DNS Resolution: From Root Servers to DNS Caching

by

When a user enters a website address (e.g., www.example.com) into a web browser, the system must resolve the domain name into an IP address before establishing a connection. This process, known as DNS resolution, involves multiple steps and caching mechanisms to optimize performance.

Step-by-Step DNS Resolution Process

  1. Browser Cache Check:
    • The browser first checks its internal cache to see if the IP address for the requested domain is already stored. If found, it is used immediately, avoiding further queries.
  2. Operating System Cache Check:
    • If the browser does not have the DNS entry, it queries the OS-level DNS resolver, which maintains a cache of recently resolved domain names.
  3. Querying the Local DNS Resolver:
    • If the OS cache does not contain the required record, the query is sent to the configured DNS resolver.
  4. Recursive DNS Resolution Begins:
    • If the resolver does not have the requested record in its cache, it initiates a recursive DNS resolution process. This involves querying the authoritative DNS hierarchy to find the IP address. A recursive DNS server fetches a DNS record by quering the authoritative DNS server instead of holding and providing it immediately.
  5. Root DNS Server Query:
    • The resolver first contacts one of the root DNS servers. The root servers do not store domain-specific IP addresses but provide references to the appropriate Top-Level Domain (TLD) name servers (e.g., .com, .org, .net). There are 13 root DNS server clusters worldwide.
  6. TLD Name Server Query:
    • The root server directs the resolver to the TLD name server responsible for the domain. For instance, for www.example.com, the .com TLD name server is queried, which then points to the authoritative name server for example.com.
  7. Authoritative Name Server Query:
    • The resolver finally queries the authoritative name server for the specific domain. This server responds with the actual IP address of www.example.com. An authoritative name server is a DNS server that holds the official DNS records for a domain. It provides the definitive answer for queries about a domain’s IP address.
  8. Response and Caching:
    • The resolver sends the resolved IP address back to the requesting OS and browser.
    • The resolved entry is stored in multiple caches (resolver, OS, and browser) for future use, reducing the need for repeated queries.

DNS Cache Memory Update

DNS caching is importand as it reduces the query load on DNS servers. The caching mechanism follows these principles:

  • Time-to-Live (TTL) Control:
    • Each DNS record has a TTL value that dictates how long it can be stored in a cache. Once the TTL expires, a new query must be made to ensure updated records.
  • Cache Storage Locations:
    • Browser Cache: Stores DNS records for a short period to speed up repeated access.
    • Operating System Cache: The OS keeps resolved queries to reduce the number of external DNS requests.
    • DNS Resolver Cache: The recursive DNS resolver stores responses to reduce the number of external queries to authoritative servers.
  • Flushing and Updating the Cache:
    • Cache entries are automatically updated when the TTL expires.
    • If a DNS record changes before the TTL expires, changes may take time to propagate unless caches are manually cleared using commands like:
      • ipconfig /flushdns (Windows)
      • sudo systemd-resolve --flush-caches (Linux)
      • dscacheutil -flushcache (macOS)

Leave a Comment