Without the Domain Name System, most people would be completely lost on the Internet. The DNS ensures that we arrive at the right place when we enter the name of a website into our browser. It is one of the most important mechanisms of the Internet, and it is not easy to understand. But we will do our best to help you understand everything there is to know about it. And we’re off!
In order to understand the DNS, we must first briefly explain how the Internet works. All existing websites can be found on computers all over the world. All those computers (servers) have a unique name: an IP address. For example, the server on which combell.com is hosted is called 18.104.22.168. This is the IP address of that server, and therefore the place where you end up when you enter combell.com into your browser.
But one thing we can agree on is that IP addresses are not easy to remember. And that is why domain names exist: they ensure that you do not have to remember long strings of numbers, but only a very concrete name. Like the domain name combell.com instead of 22.214.171.124. That is a little more convenient, right?
A domain name consists of a second-level domain (a name) and a top-level domain (an extension), and possibly a subdomain in front of it.
Anyone who enters the above domain name into their browser sets a whole system in motion. Because, behind the scenes, computers do not use domain names to communicate with each other, but IP addresses. That is why the Domain Name System exists: it looks up which IP address is behind a certain domain name.
And if you do not believe us: Wikipedia says so too. A little less clearly, though 😉.
The Domain Name System (DNS) is the system and network protocol used on the Internet to translate computer names into numerical addresses (IP addresses) and vice versa.
Your mobile contact list
We have already explained that the DNS ensures that you arrive at the right place when you enter an address in your browser. It actually works a bit like your contact list on your mobile.
When you want to call someone you know, in most cases you do not remember the phone number of that person. But you do remember his or her name! So you just type that name into your mobile, and your mobile immediately knows which phone number to call. Replace ‘his or her name’ by ‘domain name’ and ‘phone number’ by ‘IP address’, and you will immediately understand what the DNS does. As for how it does it, that is what we will discuss below 😬.
Extending the comparison with your contact list, we should also note that some people in that contact list may have multiple phone numbers. A friend may have a landline number, a work phone number, and maybe even a fax number. Well, you may not have friends with fax numbers, but let us assume that you do for the sake of example.
In the context of the DNS, this collection of contacts is called a DNS zone.
For combell.com, for example, there are several subdomains, each with its own IP address:
- www.combell.com: 126.96.36.199
- my.combell.com: 188.8.131.52
- blog.combell.com: 184.108.40.206
Are you still confused? Click here to learn what a subdomain is.
All the DNS records for these websites are stored in a DNS zone. Therefore, if you want to edit your DNS records, you have to go to the corresponding DNS zone in the control panel of your domain name. Apart from that, this DNS zone has no real use.
Just to be clear: an IP address is not a DNS record. DNS records are pieces of information that help you find out which IP address is linked to a domain. The various types of DNS records are explained in more detail below.
As mentioned before, a website is made up of several different components. Let us take a concrete example from the ‘offline’ world.
Suppose that you want to call a shop, for example ‘Retailer The Shop’. This business may have different phone numbers depending on what you are calling about.
‘Retailer The Shop’ has different numbers:
- general enquiries: 058279127
- complaints department: 058279128
- administration: 058279129
Based on this information, you know which number to call. Each domain name also has such information attached to it. And the DNS uses it to redirect you to the right place.
There are various types of DNS records, such as MX records. These ensure that, if you want to send an e-mail to a certain e-mail address, the message is delivered to the right server. Or A records, which ensure that you end up on the right website when you enter a domain name into your browser.
The three most commonly used DNS records are:
- A record
- This is the most obvious DNS record: it links a domain name to an IP address.
- Whoever enters combell.com into a browser will be directed, via this A record, to the server whose IP address is 220.127.116.11, and will thus be able to see a website.
A record: combell.com 18.104.22.168
- AAAA record
- To make things even more complicated: IP addresses exist in different versions: IPv4 and IPv6. An IPv4 address looks quite familiar (for example 22.214.171.124), but an IPv6 address can contain numbers and letters. This means that IPv6 makes it possible to have more unique addresses, which is clearly necessary considering that the Internet is growing so fast.
- An A record points to an IPv4 address, whereas an AAAA record points to an IPv6 address.
- Whoever enters combell.com into a browser will be directed, via this AAAA record, to the server whose IPv6 address is 2a00:1c98:10:4::142.
AAAA record: combell.com 2a00:1c98:10:4::142
- A CNAME record (or Canonical Name Record) does not point to an IP address, but to another domain name. This is useful if you have a subdomain that can point to the same IP address as your main domain. In this case, a CNAME is more convenient than an A record because it always follows the A record of your target name. So, when you edit the A record of your main domain, you do not have to edit all the A records of your subdomains, but the CNAME record will automatically follow the A record of your main domain.
