How the Domain Name System Works

From ICANNWiki
Revision as of 18:44, 8 September 2014 by Simoncousins (talk | contribs)
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
This article is neutral, but is sponsored by Dyn, Inc.,
a leading provider of DNS & DNSSEC services and solutions.
Lean more about their services here.
ICANNWiki Silver Sponsor

The DNS (Domain Name System) is the system used to translate alphanumeric domain names into Internet Protocol numbers. Simply put, the DNS converts the names typed in the Web browser address bar into IP addresses. [1]


The DNS is made up of many servers and databases which, through a series of lookups in various caches, configure Domain Names into IP Addresses. The Domain Name System is a distributed database arranged hierarchically; its purpose is to provide a layer of abstraction between Internet services (web, email, etc.) and the numeric addresses (IP addresses) used to uniquely identify any given machine on the Internet. The DNS associates a variety of information with the domain names assigned and, most importantly, translates the domain names meaningful to humans into the numerical identifiers that locate the desired destination.

How Does It Work?

The DNS makes it possible to assign domain names in a meaningful way to Internet resources as well as to users, regardless of the entity's location. As a result, the WWW hyperlinks remain consistent, even for mobile devices. A domain name is an easy way to remember an address, but that needs to be converted to its numerical, IP format. [2]

Coordination across the Internet is maintained by means of a complex authoritative root system known as the Top Level Domain (TLD), as well as the DNS and other smaller name servers responsible for hosting individual domain information. For each domain, the DNS spreads the responsibility by mapping the domain names and assigning them into IP addresses, and vice-versa. This is accomplished through authoritative name servers which have been designated for each domain. Each authoritative name server is responsible for its own particular domain, but it has the authority to assign new authoritative name servers to any of its sub-domains. The DNS is able to store many types of information, even the mail server lists for a specific domain. The DNS is a core element which ensures the functionality of the Internet through its distributed keyword-based redirection service.

However, the DNS does not include security extensions, which was instead developed as DNSSEC.

The Structure of a DNS

The Domain Name System presents the following structure:

  • Domain space name: represented by tree of domain names with nodes and leaves [3]
  • Domain name syntax: rules include in standards like RFC 1035, RFC 1123, and RFC 2181
  • Name server
  • Domain names Internationalized
  • DNS resolver: initiates the queries will finally lead to the complete translation (resolution) of the information.

DNS Services

These types of services include:

  1. Managing the DNS
    1. By means of powerful, secure and complete tools and DNS administration options such as Manage A records or MX records
    2. By means of controlling and managing the traffic
  2. Hosting the DNS
    1. Efficient DNS resolution
  3. Location DNS services: to ease visitors' work, increase visitors' satisfaction and strengthen the relationship with all visitors.[4]

Recent developments

In 2012, an IETF draft proposal, called "DNS Extension for Autonomous Internet (AIP)," was written by three Chinese technologists suggesting a method of operating alternate DNS root servers within national boundaries using gateways for translation. All DNS requests would carry an additional TLD, in order to designate that the requests were being sent to an alternate root.

Domain node “” in network B is expressed as “” for its external domain name.

The proposal would allow greater governmental control over the Internet.[5]

Chinese version of this page/本页中文版





DNS使人们能够将域名以有意义的方式分配给互联网资源以及用户,而与实体的位置无关。因此,即使是对于移动设备而言,“WWW”超链接也得以保持一致。人们通过域名更加容易记住一个地址,但是连接到互联网时,这个域名需要被转化为相应的数字形式,即IP格式。[7] 互联网中的协调由一个复杂的授权根系统,即顶级域 (TLD),以及DNS和其他负责托管单个域信息的小型名称服务器进行维护。对于每个域而言,DNS都通过映射域名并将之指定给IP地址来分担责任,反之亦然。这是通过已经指定给每个域的授权名称服务器来完成的。每个授权名称服务器负责其自身的特定域,但是它有权将新的授权名称服务器分配给它的子域。DNS能够存储各种类型的信息,甚至是某个特定域的电子邮件服务器列表。DNS作为能够确保互联网功能正常的核心元素,它的作用是通过其基于关键字的分布式重定向服务来实现的。 但是,DNS不包括安全扩展,而是被开发为域名系统安全扩展(DNSSEC)。



  • 域名空间:由含有节点和分支的域名树状结构表示[8]
  • 域名语法:比如包含在RFC 1035RFC 1123RFC 2181这些标准中的规则
  • 名称服务器
  • 域名国际化
  • DNS解析器:发起查询最终将引起对信息的完整转换(解析)



  1. 管理DNS
    1. 借助于强大、安全而且完备的工具和DNS管理选项,比如管理A记录或邮件交换记录
    2. 通过控制和管理通信量
  2. DNS托管
    1. 有效的DNS解析
  3. 定位DNS服务:减轻访客的工作量,提升访客满意度并强化与所有访客的关系。[9]


在2012年,三位中国技术人员起草了一份 IETF提案草案,被称为“自治互联网(AIP)的DNS扩展”,他们提出一种在国家边界内运作替代DNS根服务器,使用网关进行转化的方法。所有的DNS请求都将携带一个附加顶级域,用以指定将请求发送至一个替代根。



Chinese translation of this page provided thanks to TLD Registry Ltd.


Related Articles