DNS Query
- DNS Resolver
Any DNS server is a DNS resolver. They can respond to either iterative or recursive DNS queries. Not all DNS servers will accept recursive queries. An iterative query asks if the server has local information, while a recursive query asks the server to look into it and provide the answer.
- Root Nameserver
There are 13 root nameservers in the world, that each DNS resolver knows about. These are iterative DNS servers that will respond to DNS queries with referrals to the corresponding Top-Level-Domain (TLD) nameservers.
- Top-Level Domain (TLD) Nameserver
A nameserver for one of the top-level domains such as
.com
,.org
,.net
, etc. It will respond to queries with a referral to the Authoritative Nameserver of a given subdomain. E.g.,www.example.com.
will be redirect to the nameserver forexample.com.
.- Authoritative Nameserver
A nameserver that is responsible for for a given domain. It may return a response itself for a given query or refer to another nameserver for a subdomain.
Forward DNS Lookup
During a foward lookup you resolve a FQDN to its corresponding IP address. The
following illustrates what happens when trying to resolve www.google.com
to
its IP address.
The FQDN is
www.google.com.
A client contacts the local DNS server and ask for a name resolution of
www.google.com.
If the result isn’t cached, the local DNS server will do the resolution for you if it is set up to be recursive.
A recursive DNS server will contact one of the root nameservers.
This will return the authorative DNS server for the
.com
top-level domain.The local DNS server will then contact this
.com
DNS server and ask again to resolvewww.google.com.
That DNS server will tell it to contact the DNS server for
google.com
insteadFinally, asking the
google.com
nameserver will return the necessary IPThe local DNS server will then send the response of this iterative process to the client who made the original request and cache it
Reverse DNS lookup
A reverse DNS lookup is used to the determine the FQDN of an IP address. For
this a domain name is generated based on the IP. The domain name that is
resolved is the IP decimal numbers from right to left, separated by a dot,
followed by the in-addr.arpa.
domain.
This domain is then resolved the same way as a foward query. The only difference is that instead of the IP address (A) record it returns the pointer (PTR) record.