Domain Name System
DNS
The internet's phone book — translates human-friendly names into machine-readable IP addresses using a distributed, hierarchical architecture.
DNS (Domain Name System) is a client-server application that maps host names into their corresponding IP addresses. This mapping process is called name resolution, name translation, or name mapping.
Why Do We Need Names?
- Computers only understand numeric IP addresses
- IP addresses like
142.250.185.14are nearly impossible for humans to remember - We need a way to use friendly names like
google.com
- Use alphanumeric names to refer to hosts
- Add a distributed, hierarchical protocol (DNS) to map names → IP addresses
- Humans use names; machines use numbers — DNS bridges the gap
DNS is like a phone book. You look up "Pizza Hut" (the name), and it gives you their phone number (the IP address). Without DNS, you'd need to memorize every website's number!
DNS is officially categorized as an Internet Directory Service and is a client-server application. Know that it operates at the Application Layer and uses port 53 with either UDP or TCP.
- DNS maps host names to IP addresses (name resolution)
- Needed because humans use names; networks use numbers
- It is a client-server application at the application layer
- Uses port 53, supports both UDP and TCP
The Name Space is how DNS manages and organizes all unique host names on the Internet. Since IP addresses must be unique, host names must also be unique. DNS uses a hierarchical tree structure to manage this vast number of names.
- Each name is made of several parts (labels), separated by dots (.) — e.g.,
aComputer.bDept.topUniversity.edu. - Names are organized in a tree structure with the root at the top
- Each node in the tree has a label
- Children of the same node must have different labels — this guarantees uniqueness
- Labels are read from the node upward to the root
- The root has an empty label, represented by a dot (
.)
"Leaves to Root, Left to Right when writing" — Labels are read from the leaf node upward toward the root. The rightmost label in a written domain name is the top-level domain (closest to the root), and the leftmost is the most specific (farthest from root).
Control is decentralized:
- IANA (central authority) assigns the top-level domains (e.g.,
.com,.edu,.sa) and organization names (e.g., IEEE, CNN, McGraw) - Local organizations manage their own subdomains (e.g.,
cis,eng,sales)
| Label | Description | Label | Description |
|---|---|---|---|
aero |
Airlines & aerospace | int |
International organizations |
biz |
Businesses or firms | mil |
Military groups |
com |
Commercial organizations | museum |
Museums |
coop |
Cooperative organizations | name |
Personal names (individuals) |
edu |
Educational institutions | net |
Network support centers |
gov |
Government institutions | org |
Nonprofit organizations |
info |
Information service providers | pro |
Professional organizations |
A domain is a subtree of the domain name space. It consists of a group of hosts under the administrative control of a single entity (like a company or government agency). Each domain can be further divided into subdomains.
The domain name is the name of the node at the top of that subtree. Leaf nodes (nodes with no children) may represent a single host or thousands of hosts.
The Internet is divided into more than 200 top-level domains. Remember: IANA controls top-level domains, and local organizations manage everything below their assigned domain.
- DNS uses a hierarchical tree structure called the Name Space
- Each name = sequence of labels separated by dots, read bottom-up
- Root is represented by "." (a dot)
- IANA controls top-level domains; organizations control subdomains
- Children of same node must have unique labels → guarantees uniqueness
FQDN — Fully Qualified Domain Name
- Contains the complete domain name
- Ends with a dot (the root)
- Example:
challenger.atc.fhda.edu. - Example:
cs.hmme.com. - Example:
www.funny.int. - Can be translated into an IP address
PQDN — Partially Qualified Domain Name
- Contains only a partial name (the suffix is missing)
- Does NOT end with a dot
- Example:
challenger.atc.fhda.edu - Example:
cs.hmme - Example:
www - The missing suffix is completed by the DNS resolver
Only FQDN can be mapped to an IP address. PQDN are used to refer to a name that belongs to the same site. The DNS client program (resolver) automatically completes the remaining part (suffix) of the name.
How to tell FQDN from PQDN?
Look for the trailing dot! www.google.com. (with dot) = FQDN.
www.google.com (no dot) = PQDN. In practice, browsers hide the trailing dot, but DNS
internally uses it.
Fully = Finished (ends with a dot = complete). Partially = Pending (needs the resolver to finish it). "Full names go first; partial names need a partner (resolver)."
All the information in the domain name space must be stored somewhere. The question is: where?
