What is DNS ? How does DNS works in browser ?
DNS is Domain Name System which typically has hostname to IP mapping. So when you type http://8jq.9e2.myftpupload.com in the browser it takes you to the homepage of the website.
To reach anywhere in the Internet you need IP address (basically corresponds to home address of that website). Remembering IP address would become difficult and DNS servers eliminates the need to memorize the IP address and makes it easier by having a hostname so DNS is basically hostname to IP address mapping.
So ever wondered how does the browser know what is the IP address of thegeekyshiva.com ?
Let us find out the process how browser finds the IP address with help of DNS :-
Step 1:
-The first step browser does is to check its DNS cache. If the website was recently visited , the browser stores it’s IP address for a certain period of time which is until the TTL(Time To Live) is expired. By this it does not have to do a DNS query every time which ultimately improves the load time for the website
Step 2:
-In case there is no entry for DNS in browser cache then it looks into local DNS cache of the machine.Local DNS cache stores the IP address of recently visited websites in its cache. On a Windows machine, hosts file entries are also loaded into the DNS cache. Host file can be located under this (C:\Windows\System32\drivers\etc) directory on Windows machine. So if you have an entry just as I have in the screenshot below then thegeekyshiva.com will always resolve to 127.0.0.1.
-Lets verify if the above entry works by doing ping test on CMD. Ping resolved thegeekyshiva.com to the IP address added in host file.
-Let us verify if the host file has been loaded in local DNS cache. First of all lets clear all dns cache by typing “ipconfig/flushdns” in cmd.
-Now type “ipconfig/displaydns” which will immediately load the host file information for thegeekyshiva.com
Step 3:
-If there is no cache in browser or local operating system then the query to resolve hostname reaches the Recursive DNS server configured by the administrator on the machine.On your home router you can have the recursive dns server setup as anything such as google’s DNS 8.8.8.8 or take the settings as provided by your ISP.
-In my case DNS server is pointed to 192.168.1.1 which is the router and it redirects to DNS servers configured on router as shown below.
-If the recursive servers already have the IP address we’re looking for in it’s cache (which would mean that someone else – another user from our ISP, probably – using these DNS servers has visited this site recently, and the information got saved in its cache) then we’re done! The ip address is returned to our operating system which is then stored in cache of both browser and operating system.
Step 4:
-If the Recursive/Resolving DNS server does not have ip address in its cache then it looks to have answers from the Root Name Servers.
-Root name servers are basically the top level hierarchy information provider in the DNS infrastructure which are used to query the actual Authorative name server described later.
–In total, there are 13 main DNS root servers, each of which is named with the letters ‘A’ to ‘M’. They all have a IPv4 address and most have an IPv6 address. Managing the root server is ICANN’s responsibility (Internet Corporation for Assigned Names and Numbers). However these are operated by different Operators as listed below.
-The Rescursive DNS servers in its softwares are pointed to these 13 root servers. Although these are not practically 13 root servers as with the help of Anycast routing these are distributed across the globe for faster resolutions and reliability and each of them carry exactly the same number of root zone information.Yes the Internet would STOP !!! if at all of these root servers go down which would be a very rare phenomenon to be happening considering the disaster recovery each of these server has.
Step 5:
-Root servers does not have IP address mapping in its database instead it forwards our request to something called as TLD (Top Level Domains).TLDs are basically the end part in any url such as “.com” , “.org” , “.net” and so on. A TLD (top-level domain) is the highest level of domain names in the root zone of the DNS of the Internet.
-Below is the dig trace performed online using Recursive Google DNS Server for thegeekyshiva.com which shows the first block where the request is forwarded to Root name Server.
-Second block refers to Top Level Domain to which the request was forwarded by Root Server.
Step 6:
-Authorative Name Server are the actual servers which has the domain to IP mapping for a particular website.In our case for thegeekyshiva.com the authorative name servers are “greg.ns.cloudfare.com” and “rosa.ns.cloudfare.com” in above image.
-The name Server with IP address 173.245.59.115 which corresponds to “greg.ns.cloudfare.com” gave us the ip address for thegeekshiva.com .
Step 7:
-The authorative name server responds back with IP address to the Recursive name Server which then stores this IP address till the TTL expires and forwards this information to the browser.
-The information received by the browser is cached in browser and also on local operating machine.
VOILA!!!! This is how the browser gets the IP address by the help of DNS.
Great work Shiva, Appreciate the effort in putting it together. Thanks a lot.
It is really very helpful article to understand the DNS workflow. Great Work
Great work Shiva!:-)
Great work!!
Easily understandable for non-technical guys also. Thanks
detailed explanation with good example ….