Domain Name System (DNS)

DNS is the phonebook of the internet. It translates human-readable domain names (like www.example.com) into IP addresses that computers use to identify each other.

How DNS Works

When you type a URL in your browser:

1. Browser Cache: First checks if the domain was recently resolved
2. OS Cache: Checks the operating system's DNS cache
3. Resolver: Contacts your ISP's DNS resolver
4. Root Server: If not cached, queries the root DNS server
5. TLD Server: Directs to Top-Level Domain server (.com, .org, etc.)
6. Authoritative Server: Returns the final IP address

DNS Record Types

DNS Caching

DNS responses are cached at multiple levels to improve performance:

interface DNSCache {
  ttl: number;        // Time-to-live in seconds
  record: DNSRecord;
  timestamp: Date;
}
 
// Typical TTL values
const TTL_VALUES = {
  short: 300,      // 5 minutes - frequently changing
  medium: 3600,    // 1 hour - standard
  long: 86400,     // 24 hours - stable records
};

DNS Load Balancing

DNS can distribute traffic across multiple servers:

Round Robin

Returns different IP addresses in rotation:

Query 1: example.com → 192.168.1.1
Query 2: example.com → 192.168.1.2
Query 3: example.com → 192.168.1.3

Geolocation-based

Returns IP based on user's location for lower latency.

Weighted

Assigns weights to different servers based on capacity.

DNS Security

Common Attacks

• DNS Spoofing: Returning fake IP addresses
• DNS Amplification: DDoS using DNS responses
• Cache Poisoning: Injecting malicious records

Protection Mechanisms

• DNSSEC: Cryptographic signatures for DNS records
• DNS over HTTPS (DoH): Encrypts DNS queries
• DNS over TLS (DoT): TLS encryption for DNS

Best Practices

1. Use multiple DNS providers for redundancy
2. Set appropriate TTLs based on change frequency
3. Implement DNSSEC for security
4. Monitor DNS performance and availability
5. Use anycast DNS for global distribution