0
0
HLDsystem_design~15 mins

DNS and how domain resolution works in HLD - Deep Dive

Choose your learning style9 modes available
LearnWhyDeepArchPracticeChallengeDesignRecallScale
Overview - DNS and how domain resolution works
What is it?
DNS stands for Domain Name System. It is like the phonebook of the internet that translates easy-to-remember domain names like example.com into IP addresses that computers use to find each other. When you type a website name in your browser, DNS helps your device find the exact server to connect to. This process is called domain resolution.
Why it matters
Without DNS, we would have to remember long strings of numbers (IP addresses) for every website, which is hard and error-prone. DNS makes the internet user-friendly and scalable by allowing names instead of numbers. It also helps route traffic efficiently and supports services like email and security.
Where it fits
Before learning DNS, you should understand basic internet concepts like IP addresses and how computers communicate over networks. After DNS, you can explore related topics like load balancing, CDN (Content Delivery Networks), and security features like DNSSEC.
Mental Model
Core Idea
DNS is a global, distributed directory that translates human-friendly domain names into machine-friendly IP addresses to connect devices on the internet.
Think of it like...
DNS is like a phonebook where you look up a person's name to find their phone number before calling them.
┌───────────────┐       ┌───────────────┐       ┌───────────────┐
│ User's Device │──────▶│ DNS Resolver  │──────▶│ Root DNS Server│
└───────────────┘       └───────────────┘       └───────────────┘
                              │                        │
                              ▼                        ▼
                      ┌───────────────┐       ┌───────────────┐
                      │ TLD DNS Server│──────▶│ Authoritative │
                      └───────────────┘       │ DNS Server   │
                                              └───────────────┘
Build-Up - 7 Steps
1
FoundationWhat is DNS and Why It Exists
🤔
Concept: Introduce DNS as the system that maps domain names to IP addresses.
Every device on the internet has an IP address, a unique number like 192.0.2.1. Humans find these numbers hard to remember, so DNS was created to translate easy names like 'example.com' into IP addresses. This makes browsing the internet simple and intuitive.
Result
You understand that DNS is essential for converting names to numbers so devices can communicate.
Understanding that DNS solves the problem of remembering IP addresses helps you see why it is fundamental to the internet's usability.
2
FoundationBasic Components of DNS
🤔
Concept: Learn about the main parts involved in DNS resolution: domain names, DNS servers, and IP addresses.
DNS involves several key players: the user's device, DNS resolvers (usually provided by your ISP), root servers, top-level domain (TLD) servers (like .com or .org), and authoritative servers that hold the actual IP address for a domain. Each plays a role in finding the right IP.
Result
You can name and describe the roles of the main DNS components.
Knowing the roles of each DNS component prepares you to understand how they work together in the resolution process.
3
IntermediateStep-by-Step Domain Resolution Process
🤔Before reading on: do you think your device asks the website server directly for its IP address or uses other servers first? Commit to your answer.
Concept: Explain the multi-step query process from the user's device to the authoritative DNS server.
When you enter a domain, your device asks a DNS resolver. If the resolver doesn't know the IP, it asks a root server, which points it to the TLD server. The TLD server then directs it to the authoritative server for the domain, which returns the IP address. The resolver sends this back to your device.
Result
You understand the chain of queries that happen behind the scenes to find an IP address.
Understanding the multi-step query process reveals why DNS is fast and scalable despite being distributed globally.
4
IntermediateCaching in DNS Resolution
🤔Before reading on: do you think DNS servers ask the root server every time for the same domain? Commit to your answer.
Concept: Introduce caching to improve speed and reduce load on DNS servers.
DNS resolvers and devices store (cache) IP addresses for a time called TTL (Time To Live). This means if you visit a site again soon, your device or resolver can answer immediately without repeating the full lookup process. Caching reduces delays and traffic.
Result
You know how caching speeds up domain resolution and reduces network load.
Recognizing caching's role explains why DNS queries are usually very fast and efficient.
5
IntermediateTypes of DNS Records
🤔Before reading on: do you think DNS only stores IP addresses? Commit to your answer.
Concept: Learn about different DNS record types beyond just IP addresses.
DNS stores various records: A and AAAA for IPv4 and IPv6 addresses, CNAME for aliases, MX for mail servers, TXT for text info, and more. These records enable different internet services to work using domain names.
Result
You understand that DNS is a flexible system supporting many internet functions.
Knowing DNS record types helps you appreciate DNS as more than just a name-to-IP translator.
6
AdvancedDNS Security and DNSSEC
🤔Before reading on: do you think DNS responses can be trusted by default? Commit to your answer.
Concept: Explain how DNSSEC adds security to prevent fake or tampered DNS responses.
DNSSEC adds digital signatures to DNS records so resolvers can verify the data's authenticity. This prevents attackers from redirecting users to fake sites by spoofing DNS responses. DNSSEC is a critical security layer for trust on the internet.
Result
You understand how DNSSEC protects users from DNS attacks.
Understanding DNSSEC reveals the importance of securing DNS to maintain internet trust and safety.
7
ExpertRecursive vs Iterative Queries and Resolver Behavior
🤔Before reading on: do you think DNS resolvers always ask servers in the same way? Commit to your answer.
Concept: Distinguish between recursive and iterative queries and how resolvers optimize lookups.
In recursive queries, the resolver does all the work to find the IP and returns the final answer to the client. In iterative queries, servers respond with the best info they have, and the client continues querying. Resolvers use caching and parallel queries to speed up resolution and reduce load.
Result
You grasp how DNS resolvers manage queries efficiently and the difference between query types.
Knowing query types and resolver strategies explains how DNS balances speed, load, and reliability in real-world use.
