Understanding the DNS Process

Reading Time: 8 minutes

What is DNS?

DNS stands for Domain Name System (DNS) services. When we access a website, we are using this service to locate the server where the domain’s website is located. When browsing the web, we usually type in a domain name like www.google.com into our browser. This is better than trying to remember an IP address linked to a Google server.

Behind the scenes, a conversion happens using this service which converts www.google.com to 172.217.12.46. The IP address designates the location of a server on the Internet. This conversion process is called a query. This is an integral part of how devices connect with each other to communicate over the internet. To understand the query process, let’s review how this query works.

How Does the DNS Process Work?

Step 1: Requesting Website Information

Let’s visit a website by typing a domain name into a web browser. Our computer will start resolving the hostname, such as www.liquidweb.com. Our computer will then look for the IP address associated with the domain name in its local DNS cache. This cache stores this information that our computer has recently saved.  If it is present locally, then the website will be displayed. If our computer does not have the information, it will perform a DNS query to retrieve the correct information.

Step 2: Contact the Recursive DNS Servers

If the information is not in your computer’s local cache, then it will query another server. Recursive DNS servers have their local cache, much like your computer. Many ISP’s use the same recursive DNS servers, it’s possible that common domain name is already in its cache. If the domain is cached, the query will end here and the website displayed to the user.

Step 3: Query the Authoritative DNS Servers

If a recursive DNS server or servers do not have information stored in its cache memory, it looks elsewhere. The query then continues up the chain of authoritative DNS servers. The search will continue until it finds a nameserver for the domain. These authoritative name servers are responsible for storing these records for their respective domain names.

Step 4: Access the DNS Record

To locate the IP address for liquidweb.com, we will query the authoritative name server for the address record (A record). A Recursive DNS server accesses the A record for liquidweb.com from the authoritative name servers. It then stores the record in its local cache. If another query requests the A record for liquidweb.com, the recursive server will have the answer. All DNS records have a time-to-live value, which shows when a record will expire. After some time has passed, the recursive DNS server will ask for an updated copy of the records.

Step 5: Final DNS Step

The Recursive DNS server has the information and returns the A record to your computer. Our computer then stores the record in its local cache. It reads the IP address from the DNS record and passed it to our browser. The web browser will connect to the web server associated with the A records IP and display the website.

The entire lookup process, from start to finish, takes only milliseconds to complete. For a better understanding, let’s break down the components that make up the lookup process.

The DNS Process

DNS Servers

Authoritative DNS Server

An authoritative name server is a server that stores DNS records (A, CNAME, MX, TXT, etc.) for domain names. These servers will only respond to queries for locally stored DNS zone files.  Say a server in our network has stored an A record for example.com. That server is the authoritative server for the example.com domain name.

Recursive Nameserver

A recursive name server is a DNS server that receives queries for informational purposes. These types of servers do not store DNS records. When a query is received, it will search the cache memory for an address linked to the IP address. If the recursive name server has the information, then it will return a response to query sender. If it does not have the record, then the query will be sent to other recursive name servers. This continues until it reaches an authoritative DNS server that can supply the IP address.

DNS Zones

A DNS zone is an administrative space within the Domain Name System. A zone forms one part of the DNS namespace delegated to administrators or specific entities. Each zone contains the resource records for all of its domain names.

DNS Zone File

A DNS zone file is a text file stored on a server. It contains all the records for every domain within that zone. It is mandatory for the zone file to have the TTL (Time to Live) listed before any other information. The TTL specifies how long a DNS record is in the server’s cache memory. The zone file can only list one record per line. It will display the Start of Authority (SOA) record listed first. The SOA record contains essential domain name information including the primary authoritative name server for the DNS Zone.

DNS Zone File

DNS Record Types

DNS records are stored in authoritative servers. These records provide information about a domain, including its associated IP address for each domain. It is mandatory for all domains to have a specific set of default records. Below are a list of the most common record types and frequently utilized DNS records. Let’s look over each type of record.

A (Address) Record
An A record (or Address Record) points a domain name to an IP address. For example, when you type www.google.com in a web browser, the DNS system will translate that domain name to the IP address of 172.217.12.46 using the A record information stored in a DNS Zone file. The A record links a website’s domain name to an IP address that points to the server where the website’s files live.Example of A record
CNAME (Canonical Name) Record
A CNAME record forwards a domain name to a different domain name. This record does not contain an IP address. We can utilize this type of record only when there are no other records on that domain name. Otherwise, a conflict is introduced by the other records which would interfere with its resolution. As an example, the following CNAME record can redirect web traffic to go from www.google.com to simply google.com but not to an additional domain name such as gmail.com. In the CNAME records below, we see the FTP service being redirected to the main domain and mail being redirected to the “webmail” service on a server.

Example of CNAME record

MX (Mail Exchanger)
The MX record routes email messages to a specific mail server linked to a domain from a designated mail host on a different server. MX records use a priority system if there is more than one MX record used for a domain that is using more than one mail server.

Example of MX records

The priority number to the right of the MX specifies the order of access to the mail servers. Counterintuitively, the lower the number is, the higher the priority. For example, the priority number of 10 set within the MX record will receive the email messages first. The MX record with the priority number of 20 will be a backup if the MX record with the priority of 10 is unavailable.

TXT (Text) Record
A TXT record is utilized for information and verification purposes. The TXT record discloses information about your domain to other servers such as what services the domain is using. A Sender Policy Framework (SPF) record is an example of a TXT record that is added to help identify, verify and confirm an email message is actually coming from the server it is being sent from.

