Domain Name System

Human cant rmb ip addresses, we rmb domain name.
DNS act as Internet phonebook, translate google.com → 142.250.xxx.xxx

DNS Resolution Flow

Open browser and search www.xxx.com
Check Browser Cache (RAM in browser) whether already knows IP for this domain.
If no, check OS DNS Cache
- Linux: systemd-resolved or nscd
  - Also checks /etc/hosts
- macOS: mDNSResponder
  - Also checks /etc/hosts
- Windows: ipconfig /displaydns
  - Also check C:\Windows\System32\ drivers\etc\hosts
If no, check Recursive Resolver (a type of DNS Resolver), the “middleman”
1. DNS Resolver will go through Root, TLD, Authoritative servers until get final answer.

Name	What it is	Example	Notes
ISP Resolver	Resolver provided by your Internet Service Provider	Maxis, TIME, Celcom	Usually default, works fine, caches some domains
Public Resolver	Resolver anyone can use	Google 8.8.8.8, Cloudflare 1.1.1.1	Often faster, more privacy options, global coverage

Root Name Server
- Knows where .com lives
- Responds: provide .com TLD servers
TLD Name Server (.com)
- Knows who manages google.com
- Responds Authoritative DNS server
Authoritative Name Server
- The final source of truth
- Returns actual IP
Cache the domain and ip.

[Your Computer]
        |
        | asks “IP of www.google.com”
        v
[Recursive Resolver (ISP / Public DNS)]
        |
        | checks cache, if missing:
        v
[Root Name Server] → [.com TLD Server] → [Authoritative Google DNS]
        |
        v
[IP Address returned to Resolver]
        |
        v
[Resolver caches IP, sends it to your Computer]
        |
        v
[Browser connects to the IP]

Common DNS types

Record Type	Purpose / Use Case	Example	Notes
A	Maps domain to IPv4 address	example.com → 93.184.216.34	Most basic record; required for web access
AAAA	Maps domain to IPv6 address	example.com → 2606:2800:220:1:248:1893:25c8:1946	IPv6 version of A record
CNAME	Alias to another domain	www.example.com → example.com	Cannot point directly to IP; resolves to A/AAAA
MX	Mail server for domain	example.com → mail.google.com	Supports priority (lower = higher priority)
TXT	Arbitrary text, verification, security	v=spf1 include:_spf.google.com ~all	Used for SPF, DKIM, domain ownership verification
NS	Name servers for a domain	example.com → ns1.cloudflare.com	Shows who manages DNS for this domain
PTR	Reverse DNS: IP â†’ domain	93.184.216.34 → example.com	Mainly used in email validation, reverse lookup
SRV	Service location (protocol/port)	_sip._tcp.example.com →
10 60 5060 sipserver.example.com	Used for VoIP, Minecraft servers, etc.
SOA	Start of Authority	ns1.example.com, [email protected]	Contains admin info, serial number, refresh time; mandatory for every zone