What are DNS hosts

DNS server


DNS servers are the basis of the Internet's Domain Name System (DNS). They store the public IP addresses belonging to host names and other data. The IP addresses are required when a specific website, device or other network system is to be accessed via the Internet. DNS servers are a type of name server.

How a DNS server works

Illustration: DNS server - Author: Seobility - License: CC BY-SA 4.0

The name of a domain such as google.de, which is easily remembered by humans, is less suitable for communication between computers over the Internet. So that computers and other devices can communicate with each other over the Internet or other networks, each device is assigned its own unique IP address. IP addresses, like long telephone numbers, are again difficult to remember for people. The Domain Name System (DNS) combines the requirements of humans and computers by enabling a connection, for example to a website, without the user having to know the IP address of the website. DNS servers play an important role here.

The function of a DNS server is to translate the name of a domain, such as google.de, into its respective IP address. During a query to resolve the domain name, the DNS records on the server are searched and, if available, the record of the domain name is returned. If the IP address / domain assignment does not exist on the requested DNS server, the request is forwarded to other DNS servers until the entry for the respective domain is found.

When a user enters the URL of the page in their browser to access a website, the DNS cache on the computer is first searched for the associated IP address. This cache contains the addresses of pages that have already been visited so that you don't have to ask the name server every time a website is called up. If the information is not available there, the request is forwarded to the next DNS server in the local network. This is usually the router that connects to the Internet. If the result is also negative, a query is made to the DNS server of the Internet Service Provider (ISP). If the information is not stored here either, the DNS name server of the ISP asks the root name server that is responsible for the relevant top-level domain (TLD). The root name server in turn forwards the request to the NIC DNS server responsible for the zone. The NIC DNS server for the TLD "de" is DENIC.

The DENIC name server then sends the address of the so-called authoritative name server back to the ISP's server. The ISP name server uses this information to ask the authoritative name server responsible for the zone. This server then delivers the searched IP address to the ISP's server, which forwards it to the browser via the router. The website can then be accessed with this IP address.

If no IP address can be found, an error message is returned. The browser then shows that the website could not be found or may not exist.

The information provided by an authoritative name server is binding and trustworthy for other servers. Examples of non-authoritative DNS servers are the router or the ISP's server. In order to be able to answer new inquiries for the same domain more quickly in the future, the information is temporarily stored in the cache of the DNS server for a certain period of time, the so-called Time To Live, or TTL for short. The TTL can vary from a few minutes to several days, depending on the server configuration.

Requirements for a DNS server

DNS servers typically do not verify that the information and data they receive and store is correct or from a legitimate source. This is because the Domain Name System still functions today as it did when it was implemented in the early days of the Internet. Back then, the system was only used by universities and research centers, and there was no reason to believe that anyone was distributing fake DNA information. These days, hackers use this lack of verification to smuggle in falsified data, to gain access to confidential information, or to redirect users to other servers using attack methods such as DNS spoofing, cache poisoning or man-in-the-middle attacks. For this reason, the security requirements for DNS servers have increased significantly.

The security of the DNS server can be increased with protective measures such as DNSSEC (Domain Name System Security Extensions). Similar to SSL / TLS, these use cryptographic encryption with public keys. Furthermore, DNS based Authentication of Named Entities, abbreviated DANE, offers a collection of protocols for the secure authentication of users.

Relevance of the DNS server for SEO and online marketing

The resolution of an IP address always takes some time and thus has an impact on the loading time of a website. This process is usually completed in a few fractions of a second. However, if there is a delay, this results in a longer loading time and thus often higher bounce rates, as the user experience is impaired. Since the bounce rate is an important ranking criterion, the ranking of a website can be negatively influenced. To prevent this, webmasters can use the Google Search Console to track down possible errors in name resolution and, if necessary, take appropriate measures to correct them.

Related Links

Similar articles

To quote the article, just copy this link: