8 bits only: DNS namespaces and domain resolution in action

What is DNS?

DNS hierarchical namespace

credit: computerhope
  1. Root DNS server: These servers are the “roots” of the DNS service. They are the servers initially contacted when attempting DNS resolution, and respond back to clients with the IP address of the relevant Top-Level Domain Server for the client’s request. (For reference, there are only 13 root name servers, with multiple instances of each, resulting in 1381 instances of these servers worldwide as of writing, with tracking of this information at https://root-servers.org/).
  2. Top-Level Domain Server: TLD servers are the partitioning level for specific domain types e.g. .com, .edu etc. They are the second point of contact for DNS resolution, and return back to the client the IP address of an authoritative server for the given domain.
  3. Authoritative Server: These are the servers which give us our “final answer”. They will return back the corresponding IP address for the client’s requested domain name. In cases where a domain itself may have sub-domains (e.g. maps.google.com is a sub-domain of google.com), an authoritative server may deflect again, returning an IP address to another authoritative server tasked with handling DNS resolution for this sub-domain. Note that these authoritative servers may be managed directly by the domain owner, or through a DNS service provider.

Local Name Server

Putting it together

  1. Client forwards DNS resolution request to local DNS server
  2. If local DNS server has client requested domain cached, return corresponding IP address to client, skip to last step
  3. Local DNS server forwards client request to root name server, which responds back with address of relevant TLD server
  4. Local DNS server forwards requests to TLD server specified by root server, which responds back with corresponding authoritative server for the domain
  5. Local DNS server forwards request to authoritative server specified by TLD server, which responds back with IP address the domain maps to (or, if there are further sub-domains, potentially an IP address for a subsequent authoritative server, in which case, redo this step with the new authoritative server)
  6. local DNS server returns IP address for the given domain to the client, which can now execute network requests directly to the server

DNS in action

DNS Resolution

  • The DNS server which serviced our request (returned us the IP) is 192.168.50.1, and the port used is port 53 (this is a well-defined port reserved for DNS)
  • The Non-authoritative answer to our request is that the domain google.com maps to the IP address 142.250.69.206

What’s my Local DNS server?

  • The IP address of the server is 192.168.50.1 (confirming our hypothesis from earlier)
  • The network interface its corresponding resolver is associated with is en0 (this is a well-defined network interface for wi-fi)
  • We interact with this server by requesting A records (another way of saying what we get back is IP addresses)

Analyzing packets from/to local DNS server

  1. The client (us, 192.168.50.164.57882) initiates a request to the local DNS server, requesting the A record (the corresponding IP address) for the domain, example.com
  2. The local DNS server responds back with the A record, again from its own cache, which indicates the IP address for the requested domain is 93.184.216.34

--

--

--

Working on storage management and infrastructure at Azure SQL

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

{UPDATE} Bug Battle 3D Hack Free Resources Generator

B002: Solidity EC Signature Pitfalls

How to Participate in the EthClock Pre-sale

Responsible Red Teams

Sudo with Apple Touch ID

Hashicorp Consul Remote Command Execution via Services API

Develop a Community Management Web App for a major crypto company.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Aashray Anand

Aashray Anand

Working on storage management and infrastructure at Azure SQL

More from Medium

[How to ] Change your Admin Passwords in Open Distro for Elasticsearch on Centos 7.x

Hide your API keys and credentials from versioned code

Passwords 101

Sessions & Session Management

Session Concepts