DNS stands for “Domain Name Service”. It is the mechanism in which the internet is able to map a name (eg http://www.sgasoftware.com) to an IP address (eg 184.108.40.206).
This writeup is not designed to be 100% technically accurate. Rather, it is designed to give a layman understanding of relevant parts of the DNS system.
Much more comprehensive information can be found here: http://en.wikipedia.org/wiki/Domain_Name_System
A bit on IP Addresses and Routing
Packets of data to move to and fro across the internet based entirely on IP Address. At every “network meeting point” on the internet, there is a router which examines all traffic to find out where it is headed, and then sends it to the next step. This process is repeated at each “network meeting point” until the traffic arrives at the destination.
There is a popular utility called “Trace Route”, which will demonstrate all of the routers that a packet of data must go through to get from where you are to where it is headed. In the following example, I ran a traceroute to http://www.google.com.
Notice the first step was a DNS lookup, converting
Tracing route to http://www.l.google.com [220.127.116.11]
over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms 192.168.0.1 (our office router/gateway))
2 1 ms <1 ms <1 ms 10.1.10.1 (our cable modem (another router/gateway)
3 15 ms 13 ms 12 ms 18.104.22.168
4 9 ms 9 ms 10 ms ge-2-20-ur01.blairsville.pa.pitt.comcast.net [22.214.171.124]
5 14 ms 10 ms 9 ms te-9-1-ur01.indiana.pa.pitt.comcast.net [126.96.36.199]
6 10 ms 55 ms 30 ms te-9-3-ur01.punxy.pa.pitt.comcast.net [188.8.131.52]
7 12 ms 18 ms 19 ms te-9-1-ur01.ruralvalley.pa.pitt.comcast.net [184.108.40.206]
8 21 ms 63 ms 53 ms te-6-3-ar01.pittsburgh.pa.pitt.comcast.net [220.127.116.11]
9 28 ms 29 ms 27 ms te-3-1-0-0-cr01.chicago.il.ibone.comcast.net [18.104.22.168]
10 25 ms 28 ms 25 ms pos-1-6-0-0-pe01.350ecermak.il.ibone.comcast.net [22.214.171.124]
11 43 ms 44 ms 44 ms as15169-1.350ecermak.il.ibone.comcast.net [126.96.36.199]
12 48 ms 52 ms 58 ms 188.8.131.52
13 37 ms 39 ms 39 ms 184.108.40.206
14 36 ms 43 ms 41 ms 220.127.116.11
15 42 ms 39 ms 39 ms iad04s01-in-f99.1e100.net [18.104.22.168]
In true geek fashion, after 15 hops, our packet reached 1e100.net. Google was derived from the word Googol, which is a number with 1 and 100 zeros. Henceforth, 1e100.net stands for something to that effect.
Why does this matter?
It is important to understand that computers are binary, and therefore require input to be ultimately converted to binary. An IPv4 address is simply 32 bits, but rather than presenting it as
11000000.10101000.00000000.00000001, humans find it more convenient to look at it like
192.168.0.1. However, that is still a far cry from a human readable name like
This is where DNS comes into play. DNS is a system which allows people to use names, while still providing for computers to use the numbers. Of the many benefits of DNS, it allows you to move a domain to another IP address while keeping the domain name the same.
Common Types of DNS Records
DNS records come in several types:
Points to a specific IP address. “A” stands for “Address”.
This means that appcove.com should resolve to 22.214.171.124
appcove.com. 70755 IN A 126.96.36.199
Points to another record. “CNAME” stands for “Canonical Name Record”
This means that http://www.appcove.com should resolve to appcove.com and in turn resolve to 188.8.131.52
Specifies a domain which will handle incoming email for the domain.
This means that mail sent to @appcove.com will be handled by APPCOVE.COM.S9A1.PSMTP.com, and if that does not work, send it to APPCOVE.COM.S9A2.PSMTP.com and so on. The weight indicates which server should be tried first — the lower the weight, the better.
appcove.com. 86400 IN MX 40 APPCOVE.COM.S9B2.PSMTP.com.
appcove.com. 86400 IN MX 10 APPCOVE.COM.S9A1.PSMTP.com.
appcove.com. 86400 IN MX 20 APPCOVE.COM.S9A2.PSMTP.com.
appcove.com. 86400 IN MX 30 APPCOVE.COM.S9B1.PSMTP.com.
This means that DNS for appcove.com is to be handled by either ns.rackspace.com or ns2.rackspace.com.
appcove.com. 57957 IN NS ns.rackspace.com.
appcove.com. 57957 IN NS ns2.rackspace.com.
