Domain Name System

(DNS)
Siddhartha Pal - 22BIT0024
Madhuvanthi S - 22BIT0103
Saloni Sinha - 22BIT0445
Priyanshu Das - 22BIT0539
What is DNS?
Definition
The Domain Name System (DNS) is a hierarchical and decentralized naming system that translates
human-readable domain names (e.g., www.example.com) into machine-readable IP addresses (e.g.,
192.0.2.1). This process allows users to access websites and services without needing to memorize
complex
Functionnumerical IP addresses.
+ Importance

The Domain Name System (DNS) functions like the internet’s “phone book,” translating human-
friendly domain names into machine-readable IP addresses so that browsers can locate and load the
correct resources. To manage this efficiently, DNS is built on a hierarchical and distributed
database structure that includes root servers, top-level domain (TLD) servers, and authoritative
name servers. This layered design allows DNS to resolve queries effectively while distributing
the workload. One of the key strengths of DNS is its scalability and decentralization—it can
accommodate the enormous and growing number of internet-connected devices by delegating control
over subdomains to different entities, ensuring both fault tolerance and flexibility. To further
enhance performance, DNS resolvers cache query responses for a certain period. This caching
DNS Architecture
Root Servers
At the very top of the DNS hierarchy lies the root level, represented by a single dot (.).
Root servers are responsible for handling queries that cannot be answered by local caches
or resolvers. While they do not store IP addresses for specific domain names, they play a
crucial role by directing DNS queries to the appropriate Top-Level Domain (TLD) servers
based on the domain extension (such as .com, .org, or .uk). This makes root servers the
starting point for resolving domain names that are not already known by the DNS resolver.

TLD Servers
TLD servers sit just below the root servers in the DNS hierarchy. They are responsible
for handling specific domain extensions, which can be generic (like .com, .net, .org)
or country-code based (like .uk, .ca, .in). When a root server receives a DNS query,
it forwards it to the appropriate TLD server based on the domain extension. The TLD
server, in turn, provides the DNS resolver with information about the authoritative
name servers responsible for the requested second-level domain (such as example in
example.com).
Authoritative
Authoritative
Servers name servers are the final stop in the DNS lookup process, holding the
actual DNS records for a domain, including A records (which map domain names to IP
addresses), MX records (for email routing), and other critical information. When a TLD
server directs a query to an authoritative server, this server responds with the precise
IP address or relevant record needed to complete the DNS resolution. Because authoritative
servers store definitive data for a domain, they are essential for ensuring accurate and
Types of DNS
Records
A Record AAAA Record MX Record CNAME Record
Maps domain names to Maps domain names to Directs email traffic Creates an alias for
IPv4 addresses (e.g., IPv6 addresses, to the appropriate another domain name,
example.com → supporting modern mail servers, ensuring useful for subdomains
192.0.2.44). internet protocols. reliable email or load balancing.
delivery.
How DNS Works: The Query
Process
User Request
User enters a domain name in browser. Browser checks its cache.

Recursive Resolver
Query checks local cache; if not found, queries root server.
Resolver

Root DNS Server

Directs resolver to TLD name server; doesn't provide final IP.

TLD Name Server

Returns address of authoritative name server for domain.

Authoritative Name
Server
Holds DNS records and provides corresponding IP address.

Response to
Browsersends IP address to browser, which connects to web server.
Resolver
How DNS Works: The Query Process
When a user types a domain like www.example.com into a browser, a process called DNS
resolution begins. This translates the human-friendly domain into a machine-readable
IP address.

First, the user's device checks its local DNS cache. If the IP isn’t stored, it sends
a query to a Recursive DNS Resolver, usually managed by the ISP or a public DNS
service (like Google or Cloudflare). The resolver checks its own cache too; if there’s
no match, it begins a step-by-step search.

The resolver contacts a Root Name Server, which directs it to the correct Top-Level
Domain (TLD) Server, based on the domain extension (like .com). The TLD server then
points to the domain’s Authoritative Name Server, which contains the actual DNS
records.