Under the Hood
DNS works as a distributed database spread across many servers worldwide. When a query arrives, the resolver checks its cache first. If missing, it contacts root servers, which direct it to TLD servers, which then point to authoritative servers holding the domain's records. Each server responds with referrals or answers. Responses include TTL values for caching. DNS uses UDP mostly for speed but can use TCP for larger responses. DNSSEC adds cryptographic signatures to ensure data integrity.
Why designed this way?
DNS was designed as a hierarchical, distributed system to avoid a single point of failure and to scale globally. Early internet growth required a system that could handle millions of queries efficiently. Centralized directories would be slow and fragile. The hierarchy allows delegation of responsibility, and caching reduces repeated work. Security was added later (DNSSEC) as attacks increased.
┌───────────────┐
│ User Device   │
└──────┬────────┘
       │ Query
       ▼
┌───────────────┐
│ DNS Resolver  │
└──────┬────────┘
       │ Cache hit?
       ├─Yes──▶ Return IP
       └─No───▶ Query Root Server
               │
               ▼
       ┌───────────────┐
       │ Root Server   │
       └──────┬────────┘
              │ Referral to TLD Server
              ▼
       ┌───────────────┐
       │ TLD Server    │
       └──────┬────────┘
              │ Referral to Authoritative Server
              ▼
       ┌───────────────┐
       │ Authoritative │
       │ Server       │
       └──────┬────────┘
              │ IP Address
              ▼
       ┌───────────────┐
       │ DNS Resolver  │
       └──────┬────────┘
              │ Return IP
              ▼
       ┌───────────────┐
       │ User Device   │
       └───────────────┘
Myth Busters - 4 Common Misconceptions
Quick: Does DNS always return the same IP address for a domain? Commit to yes or no.
Common Belief:DNS always returns a single fixed IP address for a domain.
Tap to reveal reality
Reality:DNS can return different IP addresses for the same domain based on load balancing, geographic location, or failover setups.
Why it matters:Assuming a fixed IP can cause confusion when troubleshooting or designing systems that rely on DNS for traffic distribution.
Quick: Do you think DNS queries are always secure and cannot be tampered with? Commit to yes or no.
Common Belief:DNS responses are always trustworthy and cannot be altered by attackers.
Tap to reveal reality
Reality:DNS responses can be spoofed or intercepted unless DNSSEC or other protections are used.
Why it matters:Ignoring DNS security risks can lead to users being redirected to malicious sites, causing data theft or fraud.
Quick: Does your device always ask the root server directly for every domain lookup? Commit to yes or no.
Common Belief:Every DNS query starts fresh by asking the root server.
Tap to reveal reality
Reality:Most queries are answered from cache at the resolver or device level, reducing the need to contact root servers frequently.
Why it matters:Misunderstanding caching leads to overestimating DNS query times and network load.
Quick: Is DNS only about translating domain names to IP addresses? Commit to yes or no.
Common Belief:DNS only stores IP addresses for domain names.
Tap to reveal reality
Reality:DNS stores many types of records like MX for email, TXT for verification, and CNAME for aliases.
Why it matters:Thinking DNS is only for IP addresses limits understanding of its full role in internet services.
Expert Zone
1
DNS resolvers implement complex retry and timeout strategies to handle unreliable networks and improve user experience.
2
Some DNS servers use Anycast addressing to route queries to the nearest server instance, improving speed and resilience.
3
DNS responses can be manipulated by middleboxes or ISPs for content filtering or censorship, which complicates trust models.
When NOT to use
DNS is not suitable for real-time or highly dynamic service discovery where IPs change very frequently; alternatives like service registries or dedicated discovery protocols (e.g., Consul, etcd) are better.
Production Patterns
Large-scale systems use layered DNS caching, geo-DNS for directing users to nearest data centers, and DNS-based load balancing. DNS is also integrated with CDNs and cloud providers to optimize content delivery and failover.
Connections
Content Delivery Networks (CDN)
DNS is used by CDNs to direct users to the closest or best-performing server.
Understanding DNS helps grasp how CDNs optimize web content delivery by resolving domains to different IPs based on location.
Public Key Infrastructure (PKI)
DNSSEC uses cryptographic signatures similar to PKI to secure DNS data.
Knowing PKI concepts clarifies how DNSSEC ensures authenticity and integrity of DNS responses.
Telephone Directory Systems
DNS functions like a global phonebook, mapping names to numbers.
Recognizing this connection shows how hierarchical, distributed directories solve large-scale lookup problems in different fields.
Common Pitfalls
#1Ignoring DNS caching and expecting every query to be slow.
Wrong approach:Always querying root servers for every domain lookup without caching.
Correct approach:Use caching at resolvers and clients to store DNS responses for the TTL duration.
Root cause:Misunderstanding how DNS caching works leads to inefficient designs and poor performance.
#2Assuming DNS responses are secure by default.
Wrong approach:Not implementing DNSSEC or other protections in critical systems.
Correct approach:Deploy DNSSEC to validate DNS responses and prevent spoofing.
Root cause:Underestimating DNS security risks exposes systems to attacks like cache poisoning.
#3Using DNS as the sole method for service discovery in dynamic environments.
Wrong approach:Relying on DNS for rapidly changing IP addresses without additional mechanisms.
Correct approach:Use dedicated service discovery tools designed for dynamic environments.
Root cause:Not recognizing DNS's limitations in handling frequent IP changes causes reliability issues.
Key Takeaways
DNS is the internet's directory that translates human-friendly names into IP addresses so devices can connect.
The DNS system is hierarchical and distributed, involving root, TLD, and authoritative servers working together.
Caching is essential in DNS to speed up lookups and reduce network traffic.
DNS supports many record types beyond IP addresses, enabling diverse internet services.
Security extensions like DNSSEC are critical to protect users from fake or malicious DNS data.