.iamawesome.co; thenn you may need an email ID with something like email@example.com.Againn here, you need an IP Address as to where to point towards when the mail comes to the domain iamawesome.com, and this part is done by the DNS Recordsthath configure the DNS Servers. DNS Records consists of a lot of things. I wont be going into detail, but I sure will list the important DNS records here:
|A||Address Record||It returns a 32-bit IPv4 address. This is where the actual Website is redirected towards most commonly.|
|CNAME||Canonical Name Record||This is an Alias. The DNS Server will continue to lookup with this new name.|
|DNAME||Delegation Name||This again is an alias for a name and its subname, unlike CNAME, which is only an aliaf. But similar to CNAME, the DNS Server tries to lookup with this new name as well.|
|DNSKEY||DNS KEY Record||There is another record known as a KEY record, which I haven’t mentioned here. The format of DNSKEY is same as the KEY, and is used in DNSSEC (more in description).|
|LOC||Location Record||This provides the geographical location depending upon the domain name.|
|MX||Mail Exchange Record||This is related to the email routing which I mentioned previously. This maps the domain name with the email ID.|
|NS||Name Server Record||Provides a DNS ZONE to authorized name servers.|
|TKEY||Secret Key Record||This is the Key used with TSIG which is encrypted under Public Key.|
|TSIG||Transaction Signature||This is used to authenticate updates coming from an approved source or name server. It is used along with TKEY.|
|TXT||Text Record||This file provides machine data related to frameworks and encryption.|
DNSSEC or Domain Name System Security Extensions is engineered to secure information used on DNS which is used in Internet Protocol. DNS Servers by default did not have sufficient security. DNSSEC was developed to secure data from forged certificates or manipulated DNS information such as DNS hacking or what is particularly known as DNS cache poisoning. Replies from DNSSEC are all digitally signed and secured. But however like other securities, even DNSSEC has loopholes. It only checks whether data is authenticated, but it does not actually encrypt any data. Thus, there is not data confidentiality. Here, public-key cryptography is used for digitally signing records to authenticate source.
DNS Query is a way the client uses to interact with DNS Servers to get a reply for an answer. Following are the types of DNS Queries:
In a recursive query, the DNS server receives your query and will perform all the job from receiving the answer to replying it back to you. When processing this, the DNS server also queries other similar servers on the web to fetch an answer for you. Thus, when a recursive query is sent to a DNS server, it can do either of the two things: first is to return the records providing the IP addresses which is linked with requested host name, or it can provide an error stating that the specified domain name does not exist which we normally get when we are not connected to Internet as I stated above. But however on the other hand, if the DNS server is unable to find requested name in its own zone database, it will then start to ping other DNS servers for the same query. This is how the whole recursive query works.
You can also ban these types of recursive queries for a selected DNS server. In that case, the DNS server will only work with the help of iterative queries.
Iterative or Non-Recursive Queries
Before I begin with iterative or non-recursive queries, it is important to note that all DNS servers must support this query first to work. When a client is not using a recursive query, and tries to send an iterative query, the DNS server returns the client’s best possible answers. This answer can either be the desired name that is resolved, or it can also be a referral to a totally different server that can provide the requested data that the client required. And this server is not a part of any old server where it has already requested. Referrals work as a pointer here. A queried DNS Server doesn’t try to capture or request an answer from somewhere else, but it will provide you the answer if it already has any by itself.
In this query, a request is sent via DNS resolver to the DNS server to reply tto the host name andess. Thus, here the search for this specific host name needs to be thorough in order to find the correct answer. DNS resolvers are just simple applications which questions the DNS Servers for correct answers.
Types of DNS Servers
To be specific, there are actually ‘n’ number of DNS servers all over the Internet which contain this data piece by piece, but there are only 13 servers that are more appropriately known as root DNS Servers which contain the whole global database on each of these 13 servers. And there are only two types of DNS Servers in total, one is the primary and another one is the secondary. It is however critical to keep in mind that any of these two DNS servers can be used either as a primary or as secondary one which obviously depends on the choice of the server admin. It is also possible to keep one single server acting as primary for one as a secondary for any other zone. In detail information about these types of DNS Servers are as follows:
Primary DNS Servers
This server locates and reads the data from the domain zone file mostly the A records which are located on the webserver like Godaddy or Bigrock. This primary server is also responsible for sending this info to the secondary server.
Here, the server administrator writes the zone information who commands the server as to how to behave with other servers. These include mostly the DNS records files that I mentioned previously. When a primary server transfers domain zone info from one server to another, it is called Zone transfer or Zone relocation. There are always two DNS servers configured for every domain. The primary reason for this is to make the admin’s life easier by having double the security due to multiple servers and also to create a backup. Once a primary server is created and zone data is copied, there is actually no need for backup. All of this is taken care of already because the primary server, by default, copies all this data to the secondary server every time.
Secondary DNS Servers
Secondary DNS server are also known as Slave server since it only does the work of capturing data from the primary server and acting as a backup. The primary server is known as the Master Server in Microsoft’s DNS Server software.
However, more than two DNS servers can be configured, and only one can be kept as a Master Server, second as a Primary Server and third as a Secondary Server. This can be a bit confusing, so I won’t get much deeper into that. But this is just for the information sake. Most of the time, the primary and the Master server are the same.
Secondary Servers play a vital role in data management and it is as important as a primary server. This is because they lower the load on the primary server, and the load is distributed equally if a specified ratio to deliver the load is not configured. Also, if, in some case, the primary server goes down either due to load shedding, overloading or some other attack by hackers, there will always be a secondary server to act as a primary one to deliver the data without disruption. Thus by doing this, they also provide a lot of security. There is actually much more to DNS Servers in general, but I can cover this by far in this blog.
Here are some articles that will help you to get more detail about the Types of DNS Servers, so just go through the link.
- Windows Server Interview Questions
- Linux Apps
- DNS Amplification Attack
- Introducing Important Types of DNS Servers (Powerful)