DNS Queries Explained

Written by adamonthecode | Published 2020/09/02
Tech Story Tags: dns | networking | cybersecurity | network-security | ip-address | dns-services | dns-zone | dns-history-lookup

TLDR Every domain in existence is linked to an Internet Protocol (IP) address. When a user enters a website into the address bar, a translation must occur between the domain that the user types in (www.example.com) and the IP address which the domain is linked. This is what the domain name system (DNS) is. There are three main DNS queries: Recursive, non-recursive, and iterative — which may be explained in the following way: Recrewable DNS queries.via the TL;DR App
DNS is a topic often considered difficult to understand, but the basic workings are actually not hard to grasp. The first fundamental point to grasp is that every domain in existence is linked to an Internet Protocol (IP) address.
Though loading a webpage may seem like magic, it is not. If one were to open up their web browser, type www.example.com and hit enter, their computer would then ask a server where to load that website from. In response, this server would respond with an IP address in order to be directed to the website of choice — that is what the domain name system (DNS) is.
In other words, when a user enters a website into the address bar, a translation must occur between the domain that the user types in (www.example.com) and the IP address which the domain is linked to. The task taking place behind the scenes here is referred to as a DNS name resolution.
The way in which this works can be compared to how a postcode is used in combination with a door number in order to be directed to a literal geographical location. The reason for this is because a long string of numbers like 93.184.216.34, which is the IP address for the domain in this scenario, would be too difficult for human beings to memorize or remember for each and every website. To solve this, DNS was created to operate as a directory for the internet. This particular process is known as a DNS query.
However, it is important to note that there are three main types of DNS queries and this is where it becomes slightly more technical. These three types being: recursive, non-recursive, and iterative — which may be explained in the following way:
1. Recursive DNS query — This form of DNS query will attempt to obtain a DNS name resolution by connecting to a recursive DNS server. Most of these are run by internet service providers (ISPs) and will be the default for the average user unless changed. Once a computer connects to the assigned recursive server, it will ask “what is the IP address for this website?” The first thing that the recursive server will then do is check to see if the IP address for the URL in question can be located within its local cache. This would be the case if you had visited the website before, as the IP address would be stored in a local repository. If so, the user will successfully be able to load the website. However, if this is not the case and it does not exist within the local cache then the recursive DNS server will attempt to obtain the IP address through other means.
Fortunately, most ISPs usually provide a recursive DNS for this very purpose which contains its own cache system so the user does not have to rely on having visited the website before or local cache. The next step in the recursive process would involve trying the request over and over until a response is given. The query is run multiple times to check if the DNS query can be filled from its own cache or by querying other trusted DNS servers. It moves down its list of trusted DNS servers in a hierarchical order to ensure that the most important DNS servers are checked first. Once this process is complete, the user will either be returned with an IP address, a uniform resource locator (URL) or an error message stating that the requested (site) does not exist.
2. Non-Recursive DNS Query — This form of DNS query is able to respond immediately since the DNS resolver already knows how to obtain the answer to the query. This is because the DNS record is either stored in the local cache or a DNS name server has been queried which is authoritative and definitely holds the IP address for the hostname. In other words, a response is immediately returned to the client because unlike recursive and iterative queries, there is no need for additional rounds of queries.
3. Iterative DNS query — This form of DNS query works by allowing the client to directly communicate with each DNS server involved in the lookup. This is in contrast to recursive DNS queries, which use a DNS server to communicate with other DNS servers. Once a server has received an iterative query it will either return the IP address of the requested hostname or it will issue a referral, which means that it will produce the address of a DNS server that should know. The client is then able to directly issue an iterative query to this referred server.
This article has introduced DNS and defined DNS queries. There are still numerous other aspects of DNS such as zones, records, load balancing, and scavenging — which one should familiarise themselves with in order to gain a more technical and comprehensive understanding of DNS as a whole.
Written by adamonthecode | Cyber Security Student
Published by HackerNoon on 2020/09/02
ABOUTHow hackers start their afternoons. We publish tech stories and build publishing software.

READEntirely free library read by hundreds of millions to learn anything about any technology.

WRITEHackerNoon elevates quality technology writing far and wide across the interwebs.

PARTNERHackerNoon works directly with tech companies to place ads by content relevancy