We use ccookies to improve your experience. By continuing to browse this site, you accept the use of cookies.

DNS Name Resolution

last news

DNS Name Resolution

An essential element of Internet infrastructure, DNS serves as a hierarchical and distributed system that translates human-friendly domain names into machine-readable IP addresses (Internet Protocol).

It is the only way to effectively contact a remote machine that an easy-to-remember name can be linked to an IP address, which has been the basic principle of name resolution since the early days of IP networks.

machine-name <-->

To stay up-to-date with the latest changes, all public machines on the internet were resolved using a file called "hosts," which was downloaded at regular intervals.

Due to the limitations of downloading "hosts" files, DNS had to meet certain design imperatives.

  •  Records need to be added to DNS uniquely and be made available to all users quickly.
  •  In DNS, multiple copies of information are always maintained. We cannot rely on a single server.
  •  In DNS, information is organized into hierarchical levels, with a "zone" at each level, and a "." zone at the top.
  •  All DNS records are stored in several "sub-databases" (DNS zones). This operation facilitates administration by spreading the load across thousands of servers.
  •  Security is an essential aspect of DNS. This imperative emerged later and is not yet implemented on every DNS server. Nevertheless, we can now secure DNS operations end-to-end through the use of authentication, access control, and integrity control services.

Concept of DNS Zones

Without organization, the sheer number of DNS records would be unmanageable (it would be like having a hosts file containing millions of lines). In order to organize hierarchically, DNS zones were created. Each zone is a domain, and each branch is a zone.

The zone ". (dot)" is the root of the hierarchy and contains all TLDs (Top-Level Domains). The TLDs are the well-known extensions such as .com, .net, and so on. All our domains are sub-branches of the TLDs.

Concept of DNS Zones

According to the example above, the "edu" zone consists of the subzones "emi," "uca," and "um6p." One can also say the "." zone also comprises the subzones "ma", "com", "net", and "info".

The concept of DNS zones represents a hierarchical subdivision within the DNS namespace, making it easier to manage DNS records. Here's what you need to know:

DNS Hierarchy :

There are several levels in the DNS hierarchy, with the root at the top, represented by the dot (".") in DNS. Below the root is a zone, which corresponds to a subdomain or group of related resources.

Primary Zone :

DNS primary zones, also called forward lookup zones, are DNS zones that contain the DNS records for a domain. For example, the domain "" may have a primary zone that holds all its DNS records.

Reverse Zone :

There is also a reverse zone, which is used for reverse lookups, as opposed to primary zones. For instance, the reverse zone "" is used to convert IP addresses into domain names.

Authority and Delegation :

A zone's authority and delegation are determined by its authoritative DNS servers. DNS records in a zone are managed by these servers. Secondary DNS servers maintain copies of the primary zone and can be delegated authority to them. In most cases, delegation occurs using NS (Name Server) records that specify the authoritative servers.

Administration and Updates :

The management of zones is usually handled by network administrators. To ensure data consistency, secondary DNS servers synchronize with the primary DNS server regularly. Changes and updates to records in primary zones should only be performed by authorized administrators.

Public and Private DNS Zones :

A public DNS zone contains records that are accessible from the internet, while a private zone is used for internal purposes within a private network. Private zones may contain records that shouldn't be exposed to the public.

DNS Zone Security :

Security mechanisms such as DNSSEC (Domain Name System Security Extensions) are used for DNS zone security in order to prevent attacks and ensure DNS data integrity.

Partager ce cours avec tes amis :
Rédigé par ESSADDOUKI Mostafa
The education of the 21st century opens up opportunities to not merely teach, but to coach, mentor, nurture and inspire.