Computer Network – Principle of DNS Protocol

Published: June 16, 2022

Last Modified: March 1, 2023

Computer Network – Principle of DNS Protocol 


This blog post mainly introduces the knowledge and principles of DNS protocol and DNS server. Help everyone understand the working principle of domain name resolution in computer networks.

1. DNS protocol

DNS (Domain Name System) is the English abbreviation of “Domain Name System”. It is a computer and network service naming system organized into a domain hierarchy. It is used in TCP/IP networks. The job of converting domain names to IP addresses. DNS is such a “translator”, and its basic working principle can be represented by the following figure:

2. DNS Domain Name Space Structure

  • Root domain: The use of DNS domain names specifies that a trailing period ‘.’ is used to designate a domain hierarchy whose name is at the root or higher level.
  • Top level domain: used to indicate a country, region or organization. Takes three characters, such as com -> commercial company, edu -> educational institution, net -> network company, gov -> non-military government agency, and so on.
  • Second-level domain: The registered name used by an individual or organization on the Internet. Use two characters, such as: cn -> for China, jp -> Japan, uk -> UK, hk -> Hong Kong, etc.
  • Host: The host name is at the bottom of the domain name space structure. The combination of the host name and the domain name constitutes the FQDN, and the host name is the leftmost part of the FQDN.

3. The principle of DNS resolution

When a DNS client needs to look up a name used in a program, it queries a local DNS server to resolve the name. Each query message sent by the client includes 3 pieces of information to specify the questions the server should answer.

  • The specified DNS domain name, expressed as a fully qualified domain name (FQDN).
  • The specified query type, which can specify resource records by type, or as a specialized type of query operation.
  • The specified category of DNS domain names.
For DNS servers, it should always be specified as the Internet category. For example, the specified name can be the fully qualified domain name of the computer, such as, and the specified query type is used to search for address resource records by that name.
DNS queries are resolved in a variety of different ways. Clients can also sometimes answer queries in-place by using cached information obtained from previous queries. The DNS server can use its own cache of resource record information to answer queries, or it can query or contact other DNS servers on behalf of the requesting client to fully resolve the name, and then return a response to the client. This process is called recursion. The client itself may also attempt to contact other DNS servers to resolve the name. If the client does this, it will use separate and additional queries based on the server’s answer, a process called iteration, that is, an interactive query between DNS servers is an iterative query.
  •  Enter the domain name in the browser, the operating system will first check whether the local hosts file has this URL mapping relationship, if so, it will call the IP address mapping first to complete the domain name resolution.
  •  If there is no mapping of this domain name in the hosts, look up the local DNS resolver cache to see if there is a mapping relationship for this URL, and if so, return directly to complete the domain name resolution.
  •  If there is no corresponding URL mapping between the hosts and the local DNS resolver cache, the preferred DNS server set in the TCP/ip parameters will be found first. Here we call it the local DNS server. When this server receives a query, if it wants to The queried domain name is included in the local configuration area resources, and the resolution result is returned to the client to complete the domain name resolution, which is authoritative.
  •  If the domain name to be queried is not resolved by the local DNS server area, but the server has cached the URL mapping relationship, call the IP address mapping to complete the domain name resolution, which is not authoritative.
  •  If the local area file and cache resolution of the local DNS server are invalid, the query will be made according to the settings of the local DNS server (whether to set the forwarder or not). If the forwarding mode is not used, the local DNS will send the request to 13 root DNS. After the DNS server receives the request, it will determine who the domain name (.com) is authorized to manage, and will return an IP responsible for the top-level domain name server. After the local DNS server receives the IP information, it will contact the server responsible for the .com domain. After the server responsible for the .com domain receives the request, if it cannot resolve it by itself, it will find a next-level DNS server address ( that manages the .com domain to the local DNS server. When the local DNS server receives this address, it will look for the domain server, repeat the above actions, and query until it finds the host.
  •  If the forwarding mode is used, the DNS server will forward the request to the upper-level DNS server, which will be parsed by the upper-level server. If the upper-level server cannot be resolved, either find the root DNS or forward the forwarding request to the upper-level server. , this cycle. Regardless of whether the local DNS server uses forwarding or root hints, the result is finally returned to the local DNS server, and the DNS server then returns it to the client. From the client to the local DNS server is a recursive query, and the interactive query between the DNS servers is an iterative query.