Specifies arbitrary text associated with a name. “TXT” stands for “Text”
The provides a mechanism for the DNS system to be extended with different bits of text about a domain name. The following TXT record stores SPF information, used to specify what servers are allowed to send mail on behalf of appcove.com.
appcove.com. 86400 IN TXT "v=spf1 include:fogcreek.com include:aspmx.googlemail.com ip4:184.108.40.206/20 ip4:220.127.116.11/20 ip4:18.104.22.168/22 ~all"
DNS is a distributed system. This means that there are thousands of DNS servers scattered around the globe. Most internet providers will have their own DNS servers. Most hosting providers will have their own DNS servers. Etc…
How do they all stay in sync? They do and they don’t!
Every DNS entry has a corresponding TTL value associated with it. TTL means “time to live”. This value, expressed in seconds, states how long a given DNS entry is valid before it must be refreshed from the “authoritative” DNS server for the given domain. Typically, the TTL is set to 86,400 seconds, or 1 day.
With a TTL of 1 day, any changes to authoritative DNS records may take up to a full day (or more) to propagate around the internet. This is worth keeping in mind before you engage in any important DNS changes.
The proper way to change DNS is to first, at least 48 hours prior to the transition period, change the TTL to a very low value (like 5 minutes). It will still take at least a day for this to fully propagate to all relevant DNS servers. However, once they are all aware that the TTL is 5 minutes, they will frequently check your authoritative server for updates every 5 minutes or each time a new request comes in for one of your DNS records, whichever is longer.
In other words, DNS servers only look up what they are asked to look up. Then they retain it for the TTL period, and finally discard it (only to repeat if needed).
Every domain must be registered with a registrar. Part of this registration information for every domain, is the DNS servers to use as “authoritative dns information” for that domain. These NS records are transmitted to the root nameserver system.
Every top level domain (com, net, edu, org, us, gb, br, uk, au, etc…) all have their own authoritative DNS servers. This information is kept in the world’s root name servers, which are currently:
a.root-servers.net. 117655 IN A 22.214.171.124
a.root-servers.net. 196594 IN AAAA 2001:503:ba3e::2:30
b.root-servers.net. 113829 IN A 126.96.36.199
c.root-servers.net. 120655 IN A 188.8.131.52
d.root-servers.net. 113757 IN A 184.108.40.206
e.root-servers.net. 115554 IN A 220.127.116.11
f.root-servers.net. 121256 IN A 18.104.22.168
f.root-servers.net. 280321 IN AAAA 2001:500:2f::f
g.root-servers.net. 113755 IN A 22.214.171.124
h.root-servers.net. 116456 IN A 126.96.36.199
h.root-servers.net. 206320 IN AAAA 2001:500:1::803f:235
i.root-servers.net. 115856 IN A 188.8.131.52
i.root-servers.net. 337685 IN AAAA 2001:7fe::53
j.root-servers.net. 119155 IN A 184.108.40.206
If you lookup the NS record for com at one of the above root servers, you will be told this:
d.gtld-servers.net. 16131 IN A 220.127.116.11
g.gtld-servers.net. 74653 IN A 18.104.22.168
f.gtld-servers.net. 111162 IN A 22.214.171.124
c.gtld-servers.net. 33590 IN A 126.96.36.199
j.gtld-servers.net. 171076 IN A 188.8.131.52
a.gtld-servers.net. 2665 IN A 184.108.40.206
a.gtld-servers.net. 8352 IN AAAA 2001:503:a83e::2:30
i.gtld-servers.net. 78083 IN A 220.127.116.11
k.gtld-servers.net. 14957 IN A 18.104.22.168
b.gtld-servers.net. 127812 IN A 22.214.171.124
b.gtld-servers.net. 168301 IN AAAA 2001:503:231d::2:30
e.gtld-servers.net. 29652 IN A 126.96.36.199
h.gtld-servers.net. 47519 IN A 188.8.131.52
l.gtld-servers.net. 41990 IN A 184.108.40.206
m.gtld-servers.net. 42456 IN A 220.127.116.11
If you lookup the NS record for appcove.com at one of the above “com” servers, you will be told this:
appcove.com. 172800 IN NS ns2.rackspace.com.
appcove.com. 172800 IN NS ns.rackspace.com.
Finally, we have the authoritative DNS servers for appcove.com. Now, if you lookup the record for http://www.appcove.com at ns.rackspace.com, you will be told this:
Finally, if you lookup appcove.com at it’s authoritative server ns.rackspace.com, you will be told this:
appcove.com. 86400 IN A 18.104.22.168