CNAME: combell.com www.combell.com
- MX record
- An MX record (or Mail Exchange Record) indicates where e-mails for a certain e-mail address should be delivered. Just like a CNAME record, an MX record points to a domain name, and not to an IP address. So, when you send a message using your e-mail client, the DNS will look up the destination server for that e-mail. An e-mail server is often not the same as the server that hosts your website.
MX record: combell.com mx-se.mailprotect.be
To keep things simple, we have listed only the most common DNS records above. Here you will find all the different types of DNS records.
How does the DNS work?
Now that we know what information the DNS uses to get you to the right place, let us have a closer look at how the DNS works exactly. Brace yourselves, as there are quite a few steps involved.
Every domain name has a name server. That is a computer – a server – on which the DNS zone and the DNS records of that domain name that it contains are located. This name server is accessible and can provide DNS records if requested.
So, when you want to visit a domain name (e.g. combell.com), your computer sends a question to the name server via the DNS: “Which IP address is linked to combell.com?” The name server then sends a reply back to your computer. This way, your computer knows to which IP address it must go in order to reach combell.com.
At least, that is how it would work in a simpler world. But since there are countless domain names, which are all linked with specific information, the DNS is a bit more complex.
The first component of the DNS is a resolver. This is a name server of your own Internet provider, such as Telenet and Proximus, or KPN and Ziggo for our Dutch friends. When you ask a question, the resolver may already know the answer (through caching, for example, but more on that below).
If your resolver does not know the answer itself, it will ask another server until it gets the answer.
This behaviour is called recursive. Your resolver is thus a recursive name server, because it will answer your question no matter what. If it does not know the answer itself, it will ask other servers and come back to you with the answer.
This is in contrast to a non-recursive (iterative) name server. When an iterative name server does not know the answer, it will answer your question with an error or a referral to another name server (“I don’t know, but maybe you should try there”).
As mentioned above, your resolver does not always know the answer. But since a resolver is (usually always) recursive, it will search for the answer at all costs, on all kinds of computers that may know the answer (= containing a DNS zone) and that are part of the DNS: the DNS servers. And that can be quite an undertaking.
Suppose we want to visit blog.combell.com. We enter that address into our browser, which then sends a query to the resolver of our Internet provider: “Where can I find blog.combell.com?”
If your resolver does not know the answer itself, it will continue its search on the next computer: the root server.
If we look at it hierarchically, we notice that DNS zones work from right to left in a domain name. The root server (“.”, you can read more about that point below) is the master server for all domain names, and therefore also receives queries about the DNS records of all domain names. This helps the .com name server to process far fewer queries, since only a fraction of all domain names end in .com.
As mentioned above, every name server contains a DNS zone, i.e. the set of DNS records for a specific domain name. But before we reach the DNS zone of the subdomain, we first have to go through other DNS zones. We will learn how this is done a little later, but the order of name servers and DNS zones that are queried looks like this:
- “.” (root) DNS zone
- .com DNS zone
- combell.com DNS zone
- blog.combell.com DNS zone
You can see that the dots in a domain name actually always indicate a new DNS zone, which is always located on a different DNS server. In the list above, you can see that the last zone is just a dot. This is because, for the DNS, every domain name ends with a “.” (the root). You should actually write blog.combell.com., but for the sake of convenience, we always leave out the dot.
This point is nevertheless important, as it indicates that our resolver, which does not know the answer to the question “Where can I find blog.combell.com?”, first goes to the root.
The search for the correct DNS records
Your resolver undertakes quite a journey to find the correct information for you. This search can be summarised, step by step, as follows:
- You enter blog.combell.com into your web browser. This browser asks your resolver if it has any information about this.
- Your resolver does not know the answer, and asks the root name servers if they have DNS records for blog.combell.com.
- The root name servers answer: “No, but I do have DNS records for .com. Please query the name servers for .com.”
- Your resolver asks the .com name servers if they have DNS records for blog.combell.com.
- The .com name servers answer: “No, but I do have DNS records from combell.com. Please query the name servers for combell.com.”
- Your resolver asks the combell.com name servers if they have DNS records for blog.combell.com.
- The combell.com name servers answer: “Of course! Here they are: blog.combell.com A 126.96.36.199”
- Your resolver gets back to your web browser, saying: “This is where blog.combell.com points to.”
In the section above, you have seen the DNS in action! You will have noticed that only your resolver works recursively; all other DNS servers work iteratively by providing a redirection each time.