❌ Centralized (Bad Idea)
- Heavy traffic from all over the world
- Single point of failure — if it goes down, nothing works
- Very hard to maintain and keep updated
✅ DNS: Distributed (The Solution)
- Uses many computers called name servers
- Organized hierarchically and spread worldwide
- No single host has all mappings for all internet hosts
- Fault-tolerant and efficient
Stores the master copy of the zone data on disk files. It is authoritative for its zone. Any changes to zone data happen here first.
Downloads all zone data from the primary server. This download process is called a zone transfer. It provides redundancy and load distribution.
Has references (pointers) to all top-level domain name servers. There are 13 root servers distributed around the world.
When a secondary server downloads information from a primary server, this process is called a zone transfer. It ensures the secondary is always synchronized with the primary.
There are 13 root servers distributed worldwide. Primary loads from disk; secondary loads from primary. DNS = distributed database system.
"P-S-R" = Primary-Secondary-Root
Primary = Persists on disk | Secondary =
Synchronizes from primary | Root = References
top-level domains
- DNS is a distributed database system — not centralized
- Primary servers: master data on disk; Secondary: copy from primary (zone transfer)
- Root servers: 13 worldwide, point to top-level domain servers
- No single host has ALL mappings
Name Resolver (Client) — the client part of DNS. Receives a request from an application (e.g., HTTP browser), sends a DNS query, and returns the IP address in a format compatible with the local host.
Name Server — the server part of DNS. Its hostname starts with the DNS label. Answers queries from resolvers.
There are two techniques for resolving a name to an IP address:
In recursive resolution, each server takes full responsibility for finding the answer and returns it directly to the requester. The chain of queries goes out and comes back through the same path.
-
Host A queries its local name server (B) for an IP address
-
If B has the answer (in cache or database) → returns it to A. Otherwise, B queries the root name server
-
If root doesn't have it, root queries the next-level name server (C)
-
This repeats down the hierarchy until the answer is found
-
The answer is passed back up through each server until it reaches A
In iterative resolution, the local name server does all the work. Each contacted server simply replies with the address of the next server to try — it doesn't query on behalf of the local server.
-
Host A queries local name server B for an IP address
-
If B doesn't have it, B contacts the root server
-
Root server replies to B with the IP address of DNS.com (not the answer itself)
-
Local server B then queries DNS.com directly
-
DNS.com replies with the IP address of DNS.mcgraw.com
-
Local server B queries DNS.mcgraw.com
-
DNS.mcgraw.com returns the final IP address to B
-
B returns the answer to A
| Feature | Recursive | Iterative |
|---|---|---|
| Who queries next server? | Each server queries the next one | Local server queries all servers itself |
| Work burden | Distributed across all servers | Local name server does all the work |
| Path of answer | Returns back through the chain | Returns directly to local server |
| Number of messages | More messages, spread out | More messages, but all from local server |
| Common use | Between clients and local server | Between name servers |
Recursive: Think of a relay race — each runner (server) passes the baton (query) to the next, and the answer travels back the same way.
Iterative: Think of asking for directions — each person tells you where to go next, but YOU have to walk there yourself. The local server is the one doing all the walking.
In recursive: the local server gets the final answer from the root server chain. In iterative: the local server gets referrals and queries each server itself. The local name server is the key player in iterative resolution — it queries ALL servers directly.
Recursive = Relay (pass it along). Iterative = I do it myself (local server does all the querying).
- Two resolution techniques: Recursive and Iterative
- Recursive: each server queries the next; answer travels back through the chain
- Iterative: local server queries each server directly based on referrals
- Both start with: Host → Local Name Server
DNS Caching is a mechanism that stores previously resolved name-to-IP mappings temporarily. When a server receives a query for a name not in its domain, it normally searches its database for a server IP. Caching reduces this search time and improves efficiency.
How Caching Works
When a server resolves a name-to-IP mapping (even for names outside its zone), it stores that mapping in its cache for future use. Next time the same name is queried, it answers from cache without querying other servers.
Cached data has a TTL (Time to Live) value. After the TTL expires, the cached entry is discarded and must be re-resolved. This prevents serving stale (outdated) IP addresses.
Caching is like your phone's recent contacts list. Instead of searching your full phonebook every time you call someone, recently dialed numbers are quickly accessible. DNS caching works the same way — frequently-visited sites resolve faster.
DNS caching is used by all levels of name servers, not just local ones. In both recursive and iterative resolution examples, if any server already has the answer in its cache or database, it returns immediately without continuing the query chain.
