The Domain Name System (DNS) is a core part of the Internet ecosystem. In this post, I will explain a small portion of how the DNS works for your average home internet user.
Let’s talk about how a domain name gets resolved when you are using your home network.
What does “resolve” mean?
The DNS is a system that translates a domain name (for example: nullrouted.space) into an IP address (220.127.116.11 [IPv4] and 2600:3c03::f03c:91ff:fee7:9cd3 [IPv6]). The DNS was invented so that you do not need to remember a web site’s IP address but to instead remember a much easier to remember domain name.
So in this case, to resolve a domain name means to obtain the IP address values that correspond to a domain name. The DNS is a query-response system. You give it a query, you get a response.
You have a computer sitting inside a home network that is connected to the Internet via your residential ISP (Internet Service Provider).
For our purposes, the exact kind of computer is not relevant (desktop computer/smartphone etc.), nor is the operating system (Windows/macOS/iOS/Linux etc.). The type of internet connectivity (DSL/cable/dialup/satellite/FTTH etc.) is also not relevant.
The core concepts of how a domain name gets resolved remains the same across the above factors.
To further ease understanding, I will also use the example of a single application: a web browser as the source of the DNS query (the exact web browser is not relevant).
Additional simplifications, you are using your ISP’s provided DNS resolvers. Your web browser is not using DoH (DNS over HTTPS) to directly talk to a resolver.
You type in a domain name (for example – nullrouted.space) into your web browser’s address bar.
The first thing your web browser needs to do before it can load that web page is to resolve the domain name so that it knows to which server(s) it needs to make its connection to.
So the web browser asks your operating system: hey, can you tell me where “nullrouted.space” is on the Internet?
Your operating system then goes: uh idk let me ask my stub resolver!
Your operating system’s stub resolver: I don’t know either, but let me ask the DNS resolver I got via DHCP.
The DNS resolver I got via DHCP: I am a simple forwarder so let me just send your query to your ISP’s resolver.
Your ISP’s resolver: nullrouted.space is at IPv4 address 18.104.22.168 and at IPv6 address 2600:3c03::f03c:91ff:fee7:9cd3
So let’s recap my little DNS role-play here in simpler format, this is the outgoing path for your web browser’s DNS query for nullrouted.space:
DNS query from your web browser -> Your operating system’s stub resolver -> Your home network’s forwarding resolver -> Your ISP’s resolver.
The response from your ISP’s resolver takes the path back through all the way to your web browser. This whole process usually takes milliseconds to complete.
Some terminology explanation
Stub resolver – a stub resolver is a piece of software in your operating system that sends DNS queries from applications running on your operating system to the resolvers either obtained dynamically via DHCP or statically configured.
DHCP – the protocol via which devices dynamically obtain IPv4 addresses and also DNS resolver values, see Wikipedia page for further details.
DNS forwarder – this is a piece of software usually running on the router your ISP provides you that is configured to forward DNS queries onwards to your ISP’s resolvers. This software also performs caching which I will not explain in this post for the sake of keeping it to a reasonable length.
At this point you may be asking, “hey how does my ISP’s resolver know where nullrouted.space is?”. Your ISP’s resolver is a type of resolver known as a recursive resolver. I will cover the topic of recursive resolvers and how they work in the next post in this series!