All About DNS: From How It Works to Related Security Concerns
Websites, laptops, tablets, servers, and all other devices that connect to the internet have an Internet Protocol (IP) address that enables them to find and communicate with one another. How would you feel, then, if you had to remember and type longer and newer alphanumeric IP addresses like 2400:cb00:2048:1::c629:d7a2 every time you wanted to go to Twitter, Facebook, LinkedIn, or any other website? Not very happy, I presume. But thanks to the Domain Name System (DNS) you don’t have to.
To better understand all about it and the way it works, this article will explain the following topics:
- What is DNS and when is it used
- How does it work
- Types of DNS service
- What happens when it’s not responding
- Some security concerns
- Setting up DNS and domain forwarding with BGOcloud
Understanding The Domain Name System
DNS or Domain Name System is an integral part of the World Wide Web as it’s the only way that simplifies how you gain access to the online space and go to your favorite websites. Basically, it is used as a mechanism that maps human readable domain names (www.bgocloud.com) to machine readable IP addresses (109.160.71). Other systems use these unique numbers to find a certain device.
So instead of trying to memorize them for each and every site that you use, you simply remember the name and enter it in the URL bar. Next, your browser loads the Internet page.
Explaining The Way DNS Works
The Internet’s Domain Name System is a bit like a phone book. It does all the work when it comes to mapping numbers and names, routing an end user to a given website. It all starts when you add the website name and press Enter in the url bar. The DNS, then, translates these requests (quarries) by routing them to a resolver (usually managed by the user’s Internet service provider). Its role is to check one DNS server at a time in order to find the location of the IP address.
The resolver first forwards the queries to a DNS root name server. It translates the human readable host names into IP addresses. After that, the resolver sends it to one of the TLD name servers. This is the moment when the name server for the given .com domain responds to the request. After figuring out the IP address that the user needs, the resolver sends the value to the browser.
The web browser takes it on from here, forwarding a request for the given website to the IP address. What happens next is that the web server returns the web page to the browser. And the website content (text, images, video, etx) finally shows up to the user so she or he can start interacting with it.
Types of Domain Name System Servers
In essence, there are 4 DNS servers involved in the process:
- Recursor – receives queries from client machines through the web browsers.
- Root server – translates the domain name into an IP address.
- TLD nameserver – hosts information for domain names with the same domain extension, like .com, .net., etc.
- Authoritative nameserver – provides answers to the recursive nameservers with key information like an IP address and where exactly it can be found.
What Happens When One Such Server Fails to Respond?
There are times when you may encounter the following message: “DNS server isn’t responding” when you try to access a website. What does this mean? Generally, it happens when the DNS server fails to return the requested result and the reason for this could be due to:
- Bad/no internet connection which compromises the communication between your browser and the DNS server.
- Outdated DNS settings or a web browser.
- Some sort of a server problem like a power outage at the data center where it’s located, for example.
What Are Some DNS Security Concerns to Watch Out For?
The internet space is powerful but quite vulnerable, exposing not only end-users but service providers at certain risks. In terms of DNS, there are various DNS cyberattacks that aim at exposing security holes and vulnerabilities and take advantage of this breach.
For example, one of the most common DNS attacks is the DNS Server hijacking or redirection attack. This is when the queries are incorrectly resolved in a way that redirects users to other websites which are in fact purposely malicious. Usually this is carried out for phishing or pharming.
Other types of attacks on the Domain Name System include cache poisoning, distributed denial-of-service (DDoS) attack, Phantom domain attack, Domain lock-up attack, and more.
How To Set Up DNS & Domain Forwarding for cPanel
When using cPanel hosting without purchasing a new or transferring an existing domain, there are a few steps to do to point the existing domain to your new Hosting.
If moving а production website, check whether everything works smoothly and the way it should before making any changes in the DNS. To do that, you can open your page by direct link. It is sent to you with the confirmation e-mail and should look like: http://82.118.225.66/~yourdomain/ .
Then, log in to your current domain registrar control panel and point all the needed domains and subdomains to IP: 82.118.225.66 .
If you want (and we really recommend this), use our NS to manage domain records from your new cPanel at BGOcloud. It’s really straightforward and simple and all you have to do is change the current NS1 and NS2 in the domain registrar to point to:
Nameserver 1: ns1.bgocloud.com (82.118.225.67)
Nameserver 2: ns2.bgocloud.com (82.118.225.68)
Note that any changes in the DNS system, take up to 24 hours, to be updated worldwide.
Meanwhile, if you have any doubts about cPanel hosting, read our detailed guide to find out If cPanel Is the Right Choice for You.