The Full DNS Flow (How an App Uses DNS)
-
User types a host name (e.g.,
www.google.com) into an app like a web browser -
The app passes the host name to the DNS client (resolver) via a system call
-
The DNS client sends a query to the DNS server
-
The DNS server sends a response with the IP address
-
The DNS client returns the IP address to the application
-
The application uses the IP address to communicate at the network layer
DNS can use the services of UDP or TCP using the well-known port 53.
UDP is used for most normal queries (fast, connectionless). TCP is used for zone transfers between primary and secondary servers, and when the response data is too large for UDP.
DNS uses port 53 for both UDP and TCP. This is a well-known port. "Well-known" means it is standardized and universally recognized for DNS service.
- DNS is invoked transparently by applications — users just type names
- Resolver (client) ↔ Name Server (server) communicate on port 53
- UDP for normal queries; TCP for zone transfers and large responses
- DNS operates at the Application Layer but serves all layers above the network
Core Concepts
Name Space
FQDN vs PQDN
Servers
Resolution Types
Caching
Click any question to reveal the answer and explanation.
DNS (Domain Name System) is an Internet Directory Service and a client-server application that maps host names to their corresponding IP addresses. It solves the problem that computers only understand numeric IP addresses, while humans prefer and remember alphanumeric names. DNS acts as the translator between the two.
FQDN (Fully Qualified Domain Name): A complete domain name that ends with a dot
(the root). Example: cs.hmme.com. — only FQDNs can be translated (mapped) to IP
addresses.
PQDN (Partially Qualified Domain Name): An incomplete name with no trailing dot.
Example: cs.hmme — the DNS resolver fills in the remaining suffix. PQDNs are used
to refer to names within the same site.
A centralized DNS would be inefficient and unreliable because: (1) Heavy traffic from all over the world would overload a single server. (2) A single failure would make ALL names unavailable (single point of failure). (3) It would be extremely hard to maintain. DNS is instead a distributed database system using many name servers organized hierarchically and spread worldwide — no single host has all mappings.
Recursive resolution: Each server takes full responsibility. When the local server doesn't have the answer, it queries the root server. The root queries the next level, and so on. The final answer travels back through the chain to the local server, then to the client. Like a relay — each node passes the query forward and brings the answer back.
Iterative resolution: The local name server does all the work. Each queried server simply replies with a referral (the address of the next server to try), and the local server itself sends all subsequent queries. The local server is the hub of all communication.
A zone transfer occurs when a secondary name server downloads all zone data from a primary name server. A primary server loads its information from disk files and is the authoritative source. A secondary server keeps a copy of this data by periodically performing zone transfers from the primary. This process uses TCP on port 53.
DNS uses the well-known port 53 and supports both UDP and TCP. UDP is used for most standard queries (faster, no connection overhead). TCP is used for zone transfers between name servers and when the DNS response is too large to fit in a single UDP datagram.
DNS caching is a mechanism where name servers store previously resolved name-to-IP mappings temporarily. Each time a server resolves a mapping (even for names outside its own domain), it saves that result. The next time the same name is queried, the server can answer from its cache immediately, without performing a full resolution process. This significantly reduces search time and improves efficiency. Cached entries expire based on a TTL (Time to Live) value.
Control is decentralized. IANA (Internet Assigned Numbers Authority) is the
central authority that assigns top-level domain labels (like .com,
.edu, .sa) and organization names (like McGraw, IEEE, CNN). Local
organizations then manage everything below their assigned domain — they control their own
subdomains (like cis, eng, sales). This allows name
assignment to be decentralized and scalable.
There are 13 root servers distributed around the world. Their role is to hold
references (pointers) to all top-level domain name servers. When a local name server cannot
resolve a name, it ultimately contacts a root server, which directs it to the appropriate
top-level domain server (e.g., the .com server or the .edu server).
Step 1: lab.CS.PSU.EDU.SA contacts its local name server DNS.PSU.EDU.SA to query for the IP of Sales.mcgraw.com.
Step 2: DNS.PSU.EDU.SA (no answer in cache/DB) contacts the root name server.
Step 3: Root server (no answer) contacts DNS.com.
Step 4: DNS.com (no answer) contacts DNS.mcgraw.com.
Step 5: DNS.mcgraw.com returns the answer to DNS.com.
Step 6: DNS.com returns the answer to the root name server.
Step 7: Root name server returns the answer to DNS.PSU.EDU.SA.
Step 8: DNS.PSU.EDU.SA returns the answer to host lab.CS.PSU.EDU.SA.