DNS and Domain Names - Complete Guide

What is DNS?

DNS (Domain Name System) is like the phonebook of the internet. It translates human-friendly domain names into computer-friendly IP addresses.

🌍 Why Do We Need DNS?

Without DNS:

You would have to remember: 142.250.190.46 to visit Google

With DNS:

You just type: google.com

DNS makes the internet user-friendly!

📝 What is a Domain Name?

A domain name is the address you type in your browser to visit a website.

Anatomy of a Domain Name:



https://www.example.com

  |     |    |      |

  |     |    |      └─ TLD (Top-Level Domain)

  |     |    └──────── Domain Name

  |     └───────────── Subdomain

  └─────────────────── Protocol





Examples:

- google.com - Domain

- www.google.com - Subdomain + Domain

- mail.google.com - Different subdomain

- api.github.com - API subdomain



🏗️ Domain Name Structure



1. Top-Level Domains (TLD)



Generic TLDs (gTLD):

- .com - Commercial (most popular)

- .org - Organization

- .net - Network

- .edu - Education

- .gov - Government

- .io - Tech startups

- .dev - Developers



Country Code TLDs (ccTLD):

- .us - United States

- .uk - United Kingdom

- .in - India

- .jp - Japan

- .de - Germany



2. Second-Level Domain (SLD)



The part you actually register:

- In google.com, "google" is the SLD

- In github.io, "github" is the SLD



3. Subdomain



Optional prefix to organize your site:

- www.example.com (web server)

- blog.example.com (blog)

- shop.example.com (e-commerce)

- api.example.com (API server)



🔄 How DNS Works



Step-by-Step DNS Lookup:



1. You Type a URL

   Browser: "I need to find example.com"



2. Check Browser Cache

   Browser: "Have I visited this recently?"

   - If YES: Use cached IP

   - If NO: Continue to step 3



3. Check OS Cache

   Operating System: "Do I have this cached?"

   - If YES: Return IP

   - If NO: Continue to step 4



4. Query DNS Resolver

   Your ISP: "Let me find this for you"



5. Query Root Server

   Root Server: "Try the .com nameserver"



6. Query TLD Server

   TLD Server: "Try example.com nameserver"



7. Query Authoritative Server

   Authoritative Server: "Here is the IP: 93.184.216.34"



8. Return to Browser

   Browser: "Got it! Connecting to 93.184.216.34"



🎯 DNS Record Types



A Record (Address)

Maps domain to IPv4 address



example.com → 93.184.216.34





AAAA Record

Maps domain to IPv6 address



example.com → 2606:2800:220:1:248:1893:25c8:1946





CNAME Record (Canonical Name)

Maps domain to another domain



www.example.com → example.com

blog.example.com → example.com





MX Record (Mail Exchange)

Directs email to mail servers



example.com → mail.example.com (Priority: 10)





TXT Record

Stores text information (often for verification)



example.com → "v=spf1 include:_spf.google.com ~all"





NS Record (Name Server)

Specifies authoritative name servers



example.com → ns1.example.com

example.com → ns2.example.com





⚡ DNS Caching



Why Caching?

DNS lookups take time. Caching speeds things up!



Cache Levels:



1. Browser Cache

   - Duration: Minutes to hours

   - Fastest lookup



2. Operating System Cache

   - Duration: Hours

   - Managed by OS



3. Router Cache

   - Duration: Hours to days

   - Shared by all devices



4. ISP Cache

   - Duration: Days

   - Serves many users



TTL (Time To Live)



TTL tells caches how long to store a record:



example.com  3600  IN  A  93.184.216.34

             |

             └─ TTL: 3600 seconds (1 hour)





🔍 DNS Lookup in Action



Using Command Line:



Windows:

bash

nslookup google.com





Mac/Linux:

bash

dig google.com





Using JavaScript:

javascript

// DNS lookup happens automatically

fetch("https://api.github.com")

  .then(response => response.json())

  .then(data => console.log(data));



// But you can see the resolved IP in browser DevTools





🛡️ DNS Security



DNS Spoofing / Cache Poisoning



Problem: Attacker tricks DNS to return wrong IP



Example:

- You type: bank.com

- Attacker makes DNS return: 123.45.67.89 (fake site)

- You think you are on bank.com, but you are not!



Solution: DNSSEC (DNS Security Extensions)



DNSSEC



Adds cryptographic signatures to DNS records:

- Verifies DNS responses

- Prevents tampering

- Ensures authenticity



🌐 Public DNS Servers



Instead of using your ISP DNS, you can use public DNS:



Google Public DNS

- Primary: 8.8.8.8

- Secondary: 8.8.4.4



Cloudflare DNS

- Primary: 1.1.1.1

- Secondary: 1.0.0.1

- Focus on privacy and speed



OpenDNS

- Primary: 208.67.222.222

- Secondary: 208.67.220.220

- Family-friendly filtering



Benefits:

- Often faster

- More reliable

- Better privacy

- Additional features (filtering, logging)



💻 Practical Examples



1. Check Your DNS Server



Windows:

bash

ipconfig /all





Mac/Linux:

bash

cat /etc/resolv.conf





2. Flush DNS Cache



Windows:

bash

ipconfig /flushdns





Mac:

bash

sudo dscacheutil -flushcache





Linux:

bash

sudo systemd-resolve --flush-caches





3. View DNS Records



Using nslookup:

bash

nslookup -type=A google.com

nslookup -type=MX google.com

nslookup -type=NS google.com





Using dig:

bash

dig google.com A

dig google.com MX

dig google.com ANY





🎓 Real-World Scenario



Setting Up a Website:



1. Register Domain

   - Choose domain name

   - Register with registrar (GoDaddy, Namecheap, etc.)

   - Pay annual fee



2. Point to Hosting

   - Get hosting server IP: 123.45.67.89

   - Update A record: yourdomain.com → 123.45.67.89



3. Add Subdomain

   - Create CNAME: www.yourdomain.com → yourdomain.com

   - Create CNAME: blog.yourdomain.com → yourdomain.com



4. Set Up Email

   - Add MX records for email service

   - Add TXT records for verification



5. Wait for Propagation

   - DNS changes take 24-48 hours to spread globally

   - TTL affects propagation speed



📊 DNS Performance



Factors Affecting DNS Speed:



1. Geographic Distance

   - Closer servers = faster response



2. DNS Server Load

   - Busy servers = slower response



3. Cache Status

   - Cached = instant

   - Not cached = lookup required



4. Network Congestion

   - Busy network = delays



Measuring DNS Speed:

bash

Time a DNS lookup

time nslookup google.com



Or use online tools

- DNS Speed Test

- DNSPerf.com





🔑 Key Takeaways



1. DNS translates domain names to IP addresses

2. Domain structure: subdomain.domain.tld

3. DNS lookup involves multiple servers

4. Caching speeds up subsequent lookups

5. Different record types serve different purposes

6. Security is important (use DNSSEC)

7. Public DNS can be faster than ISP DNS



📚 Next Steps



- Register your own domain name

- Set up custom DNS records

- Try different public DNS servers

- Learn about DNS management tools

- Explore advanced topics like load balancing with DNS



🔨 Practice Exercise



Check DNS records for your favorite websites:

bash

Check multiple record types

nslookup google.com

nslookup -type=MX google.com

nslookup -type=NS google.com



Time the lookup

time nslookup github.com



Compare different DNS servers

nslookup google.com 8.8.8.8

nslookup google.com 1.1.1.1

``

Now you understand how domain names work and how DNS powers the internet!