Abstract
- Server that stores DNS Record
DNS Resolver
- Acts as a middleman between a Client and a Authoritative DNS Server
- We can either create one using unbound or a 3rd-party services like 1.1.1.1. By default, we are using the DNS Resolver provider by our ISP
Mechanism
- After receiving a DNS query from a client, resolver will either respond with cached data, or send a request to Root DNS Server, followed by another request to a Top-Level Domain DNS Server, and then one last request to an Authoritative DNS Server. After receiving a response from the authoritative server containing the requested IP address, the resolver then sends a response to the client
Caching
Resolver will cache information received from authoritative nameservers.
When a client requests the IP address of a domain name that was recently requested by another client, the resolver can just deliver the client the requested record from its cache, avoid the expensive recursive query!
Root DNS Server
- 13 root DNS Server known to every DNS Resolver, and they are the first stop in a recursive resolver’s quest for DNS Record
Mechanism
- A root server accepts a recursive resolver’s query which includes a Domain Name, and the root nameserver responds by directing the recursive resolver to a Top-Level Domain DNS Server, based on the extension of that domain (.com, .net, .org, etc.)
13 Root DNS Servers
This does not mean that there are only 13 machines in the Root DNS Server. There are 13 types of Root DNS Server, but there are multiple copies of each one all over the world, which use Anycast routing to provide speedy responses. If you added up all the instances of root nameservers, you’d have over 600 different servers.
The root nameservers are overseen by a nonprofit called the Internet Corporation for Assigned Names and Numbers (ICANN).
Top-Level Domain DNS Server
- DNS Server that manages Generic top-level domains like
ninja&cometc or Country top-level domains likeuk&jpetc - Respond DNS Resolver the direction to the Authoritative DNS Server for a given Domain Name
Authoritative DNS Server
- The authoritative nameserver is usually the DNS Resolver’s last step in the journey for an IP Address
- Cloudflare DNS distributes authoritative nameservers, which come with Anycast Routing to make them more reliable
Mechanism
- Return IP Address of Domain Name base on A Record
- OR if the domain has a CNAME Record it will provide the recursive resolver with the Canonical Hostname (CNAME), at which point the recursive resolver will have to perform a whole new DNS lookup to procure a record from an Authoritative DNS Server (often an A record containing an IP address)