• VMware

    Learn about VMware virtualization for its products like vsphere ESX and ESXi, vCenter Server, VMware View, VMware P2V and many more

  • Linux

    Step by step configuration tutorials for many of the Linux services like DNS, DHCP, FTP, Samba4 etc including many tips and tricks in Red Hat Linux.

  • Database

    Learn installation and configuration of databases like Oracle, My SQL, Postgresql, etc including many other related tutorials in Linux.

  • Life always offers you a second chance ... Its called tomorrow !!!

    Sunday, January 19, 2014

    How does a DNS query works when you type a URL on your browser?

    Ever Wondered How does a DNS query works? I mean what happens exactly when you type www.golinuxhub.com on your browser. Honestly most of us are not bothered unless the web page doesnot opens.

    Anyways let me tell you what happens back end when you type a website name on a browser. We will go step by step and I will try to explain all the terminology coming on our way.

    What is DNS?

    It is a short abbreviation for Domain Name Server. DNS is a very vast topic and not possible to cover completely by me but to be brief it is nothing but can be considered a Telephone directory of all the web Address all over the Internet. The same way you can't remember the telephone numbers of all your friends, so you use a telephone directory using names for each number. Similarly DNS uses a hostname mapping to different IP Address saving your time to memorise those digits with simple names.

    What is FQDN?

    It is a short abbreviation for Fully Qualified Domain Name. Let me explain this one to you with an example

    For Eg www.example.com is a FQDN where www is the hostname, example is the domain name and .com is TLD(Top Level Domain)

    Now What is Top Level Domain (TLD) ?

    A top-level domain (TLD) is one of the domains at the highest level in the hierarchical Domain Name System of the Internet. The top-level domain names are installed in the root zone of the name space. For all domains in lower levels, it is the last part of the domain name, that is, the last label of a fully qualified domain name.The top-level domain names are installed in the root zone of the name space.

    What happens when we type www.golinuxhub.com on the browser?


    Here is an architectural representation to help you understand the flow of a DNS query
    How DNS query works

    Step 1 (Local hosts file and DNS cache)
    When the DNS server receives a query, it first checks to see if it can answer the query authoritatively based on resource record information contained in a locally configured zone on the server. If the queried name matches a corresponding resource record in local zone information, the server answers authoritatively, using this information to resolve the queried name.

    If no zone information exists for the queried name, the server then checks to see if it can resolve the name using locally cached information from previous queries. If a match is found here, the server answers with this information. Again, if the preferred server can answer with a positive matched response from its cache to the requesting client, the query is completed.

    Step 2 (ISP Recursive DNS servers)
    Suppose there is no DNS cache for www.golinuxhub.com in your browser. Next thing it will query your ISP Recursive nameservers. The ISP's contain Recursice DNS servers which does the DNS query on your behalf. Basically they don't keep any information about the DNS and their names records, instead they store a cache for the page from any earlier requests made.

    Step 3 (root servers)
    Next the query is sent to root nameservers.They will respond to our query with a lookup from right to left in a domain name i.e. www.golinuxhub.com.

    What is a root server?

    These are the servers which keep details of all the nameservers all around the world which are updated automatically every millisecond. Basically there are 13 root servers acting almost around the globe from a.root-servers.net through m.root-servers.net each associated with an IP Address.

    Now the query doesn't ends here as root servers may contain the list of all nameservs but they don't have the record of authoritative detail for any nameserver. So these root servers will redirect you to the TLD nameservers responsible for .com domains.

    You can view the list of 13 root servers in named.root or named.ca inside /var/named
    # less /var/named/named.root
    .                       518400  IN      NS      D.ROOT-SERVERS.NET.
    .                       518400  IN      NS      E.ROOT-SERVERS.NET.
    .                       518400  IN      NS      F.ROOT-SERVERS.NET.
    .                       518400  IN      NS      G.ROOT-SERVERS.NET.
    .                       518400  IN      NS      H.ROOT-SERVERS.NET.
    .                       518400  IN      NS      I.ROOT-SERVERS.NET.
    .                       518400  IN      NS      J.ROOT-SERVERS.NET.
    .                       518400  IN      NS      K.ROOT-SERVERS.NET.
    .                       518400  IN      NS      L.ROOT-SERVERS.NET.
    .                       518400  IN      NS      M.ROOT-SERVERS.NET.
    .                       518400  IN      NS      A.ROOT-SERVERS.NET.
    .                       518400  IN      NS      B.ROOT-SERVERS.NET.
    .                       518400  IN      NS      C.ROOT-SERVERS.NET.

