What is DNS
DNS is the Domain Name System, which is responsible for mapping domains to numeric IP addresses through name servers.
When the Internet was just starting to develop, they used digital names – IP addresses – to communicate between computers, but as they became more and more numerous, they decided to use more comprehensible text names – domains.
Since initially there were very few domains, their names and IP matches were stored in a special file, which were copied between them. But when their number began to grow, they started looking for solutions to store information about domains and their IP addresses.
That’s what the DNS system was created for, and it was responsible for this task. What is a DNS server, read this article.
DNS-server – what is it? Why DNS technology is needed and how it works
DNS server is a huge data repository. The role of a DNS server is to store information about domains, namely the addresses where they are hosted.
DNS servers can also cache DNS records from other servers for load balancing. How does it work? For example, when you enter a website name in the address bar of your browser, the browser makes a query to the DNS server and gets the IP address where the site is hosted and opens the site from that IP. This is the basic and most important of what a DNS server does.
Types of DNS records and how to manage them
The main task of a DNS server is to give out the IP address of the server where the website is located. But beyond that, there are many other DNS records that are responsible for other services. The table below summarizes DNS records.
| DNS Record | Description |
|---|---|
| A | Specifies the IPv4 address of the server where the domain is hosted |
| AAAA | Specifies the IPv6 address of the server where the domain is hosted |
| CNAME | Redirects the domain to another domain |
| PTR | Converts an IPv4 or IPv6 address into a domain name |
| NS | Name server responsible for the domain |
| MX | Specifies the mail server responsible for the domain |
| SOA | Technical data about the domain |
| TXT | Domain text entry |
| CAA | DNS record intended to define the certification authorities that are allowed to issue SSL/TLS certificates for a certain domain |
| SRV | Specifies the host name and port number of servers for certain services, such as SIP. |
Previously, all records were managed by making entries in the DNS zone file using a text editor.
There were also Primary and Secondary server roles which could be used to delegate management of DNS records to other DNS servers. In the case of an error in the record, the domain ceased to work. The main mistake was always the missing point at the end of the entry.
Today, as a rule, the management of DNS records is reduced to a convenient control panel that tells you how to make a record correctly, so that you do not make a mistake.
What is a DNS server
Let me remind you that the main task of DNS is to match the name and IP address.
Accordingly, each domain has its own individual record.
It is a kind of instruction for the domain where it is served,
where to send mail, which certification centers are allowed to issue certificates, and so on.
Geo-DNS. What is a server’s DNS address
The DNS server is the first node that receives a request from a visitor and returns the server’s IP address. The visitor’s browser then sends an HTTP request to the application server and receives a response.
Usually one or more IP addresses are used for a single entry. If multiple addresses are used, the DNS server returns responses in a round robin algorithm.
Therefore, this method is often used for load balancing. But what if you want to distribute the load not just on different IP addresses, but also on different countries?
In this case, Geo-DNS will help.
Geo-DNS is an add-on or a part of the DNS server software, capable of giving different DNS answers depending on where the request comes from, from what country. As a rule, in this case the MaxMind database is used, which stores information about what IP refers to what country.
This technology allows you to distribute the load and accelerate the sites. For example, the site has three servers: Ukraine, Europe and the United States.
With GeoDNS you can create a record with which customers from Ukraine will get to the server in Ukraine, customers from the U.S. will get to their server and European customers will get to their server in Europe.
This minimizes the response to the site, as the site will open from the nearest server.
Attacks on DNS servers and ways to protect them
The primary purpose of DNS is to respond to queries,
not to question them, so it uses the UDP protocol to transfer data, which is one of the reasons why DNS servers are vulnerable to attack.
There are two main transport protocols for data transfer TCP and UDP.
The main differences between TCP and UDP:
- TCP establishes a connection between computers before data is transmitted.
- UDP sends data to the destination computer without checking if it is accessible.
As a result, the DNS has the potential for cyberattacks.
As a rule, there are 3 basic types of attacks on DNS.
- Disruption of DNS server availability, the purpose is to prevent access to the site.
- DNS spoofing, the purpose of redirecting a visitor to an attacker’s server.
- Interception of passing traffic, the purpose is the same as in paragraph 2, also sometimes use
this method for introducing censorship on the Internet.
Let’s take a look at the main attacks and ways to defend against them:
DNS Amplification, the essence of amplification is,
that an attacker sends a short request to a vulnerable DNS server, for example, to request all DNS records of some domain, and the latter in turn already responds with a much larger packet.
If you spoof the IP in the packet to the victim computer, the vulnerable DNS server will send large numbers of packets to the victim computer until it completely paralyzes it.
DNS spoofing, also known as DNS cache corruption.
Using vulnerabilities in the DNS server, an attacker tries to gain control over the server.
By accessing the DNS cache it tries to change it, thus directing visitors to a phishing site. The main risk of damage to the DNS is data theft.
DNS flooding is a fairly simple type of attack where an attacker sends multiple DNS queries to a DNS server, flooding the server with requests and consuming its resources.
This type of attack usually leads to the fact that the DNS server stops responding to requests and thus visitors stop getting responses from DNS, and therefore can not get to their sites.
DNS hijacking – DNS hijacking, also called DNS redirection. The essence of the attack is to make DNS queries incorrectly returned, thereby redirecting the visitor to another resource.
To conduct the attack, attackers either install malware on users’ computers, hijack routers, or intercept or hijack DNS servers.
The main methods of protection against DNS attacks – this is a competent configuration of the DNS server and the use of always stable software with all the security patches.
Also in recent years, one of the popular methods of protecting against DNS spoofing is gaining popularity DNSSEC.
This protocol is based on the method of digitally signing responses to DNS queries. This makes sure that the answer came from the correct DNS server and to spoof the answer will not work.
Conclusion
Now you know more about what a DNS server is for. Finally I would like to note that the work of DNS servers entirely depends on the sites.
If DNS does not respond to the request and the site will not load, regardless of whether the server where the site is located.
Therefore, the work of the DNS is almost the most important factor in the work of sites.
In our work we use 4 servers DNS, geographically located in different countries, which positively affects the work of sites. Even if one or two servers go down, your sites will continue to work, and our specialists monitor their work around the clock and do everything to make your sites work stably and 24/7.
Now you know what a DNS server is and how it works.
You can also always organize your own DNS by ordering a server or VPS from us.
