Domain to IP Address – Understanding Internet’s Treasure Hunt

If not for the domain to IP address conversion, we will have to remember Google as 64.233.191.255 instead of just Google.com. Fortunately, that’s not the case, thanks to DNS lookup. It is a process of resolving a domain name to an IP address. So how does it work? That is what this article will be covering in detail.

Table of Content

• What is an IP Address?
• What is a Domain Name?
  • Top-Level Domain (TLD)
    • Country Code TLD
    • Generic TLD
    • Infrastructure TLD
  • Labels
• What is the Domain Name System?
  • Root Server
  • TLD Nameserver
  • Authoritative Nameserver
• Understanding the Domain Registration Process
  • Domain Registry
  • Domain Registrars
  • How Does Domain Registration work?
• DNS Lookup: Domain to IP Address
• Caching to Improve DNS Lookup
  • Local DNS Cache
  • Recursive Resolver Cache

What is an IP Address?

IP Address is a 32-bit unique numerical label assigned to computers in a computer network. In simple terms, if your home is a computer and the street is a network, then your address is the IP address that allows anyone to identify your home and reach you.

Similarly, any computer in the network can use the IP address to communicate with any other computers in the same network. A typical IP address looks like this: 64.133.155.10

You can type an IP address of servers like Google or Facebook in your browser to access it. But it is not intuitive, and it is hard to remember. Hence, we started giving aliases to IP addresses. These aliases are called domain names.

What is a Domain Name?

A domain name is a text-based identifier used to identify a computer in a network – an alias of IP address. A domain name primarily consists of two parts – Top-level domain and label. A typical domain name looks like this: google.com, where “google” is the label, and “.com” is the TLD.

Top-Level Domain (TLD)

Top-level domains are used mainly to indicate the general purpose of the service provided by the server that is behind the domain name. The maximum length of TLD is 63 characters, which can include special characters and Latin characters. TLDs are predefined and managed by ICANN, and one cannot create a TLD arbitrarily.

At the time of writing, there are 1530 top-level domains. See the full list on Wikipedia.

Top-level domains are broadly categorized into three categories:

• Country Code TLD
• Generic TLD
• Infrastructure TLD

Country Code TLD

It is a two-letter TLD generally reserved for a country or sovereign state. But it is not restricted to government bodies even local businesses can get a domain with country code TLD. For example, the .us domain is for the United States, and the .in domain is for India.

Generic TLD

It is one of the oldest TLD developed during the early days of the internet. At first, they were intended for services that don’t fall in the country code category, hence the name Generic TLD. It consists of TLDs like .com, .org, .net, .info, etc. Some Generic TLDs like .gov are restricted, and only government bodies can avail one.

Infrastructure TLD

This group of TLD consists of only one TLD .arpa. It is used only by IANA (Internet Assigned Numbers Authority).

Labels

It is a case insensitive component that comes before the TLD in a fully qualified domain name. It can range from 1-63 characters in length and can include A-Z, 0-9, and – symbol, but the – symbol cannot appear as the first or last character of a label.

A domain address can contain any number of labels separated by dots. For example, del.icio.us is a valid domain name where del is called subdomain, icio is called Secondary Level Domain, and .us is the TLD. If a person owns a Secondary level domain, they can choose to create any number of subdomains with it like drive.google.com and adwords.google.com.

What is the Domain Name System?

Domain name system (DNS) is like a centralized database that stores all the domain to IP address mappings. It is structured in a hierarchical fashion that comprises of many DNS Zones.

A request is made to the DNS when a domain to IP address translation is required. This request is called the DNS query. It will first hit the root DNS zone and moves down the hierarchy until it reaches the name server that can give the IP address of the domain name.

Root Server

The name servers that serve the root DNS Zone is called the “root server.” The root server is a network of 13 name servers. Each of these 13 name servers consists of many servers that are clustered together for redundancy. Internet Corporation for Assigned Names and Numbers (ICANN) is responsible for managing the root server.

The root server contains the IP addresses of all the TLD name servers. So when a DNS query hits the root server, it will be able to forward the query to the appropriate TLD name server.

TLD Nameserver

The TLD name servers serve a DNS zone that contains information about all the domain names with the same TLD. Internet Assigned Numbers Authority (IANA), a department of ICANN, is responsible for managing the TLD name servers.

A DNS zone that manages .com domains will have the authoritative name server information of all the .com domain names. So when a DNS query hits the TLD name server, it will be able to forward the query to the authoritative name server.

