How DNS Powers the Internet: From Distributed Databases to Private Servers
This article explains the evolution and architecture of the Domain Name System (DNS), covering its origins, hierarchical domain structure, global server hierarchy, recursive resolution process, private server deployment, protocol packet format, and implementation methods such as UDP/TCP and HTTP DNS, illustrated with diagrams and code examples.
Reference Articles
Future Internet Technology Development Chronicle, from ARPANET to Fully Programmable Networks
Ethernet Technology Development Chronicle
Network Protocol – ARP Address Resolution Protocol
Network Protocol – IP Internet Protocol
Network Protocol – TCP Transmission Control Protocol
DNS Distributed Database
Originally, ARPANET computers used hostnames recorded in a hosts file to map names to IP addresses, but as the network grew this approach became impractical.
In 1983 Paul Mockapetris introduced the Domain Name System (DNS), a hierarchical, domain‑based naming scheme implemented as a distributed database.
Thus DNS is essentially a distributed database that maps domain names to IP addresses, simplifying Internet access for users.
Domain Hierarchical Architecture
DNS adopts a tiered domain structure similar to a postal address, managed globally by ICANN. The hierarchy starts at root servers, followed by top‑level domains (TLDs), second‑level domains, and so on, forming names such as www.google.com. Benefits of this design include clear hierarchy, distributed management, easy scalability, and efficient resolution.
Global DNS Server Cluster
The DNS system consists of several server categories that cooperate to provide resolution services.
Root name servers : 13 authoritative root servers (A‑M) and many mirrors; they store the addresses of all TLD servers. In China, five root servers (F, I, J, K, L) have 21 mirrors online.
Top‑level domain servers : manage all second‑level domains under a specific TLD.
Authoritative name servers : serve a particular domain zone.
Local name servers : operated by ISPs, the first DNS server a user contacts.
Private name servers : deployed within enterprises, not registered on the public Internet.
These servers collectively form a hierarchical index that stores the massive set of domain records as a distributed database.
DNS Recursive Resolution Process
The recursive resolution starts at a root server and proceeds down the hierarchy until the final IP address is obtained.
Computer boots, obtains IP address and local DNS server (e.g., 8.8.8.8) via DHCP.
Browser checks its DNS cache for www.cmbc.com.cn.
If not cached, the kernel resolver checks the local hosts file.
Kernel sends a DNS query to the local DNS server.
The local server, lacking a cached record, queries the root server, then ., cn., com.cn., and finally cmbc.com.cn. to obtain the IP address.
Deploying a Private DNS Server
On Linux, setting up a private DNS server involves installing BIND9, configuring /etc/named.conf, creating zone files, and starting the service.
sudo yum install bind bind-utils -yoptions {
listen-on port 53 { 127.0.0.1; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
allow-query { localhost; };
recursion yes;
dnssec-enable yes;
dnssec-validation yes;
bindkeys-file "/etc/named.root.key";
pid-file "/run/named/named.pid";
session-keyfile "/run/named/session.key";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "fguiju.com" IN {
type master;
file "fguiju.com.zone";
allow-update { none; };
};$TTL 3600 ; Time To Live
; Domain Zone
fguiju.com. IN SOA ns1.fguiju.com. admin.fguiju.com. (
2022040301 ; Serial
10800 ; Refresh
3600 ; Retry
604800 ; Expire
86400 ; Minimum TTL
)
IN NS ns1.fguiju.com.
IN NS ns2.fguiju.com.
ns1 IN A 192.168.1.100
ns2 IN A 192.168.1.101
fguiju.com. IN MX 10 mail.fguiju.com.
www IN A 192.168.1.102
mail IN A 192.168.1.103sudo systemctl start named
sudo systemctl enable named$ dig fguiju.comDNS Protocol Message Format
Identification (2 bytes)
The ID field matches request and response messages, allowing correlation.
Flags (2 bytes)
Four Section Lengths (8 bytes)
Questions (2 bytes) : number of query entries.
Answers (2 bytes) : number of answer entries.
Authority (2 bytes) : number of authority records.
Additional Information (2 bytes) : number of additional records.
Questions Section (variable length)
The query name field contains the domain name (or IP for reverse lookups).
Answers Section (variable length)
Answers repeat the query name, type, and class, and include TTL, data length, and the resource record (e.g., A or CNAME).
Wireshark Capture Analysis
Example resolution of jocent.me shows the DNS query request and response packets.
DNS Query Request
DNS Query Response
DNS Protocol Implementation Methods
DNS over UDP/TCP
Most DNS queries use UDP, but TCP is required for large responses such as zone transfers (AXFR) and DNSSEC data.
UDP: Small DNS packets
Typical UDP query/response overhead is about 84 bytes (L2+L3+UDP headers).
TCP: Large DNS packets
When packet size exceeds the MTU or DNSSEC is used, TCP handles fragmentation; overhead becomes proportionally smaller as packet size grows (e.g., ~5% overhead for 4800‑byte packets).
DNS over HTTP
HTTP DNS bypasses ISP‑provided resolvers, offering faster updates and protection against hijacking. Clients send domain and client IP to an HTTP DNS cluster, which returns the optimal IP. If the cluster fails, fallback to traditional DNS occurs.
Client sends HTTP/HTTPS request with domain and IP.
Cluster queries internal CDN routing to select best IP.
Client receives IP and accesses the service.
If HTTP DNS fails, the client falls back to the local ISP DNS.
Implementing HTTP DNS requires integrating an SDK into applications, adding development effort.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.