The authoritative server responds with the correct IP address, which the resolver
sends back to the browser. The browser then uses this IP to connect to the web server
and load the website.

To speed things up next time, the resolver and device cache the result for a limited
Role of Root Name
Servers in DNS
Root name servers are critical to the DNS
infrastructure. They are the starting point for DNS
resolution.
1 Authoritative 2 Referral to TLD
Information Servers
Provide authoritative Direct queries to the
information about appropriate TLD name
top-level domains, servers for specific
such as .com domain information.
and .org.
3 Global Network
Operate on a globally distributed network to
ensure high availability and low latency.
Role of Root Name Servers in DNS
Root Name Servers are at the top of the DNS hierarchy and serve as the starting point
when a domain name can’t be resolved from cache. When a user enters a website like
www.example.com, and no cached IP is available, the recursive resolver contacts a root
server to begin the search.

Root servers don’t store IP addresses for specific domains. Instead, they redirect the
resolver to the correct Top-Level Domain (TLD) server—like .com or .org—bringing it one
step closer to the final answer.

There are 13 root server identifiers (A–M), but each is backed by hundreds of global
servers using anycast routing. This setup ensures fast and reliable responses by routing
queries to the nearest server, improving performance and minimizing delays.

Though root servers don’t answer every query directly, they play a crucial navigational
role in DNS resolution. If they were ever disrupted, DNS for uncached domains would slow
down or fail—impacting global internet access.

In short, root servers are like GPS starting points—they don’t give the final
Why DNS is
Indispensable
Simplifies Web Supports Critical Ensures Redundancy
Navigation Services and Load Balancing
Transforms complex IP • Email routing Maintains high availability
addresses into easy-to- • Cloud services and optimal performance.
remember domain names. • Content delivery networks
(CDNs)
Why DNS is
Indispensable
DNS is much more than just a tool for web browsing—it’s the backbone of many internet services we
use every day. From sending emails to streaming content and accessing cloud apps, DNS quietly
ensures everything connects and functions smoothly.

For web browsing, DNS translates easy-to-remember domain names (like google.com) into IP
addresses, so we don’t have to memorize numbers. In email, DNS uses MX records to route messages
to the correct mail servers.

Cloud services like Microsoft 365, AWS, and Zoom rely on DNS to route users to the nearest or most
efficient server, improving speed and reliability. Similarly, CDNs (e.g., YouTube, Netflix) use DNS to
send content from the closest server, reducing load times and buffering.

For high-traffic websites, DNS enables load balancing, directing users to different servers to avoid
overload. It also supports redundancy—if one server fails, DNS redirects traffic to a backup, ensuring
uptime.
Challenges of DNS in
Distributed Systems
DNS faces significant challenges in distributed environments.
Consistency, scalability, failure handling, and security are key
concerns.
Consistency
Maintaining consistent DNS records across distributed zones is
crucial.

Scalability
DNS must handle high query volumes and frequent updates efficiently.

Failure Handling
DNS infrastructure should gracefully handle server failures and
network partitions.

Security
Protecting DNS from attacks like hijacking and DDoS is essential.
Navigating DNS Security
Risks
DNS Hijacking
Redirects queries through rogue DNS
1
servers.

DDoS Attacks
2 Overloads DNS servers with excessive
traffic.

DNS Spoofing

3 Corrupts DNS records, redirecting users to

malicious sites.
DNS Load Balancing and Performance
Optimization
1 Multiple Servers 2 Round-Robin DNS
Employ primary and secondary servers. This Rotate multiple IP addresses for a domain.
ensures redundancy if one server fails. Distribute traffic across different servers
evenly.
3 Anycast Routing 4 DNS Failover
Share the same IP across multiple DNS servers. Some DNS services monitor the health of
Route requests to the nearest server to reduce backend servers. If a server becomes
latency. unresponsive, the DNS automatically removes it
from responses.