This is because, for example, the root name servers handle all the DNS requests from all over the Internet. Imagine if those name servers would also have to go through all the steps your resolver just completed: that would be way too much work for those root servers. And that goes for all name servers, except the name servers that serve the end user (your resolver).
As we mentioned above, it is always quite a challenge for your resolver to find the right DNS server and DNS records. But this can be achieved more efficiently thanks to DNS caching.
Caching is a technique whereby data are stored temporarily in a ‘cache’ or digital repository to enable faster access to that data. Your computer, for example, has a cache.
But in the DNS, a name server such as your provider’s resolver also uses a cache that stores previously requested DNS records. This way, your resolver does not have to go through all the DNS servers to retrieve this information, and a website will load a little faster.
This also means that changes to your DNS records are not immediately visible: you often still see your website based on the DNS records that are in the cache. This is called DNS delay, and can be remedied by a short Time To Live.
Time To Live
Not all DNS records remain in the cache of a name server for the same amount of time. This is determined by the TTL or ‘Time To Live’.
The Time to Live specifies how long an Internet provider has to store the DNS records of your domain name. At Combell, the TTL is set to 1 hour by default.
A TTL of 1 hour means that when a customer of, say, Telenet visits your website, the DNS records of your domain will remain in Telenet’s cache for 1 hour, for all Telenet customers. This will allow all Telenet customers to access your domain name a little faster, because your DNS records are stored in their DNS cache. If during that hour nobody else visits your website, the DNS records are deleted from the DNS cache, and the resolver has to go through the whole search again.
Adjusting the TTL
You should only adjust your TTL if changes are made to your DNS records. In such cases, you will want to keep the TTL as short as possible, so that the old DNS records can be quickly replaced by the new ones in a DNS cache. So, if you want to transfer your website or e-mail address, make sure you have a short TTL first.
When you have edited a DNS record, the change will not necessarily be instantly visible to the whole world. This has to do with DNS propagation or DNS delay. DNS propagation can take up to 72 hours (3 days!).
As explained above, you can control the caching time of an Internet provider by setting the TTL, but this is not always possible. Some Internet providers, however, do not care about your TTL setting and choose their own caching time. As a result, it will take a little longer for the customers of these providers to see your change.
But, when changing your name servers, DNS delay can also be caused by the DNS server of your registry (the .com name server, in the case of combell.com).
When you change the name servers of a domain name (such as combell.com), the request is immediately sent to the .com DNS server. That .com name server stores that information so that it can redirect your resolver (remember?) to the correct name server of combell.com.
Most registries (= managers of name servers such as .com or .be) update their DNS zones immediately, but for some registries, this can sometimes take hours or even days. In such cases, patience is a virtue ☺️.
When and how should I edit my DNS records?
Combell allows you to manage your DNS settings in your control panel. Each domain name has its own DNS records, which can be changed in the ‘DNS & Forwarding’ section. Forwarding’.
If your domain name and your hosting are with different providers, you will have to make sure that the DNS records of your domain name point to the server of your hosting provider.
FAQ about DNS records
DNSSEC stands for Domain Name System Security Extensions. It provides DNS records with a ‘digital signature’ that proves the authenticity of a DNS record. This is how DNSSEC prevents DNS spoofing, an attack in which a fraudster edits the DNS records, leading you to another web server.
Learn how to enable DNSSEC
There are 13 DNS root servers, named with the letters from “A” to “M”. But in reality, those 13 servers have different locations. So, there are hundreds of root servers, spread all over the world. The management of the root server is the responsibility of ICANN (Internet Corporation for Assigned Names and Numbers).
DNS records are pieces of information that help the Domain Name System get you to the right place when you enter a domain name into your browser. Here you will find all the different types of DNS records.
Usually, a domain name uses the name servers of the company where it is registered, i.e. the registrar (e.g. Combell). Each domain name has (at least) two name servers. The reason for this is security: if one fails, the other can take over immediately.
You can find both your registrar and the set name servers through a whois search.
Is your domain name registered with Combell? Follow these instructions to change your name servers.
When you send a request to the DNS, but there is no response (just the sound of crickets chirping), you will receive an error message. One cause may be that your Internet connection is down, or that the DNS servers of your provider are overloaded.
Changing your web browser or adjusting your firewall settings can sometimes fix the problem. It may also help to restart your router.
If these solutions do not work, you should check with your provider whether there is a problem there. If necessary, you can also replace the DNS server of your provider with a public DNS server, such as the one provided by Google (188.8.131.52).