What is DNS?
We explain what DNS is, how it works, and how outages can be avoided
The Domain Name System (DNS) is a hierarchical naming system that's applied to every entity connecting to the internet or a private network, such as a device or service.
The technology acts as a mediator between the user and the web browser, as the former typically works with memorable domain name templates while the latter uses IP addresses to communicate with other services across the internet. In this sense, the DNS removes the need for users to remember unique IP addresses.
Often referred to as the "phonebook of the internet", DNS allows users to stick to site addresses such as www.itpro.com, instead of a string of ordered numbers, punctuated by dots in the case of IPv4, or colons in the case of IPv6.
How does DNS work?
The way DNS functions is rather straightforward, at least on the surface. That's because it hides a suite of complex processes that can be described as a conversation between different components.
Such an exchange begins when someone types or copy and pastes a website address into their web browser's search or URL bar. That then signals to the computer or other devices – such as a tablet or smartphone – to issue a query over the internet aimed at a target server; that server is known as a recursive resolver.
In essence, this process is akin to the computer asking what the IP address is of the search query. In order to resolve this request, the server then issues further queries.
The recursive resolver first issues a query to what's known as the root server, which acts like an index. From here, the root server is able to direct the recursive resolver to the correct top-level domain (TLD) - a server that hosts the last section of the url, such as .com, .co.uk or .fr.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
From here, the recursive resolver will then be directed to the authoritative nameserver, which is able to provide the final piece of the puzzle by matching the whole url, i.e. www.itpro.com, with its IP address, provided it has access to it, which is then returned to the original web browser.
This whole process, while quite complex, only takes a matter of seconds to complete.
What is a DNS server?
DNS servers form the underlying infrastructure that provides makes up the domain name system. That infrastructure is actually formed from multiple servers comprising the root server, recursive resolver, the authoritative server – more commonly called the domain name server – and the TLD name server.
There are 13 DNS root servers spread across the world that every recursive resolver knows how to contact. These are overseen by the nonprofit known as the Internet Corporation for Assigned Names and Numbers (ICANN) and decide which TLD name server the recursive resolver should contact based on the TLD of the URL.
The TLD name server, which is managed by a branch of ICANN known as the Internet Assigned Numbers Authority (IANA), will be one of two types. Either it has information on addresses that end in a generic TLD, such as .com, .org or .net, or it has information on addresses that end in country code TLDs, such as .cn, .za or .uk
Finally, the domain name server/authoritative name server has specific information on the domain name it serves, which is how it resolves the final piece of the DNS query puzzle.
What happens when DNS fails?
As is the case with all forms of technology, especially the elements that make up the internet, DNS failure can be a fairly regular occurrence.
While DNS failure can arise as an intermittent problem, usually when shifting a domain to a new hosting platform, it can also be a far more serious issue. Outages, for example, may occur due to a cyber attack or because a portion of the network is damaged, causing unresolved DNS queries.
DNS failure normally manifests itself as an on-screen error, usually as either ‘DNS server not responding’ or 'Your computer appears to be correctly configured, but the device or resource (DNS server) is not responding'.
Whether you may be experiencing a simple error or what may seem to be a more serious outage, fundamentally these issues arise due to the domain name not matching with the IP address.
While the nature of DNS failure may seem simple, and therefore easy to resolve, often DNS failures can have a catastrophic effect on businesses. Those that host apps or services on the internet, for example, could be crippled by a DNS failure. The outage could lead to a major loss of revenue or productivity, in addition to service disruption.
There are certainly ways to resolve a DNS failure, and implementing a form of a DNS failsafe is one of the most important measures a business can take. Doing so means services can switch over to another DNS server in the event of an outage, with end-users left unaware that there’s even a problem.
DNS monitoring is another way to ensure that if there’s a problem, a business has the visibility to act quickly to fix the issue before the problems escalate any further.
Dale Walker is a contributor specializing in cybersecurity, data protection, and IT regulations. He was the former managing editor at ITPro, as well as its sibling sites CloudPro and ChannelPro. He spent a number of years reporting for ITPro from numerous domestic and international events, including IBM, Red Hat, Google, and has been a regular reporter for Microsoft's various yearly showcases, including Ignite.