Authoritative Nameserver

The authoritative name server contains the IP address of the domain name that it serves. It can include many DNS record types like A Record, CName, MX record, etc.

If the authoritative server has an A record for the domain, then the domain to IP address translation ends here. But if it has a CNAME record, then a new DNS query made for the CNAME.

Understanding the Domain Registration Process

Now that we know the structure of the Domain Name System, it is time to understand how the domain registration process works. The Internet Corporation for Assigned Names and Numbers (ICANN) is responsible for managing the Root name servers and TLD name servers. They outsource the management of 12 root servers and TLD name servers to other organizations.

Domain Registries

Registries are organizations that are responsible for managing TLDs like .com and .info.

For example, VeriSign is responsible for managing .com domains. They maintain a database for all domain names with .com TLD along with their registration information (whois information).

Domain Registrars

Domain Registrars sells domain names on behalf of the Domain Registries. In return, they pay a fee to Domain registries for each domain name sold.

For example, BlueHost, HostGator, and GoDaddy are all Domain Registrars.

How Does Domain Registration Work?

When a user registers a domain name using one of these Domain Registrars, they will notify the Domain Registry to reserve the domain name. It will also provide the registrants’ information and IP address of the authoritative name servers for the domain name. The Domain Registry will store this information in its database. That is how TLD name servers know about the authoritative name server.

DNS Lookup: Domain to IP Address

The Internet Service Provider (ISP) will have a server called “Recursive Resolver,” which is responsible for driving the entire domain to the IP address translation process. The Recursive resolver is programmed with the IP addresses of all 13 name servers. It walks through the DNS hierarchy, starting from Root Server to find the IP address of the given domain name.

The following steps describe the steps involved in translating a domain to an IP address.

1. The user enters the domain name in the browser’s address bar.
2. The browser sends a DNS query sent to the Recursive Resolver maintained by the Internet Service Provider.
3. The Recursive Resolver then forwards the DNS query to one of the 13 root servers.
4. The Root server returns the IP address of the TLD name server based on the domain name’s TLD.
5. The Recursive Resolver receives the IP address of the TLD name server and forwards the request to it.
6. The TLD name server returns the IP address of the Authoritative name server.
7. The Recursive Resolver receives the IP address of the Authoritative name server and forwards the request to it.
8. The Authoritative name server returns the IP address of the server or returns a CNAME.
9. Authoritative name server returns an IP address, the Recursive resolver completes the DNS lookup and returns the IP address to the browser. Then the browser will make an HTTP request directly to the server using the IP address.
10. If the Authoritative name server returns a CNAME, the Recursive resolver starts the whole process again by creating a new DNS query for the CNAME.

Caching to Improve DNS Lookup

There are various caching techniques used to speed up the DNS lookup process. So, the next DNS query for the same domain will be faster.

DNS Caching works based on the Time To Live (TTL). Once the time passes, the cache will be purged automatically.

Local DNS Cache

After translating a domain to IP address for the first time, our computers will put the data into a local cache. The next time it needs to translate the same domain, it will read from the cache instead of making a DNS query to the Recursive Resolver.

In Windows, to see all the cached records open Command Prompt and type the command ipconfig /displaydns and press Enter.

If you want to clear the DNS cache in windows, then run the command ipconfig /flushdns.

Recursive Resolver Cache

Recursive resolver also caches the information when it translates a domain to IP address for the first time. So, the next time when it receives the DNS query for the same domain name the following happens:

1. If an A record of the domain name is in the cache, it will return the IP address skipping the whole DNS lookup.
2. If it has the IP addresses of Authoritative name servers of the domain, it will directly query it instead of going through the Root and TLD name servers.
3. If the IP address of the TLD name server (most liked it will have) is in the cache, it will query the TLD name server directly bypassing the root server.
4. If the cache has no information on the requested domain name and the TLD, then it starts the DNS lookup by asking the root servers.

Unlike local cache, it can benefit many clients when they use the same Recursive resolver. For example, You and your neighbor are using the same ISP, and you visit google.com first. The Recursive Resolver would’ve translated the domain to IP address and stored the information in its cache. Now, if your neighbor visits google.com, the Recursive Resolver will return the cached data.

I hope it helped you understand the domain name system, domain to IP address translation, and the domain name registration process.

PS: It is hard to understand every bit of the domain name system fully. If you find any information to be incorrect let me know in the comments.