To understand how DNS works, we will use the analogy of phone directories. If you wished to enumerate all phone numbers, you would proceed like this
foreach country in world; foreach state in current_country; foreach city in current_state; list_city_phone_directory
DNS is composed of many key-value collections known as zones. Zones are stored on nameservers. A zone can be thought of as the book while the nameserver can be thought of as the shelf.
We process from right-to-left.
foo.bar.baz.com., we begin by locating the
comzone and traverse reach the authoritative zone that has the value for
foo. A zone may not have the record itself but may know the location of the next-hop zone. In this case it has an NS record
Using the phone metaphor
(this was a writing exercise in using the Feynman Technique
We want to find a number for Protovision Games, Seattle, Washington, US.
This is equivalent to a fully qualified domain name.
We already have a list of every country and the appropriate library.
This is the equivalent of a DNS root zone.
Each library is completely different building controlled by a different entity. In fact, there are some we don't even know about.
The library is analogous to a DNS top level authority . A DNS top level authority has governance over one or more top level domains. (e.g. Verisign for .com, .net, .org, or the US gov for .mil and .gov)
The sign on the ground floor of the library directs us for Washington go to 4th floor.
req: ProtovisionGames.Seattle.Washington.US. A? res: Washington.US. NS floor4
We check the directory on the 4th floor and it says the Seattle phonebook is at 646.82,
req: ProtovisionGames.Seattle.Washington.US. A? res: Seattle.Washington.US. NS 646.82
We check the phonebook at 646.62 and it gives us the number
The phone book is said to be an authoritative zone because it can respond with the actual number instead of the next-hop directory
req: ProtovisionGames.Seattle.Washington.US. A? res: ProtovisionGames.Seattle.Washington.US. IN A 311-555-2368
Suppose you had a phone number fetching servant who you send off to the library whenever you need a number.
He is able to remember a maximium of x numbers and will forget them if they haven't been requested in the past 2 hours. This is a good metaphor for DNS caching caching functionality.
This is very useful in a LAN environment because popular records will almost always be retrieved from cache rather than an external lookup, resulting in faster loading of webpages and reducing traffic
We can override the value of records by permanently storing bogus data in cache. This is how we override the IP address of ad domains with that of the PixelServer