    A.ROOT-SERVERS.NET.     3600000 IN      A
    B.ROOT-SERVERS.NET.     3600000 IN      A
    C.ROOT-SERVERS.NET.     3600000 IN      A
    D.ROOT-SERVERS.NET.     3600000 IN      A
    E.ROOT-SERVERS.NET.     3600000 IN      A
    F.ROOT-SERVERS.NET.     3600000 IN      A
    G.ROOT-SERVERS.NET.     3600000 IN      A
    H.ROOT-SERVERS.NET.     3600000 IN      A
    I.ROOT-SERVERS.NET.     3600000 IN      A
    J.ROOT-SERVERS.NET.     3600000 IN      A
    K.ROOT-SERVERS.NET.     3600000 IN      A
    L.ROOT-SERVERS.NET.     3600000 IN      A
    M.ROOT-SERVERS.NET.     3600000 IN      A

    ;; Query time: 110 msec
    ;; SERVER:
    ;; WHEN: Tue Feb 26 15:05:57 2008
    ;; MSG SIZE  rcvd: 615

    For more information on root servers you can follow this blog

    Step 4 (TLD servers)
    The TLD nameservers will now look up for the query provided by the root servers. At this stage they will ask the .com server regarding the details for www.golinuxhub.com. Here the .com server will reply that they do not have the address of www.golinuxhub.com but they do know where you can find it i.e authoritative nameservers.

    Step 5 (Authoritative nameservers)
    Now the authoritative nameservs are the one which contains all the information about any domain name which are stored in DNS records i.e A, CNAME, PTR, MX records etc.

    Here since we want an authoritative answer for domain www.golinuxhub.com, that means we are basically asking for Address (A) record for that nameserver. The A record would contain the list of IP Addresses on which the webpage is configured.

    Step 6 (ISP Recursive DNS cache)
    This A record is retrieved using the DNS recursive nameservers, so they will keep a copy of the record in it's cache to resolve it their itself without making any further queries for any request made to the same webpage.

    How long these cache will be stored with ISP?

    Every record is defined with a TTL value i.e. Total Time to Live according to which the cache will be stored up till a defined period of TTL after which the ISP DNS will again have to resend the query to get a new copy of the record and follow the above procedure to open the same webpage.

    Step 7 (Browser Cache)
    The browser now since got the look up IP for golinuxhub.com it will open up the webpage for you. Now your computer will also store a record of the cache for this page locally. So that the information can be collected instantly without making any further requests when same webpage is tried to access in future.

    These 7 steps process takes only a few seconds or also milliseconds depending upon your internet speed to finish.

    I hope I made my self clear. Keep surfing.

    Related Articles
    What is the difference between DNS A record and CNAME record?
    DNS server related errors
    Configure your BIND DNS server on different port no.
    How to configure BIND-9.2 DNS server in Red Hat Linux
    How to configure BIND-9.8 DNS server in Red Hat Linux 6
    How to configure a caching only bind DNS server in Red Hat Linux

    Follow the below links for more tutorials

    Configure Red Hat Cluster using VMware, Quorum Disk, GFS2, Openfiler
    Tutorial for Monitoring Tools SAR and KSAR with examples in Linux
    How to configure Samba 4 Secondary Domain Controller
    How to secure Apache web server in Linux using password (.htaccess)
    How to register Red Hat Linux with RHN (Red Hat Network )
    Red hat Enterprise Linux 5.5 Installation Guide (Screenshots)
    15 tips to enhance security of your Linux machine
    Why is Linux more secure than windows and any other OS
    What is the difference between "su" and "su -" in Linux?
    What is swappiness and how do we change its value?
    How to log iptables messages in different log file
    What are the s and k scripts in the etc rcx.d directories
    How to check all the currently running services in Linux
    How to auto start service after reboot in Linux
    What is virtual memory, paging and swap space?


    1. Hi Deepak,

      Could you please provide below query.

      ## What is DDNS and how it works ?