Example of TXT record

NS (Name Server) Record
The NS or Name Servers records denotes which DNS server is authoritative for a domain. This simply means it identifies which server contains the current records for a domain. These servers are usually found at a registrar, ISP, or hosting company. The highest level of authority comes from the 13 top level DNS servers which actually contain all the active records for every domain. These servers track and share DNS info with all the other DNS servers at the businesses noted above. NS records are created to identify the nameservers used for each domain name within a given zone. Example of NS records
SOA (Start of Authority) Record
The SOA record is a resource record which stores information regarding all the DNS records within a given zone.  An SOA record contains properties of a zone such as:

  • The name of the primary DNS server
  • The Email address of the responsible party for that zone
  • The serial number that is used by a secondary DNS server to assess if the information a zone contains has changed.
    • If the information within a zone has changed on the primary server, those changes are shared to other DNS servers and this updates the serial number on the zone file to indicate and update has taken place.
  • Refresh Interval or TTL
    • This shows how frequently the DNS servers check for updates or changes to any of the records, as determined by the TTL or Time to Live. This number can be modified to increase or decrease the timeframe when those changes occur,
  • Retry Interval
    • The retry interval displays how frequently the secondary DNS servers should retry checking if any changes are made to the zone if the first refresh fails.
  • Expire Interval
    • Shows how long the zone TTL will be valid after a refresh.
  • Minimum (default) TTL (Time to Live)
    • The SOA records are outlined in https://www.ietf.org/rfc/rfc1035.txt  under “Domain Names – Implementation and Specification”.

Example of SOA record

SRV (Service) Record
The SRV records are created to establish connections between services and hostnames.  For example, if an application is searching for a location of a service that it needs, it will look for an SRV record with that information.  When the app finds the correct SRV record, it will filter through the list of services to find the following information:

  • Hostname
  • Ports
  • Priority and Weight
  • IP Addresses

Here is an example of two SRV records.

_sip._tcp.example.com.   3600 IN SRV 10 50 5060 serviceone.example.com.
_sip._tcp.example.com.   3600 IN SRV 10 30 5060 servicetwo.example.com.

Note: _sip is the name of the service and _tcp is the transport protocol.

The content of the SRV record defines a priority of 10 for both records. The first record has a weight of 50 and the second a weight of 30. The priority and weight values promote the use of specific servers over others.  The final two values in the record describe the port (5060) and hostname (serviceone.example.com) to connect to for accessing any services.

PTR (Pointer) Record
A PTR record (Reverse DNS record) does the opposite of an A record. It resolves an IP address to a domain name. The purpose of this record is mainly administrative. It verifies that an IP address links to a domain name. Not all DNS hosting providers offer this type of record.

DNS Troubleshooting

Now that we have reviewed the DNS services and components, we can begin troubleshoot DNS issues which can arise. Below is a list of common DNS troubleshooting tips.

  • If our website displays “Server IP address could not be found,” it’s possible that the A record is missing. You will need to add an A record to your DNS zone.
Error Page "IP Address Not Found"
  • Check to see if you have any improperly configured DNS records.
  • When you change your name servers, we need to wait for the name servers to propagate. The propagation can take 24 – 48 hours to complete propagate across the internet.
  • Check to see if you have high TTL (Time to Live) values. If an A record has a default TTL value of 86400 seconds (24 hours). If we update the an A record, propagation will take 24  to 48 hours to disperse. It is better to change the TTL value to 300 seconds which is 5 minutes. We have a great article that talks more about TTL values.
  • If we use a third-party proxy server and our website is not displaying. We can use our local host file to see where the issue is occurring. Our website is called dnswebtest.com. This domain is using a third-party proxy server. If there’s a connection error, we can usually locate where the error originates. To locate the issue with the host or the proxy server, we investigate. To troubleshoot, we will modify our local host file. We add the website dnswebtest.com as an entry to the host file. Then, point it to the web hosting company’s IP address, for example, 98.129.229.4. If we visit the website and it displays correctly, we know the issue is with the third-party proxy server. Here is an excellent article on How to Edit Your Host File.

Although DNS can be a complex issue, a better understanding of the process is always helpful. These troubleshooting tips can prepare us to work with DNS. The following tools are quite useful when checking DNS propagation or records.

  1. https://www.whatsmydns.net/  for DNS propagation
  2. https://www.whoishostingthis.com/ to show what IP address a website is resolving to

How Can We Help?

We pride ourselves on being The Most Helpful Humans In Hosting™!

Our Support Team is full of experienced Linux technicians and talented System administrators who have intimate knowledge of multiple web hosting technologies, especially those discussed in this article.

Should you have any questions regarding this information, we are always available to answer any inquiries with issues related to this article, 24 hours a day, 7 days a week 365 days a year.

If you are a Fully Managed VPS server, Cloud Dedicated, VMWare Private Cloud, Private Parent server, Managed Cloud Servers, or a Dedicated server owner and you are uncomfortable with trying to modify any changes outlined, we can be reached via phone @800.580.4985, a chat or support ticket to assist you with this process.

Author Bio

About the Author: David Singer

I am a g33k, Linux blogger, developer, student and Tech Writer for Liquidweb.com/kb. My passion for all things tech drives my hunt for all the coolz. I often need a vacation after I get back from vacation....

Refer a friend and get hosting credit!