When you type a web address like www.bing.com into your browser, something interesting happens behind the scenes. The Domain Name System (DNS) springs into action. DNS is essentially the Internet’s phone book. It translates human friendly domain names into the numerical IP addresses that computers use to identify each other.
What Happens When You Enter a Domain Name
Every device connected to the Internet has a DNS resolver configured, often your Internet provider’s or a public one such as Google DNS (8.8.8.8). When you try to visit a website:
Your DNS resolver checks if it already knows the IP address for that domain (from its cache).
If it doesn’t, it asks an even higher-level DNS server, known as a root server, where to find more information.
The Role of Root Servers
There are 13 main root DNS servers operated by organizations like Verisign and ICANN. These servers don’t store every web address instead, they know where to find the top-level domain (TLD) servers, such as .com, .net, or .io.
You can find the complete list of root servers here: https://www.iana.org/domains/root/servers.
For example, running a command like:
root@pp:~# nslookup -type=NS com. l.root-servers.net Server: l.root-servers.net Address: 199.7.83.42#53 Non-authoritative answer: *** Can't find com.: No answer Authoritative answers can be found from: com nameserver = a.gtld-servers.net. com nameserver = b.gtld-servers.net. com nameserver = c.gtld-servers.net. com nameserver = d.gtld-servers.net. com nameserver = e.gtld-servers.net. com nameserver = f.gtld-servers.net. com nameserver = g.gtld-servers.net. com nameserver = h.gtld-servers.net. com nameserver = i.gtld-servers.net. com nameserver = j.gtld-servers.net. com nameserver = k.gtld-servers.net. com nameserver = l.gtld-servers.net. com nameserver = m.gtld-servers.net. a.gtld-servers.net internet address = 192.5.6.30 b.gtld-servers.net internet address = 192.33.14.30 c.gtld-servers.net internet address = 192.26.92.30 d.gtld-servers.net internet address = 192.31.80.30 e.gtld-servers.net internet address = 192.12.94.30 f.gtld-servers.net internet address = 192.35.51.30 g.gtld-servers.net internet address = 192.42.93.30 h.gtld-servers.net internet address = 192.54.112.30 i.gtld-servers.net internet address = 192.43.172.30 j.gtld-servers.net internet address = 192.48.79.30 k.gtld-servers.net internet address = 192.52.178.30 l.gtld-servers.net internet address = 192.41.162.30 m.gtld-servers.net internet address = 192.55.83.30 a.gtld-servers.net has AAAA address 2001:503:a83e::2:30 b.gtld-servers.net has AAAA address 2001:503:231d::2:30
Returns a list of authoritative name servers for the .com domain (like a.gtld-servers.net, b.gtld-servers.net, and so on).
How the Chain Continues
Once your resolver learns which server manages the .com domain, it asks one of those servers for information about the second-level domain "bing" assuming bing.com is the domain we are trying to resolve. That query returns another set of authoritative servers, such as Microsoft’s own DNS servers hosted under azure-dns.com.
Finally, those servers respond with the actual IP address of www.bing.com, and your browser uses that to load the page.
Verify by:
$ root@pp:~# nslookup -type=NS bing.com a.gtld-servers.net Server: a.gtld-servers.net Address: 192.5.6.30#53 Non-authoritative answer: *** Can't find bing.com: No answer Authoritative answers can be found from: bing.com nameserver = dns1.p09.nsone.net. bing.com nameserver = dns2.p09.nsone.net. bing.com nameserver = dns3.p09.nsone.net. bing.com nameserver = dns4.p09.nsone.net. bing.com nameserver = ns1-204.azure-dns.com. bing.com nameserver = ns2-204.azure-dns.net. bing.com nameserver = ns4-204.azure-dns.info. bing.com nameserver = ns3-204.azure-dns.org. ns1-204.azure-dns.com internet address = 13.107.236.204 ns1-204.azure-dns.com has AAAA address 2603:1061:0:700::cc
This provides the authoritative servers for second level domains. Then that provides the IP address correspondingly.
Usually this traffic is done on UDP port 53 in plain text format. Other secure ways is like DOH (DNS over https), DOT (DNS over TLS), DNSCrypt etc.
***
No comments:
Post a Comment