5 Load-Balancing
ServicesDNS services integrate with CDNs or cloud-based global load balancers. Policies like
Advanced
geolocation-based routing direct users to the closest or least-loaded server.
DNS Load Balancing and Performance
Optimization (…cntd)
Caching Techniques Load Balancing
Methods
ISP-level, browser, and OS-level caching for Geographical load balancing directs users to
reduced latency and faster response times. the nearest server, while round-robin DNS
Caching stores DNS records temporarily to alternates responses between multiple IP
speed up future queries, enhancing user addresses. Load balancing distributes network
experience by reducing the need to repeatedly traffic across multiple servers, preventing
fetch the same information. overload and ensuring high availability and
optimal performance.
Handling DNS Server
Failures
1 Cached Records 2 Service
Clients will continue using cached DNS Disruption
New DNS lookups will fail, causing service
records for a limited time. This helps to disruptions. Users may experience
minimize immediate disruptions, as clients inability to access websites or services
can still access previously resolved until the DNS issue is resolved.
domains.
3 Redundancy 4 Monitoring
Implement multiple geographically diverse Continuous monitoring and alerts for
DNS servers for redundancy. Distributing prompt issue resolution. Real-time
servers across different locations monitoring allows for quick detection and
minimizes the impact of regional outages mitigation of potential DNS server
and improves overall resilience. failures.
Mitigating Security Risks with Robust
Protocols
DNSSEC
Prevent DNS spoofing with digital signatures.

DNS-over-HTTPS
(DoH)
Encrypt DNS queries to protect user privacy.

Monitor DNS
Traffic
Detect anomalies indicative of security breaches.

Regular Updates
Patch DNS infrastructure to address vulnerabilities.
Mitigating Security Risks with Robust
Protocols(...ctd)
DNS, while powerful, can be vulnerable to attacks like spoofing, cache poisoning,
and man-in-the-middle attacks.

DNSSEC (Domain Name System Security Extensions) helps protect against spoofing by
digitally signing DNS data. It ensures the integrity and authenticity of responses—
so users aren’t misdirected to malicious sites.

DoH (DNS over HTTPS) encrypts DNS queries using HTTPS, protecting user privacy by
preventing ISPs and attackers from seeing what websites are being accessed. It’s
especially useful on public or untrusted networks.

Monitoring DNS traffic is also critical. It helps detect unusual patterns, like
sudden spikes or unknown domain queries, which could indicate malware activity or
data exfiltration.

Combining these approaches—DNSSEC, DoH, and proactive monitoring—strengthens DNS

security and helps safeguard both users and organizations from DNS-based threats.
DNS Setup Best
PracticesMultiple Servers
Deploy DNS servers across various
geographical regions to ensure
Anycast DNS
redundancy and minimize latency.
Implement Anycast to efficiently route
user requests to the closest available
Load Balancing
server, optimizing response times.
Distribute DNS traffic effectively using
Round-Robin DNS or GeoDNS to prevent
DNSSEC
server overloads and ensure high
Enable DNSSEC to protect against DNS
availability.
spoofing and ensure the integrity of DNS
responses, enhancing overall security.
DNS Setup Best
To ensure secure and efficient DNS operations, it's important to follow best
Practices
practices. Start by deploying redundant DNS servers across multiple locations
to enhance availability and fault tolerance.

1. Implement DNSSEC (Domain Name System Security Extensions) to protect against

DNS spoofing and ensure the authenticity of responses. Restrict zone
transfers to specific, trusted IP addresses and use firewalls to control who
can query your servers.
2. Monitoring DNS traffic helps detect unusual patterns that may indicate
attacks, while rate limiting can mitigate DDoS threats.
3. Keep DNS software and server operating systems updated to patch known
vulnerabilities, and harden systems by disabling unnecessary services and
ports.
4. Using anycast routing improves speed and resilience by directing users to
the nearest available server.
5. Additionally, tuning TTL (Time-to-Live) values can help balance the need for
quick updates with the benefits of caching. Together, these practices