section: “cyber-shujaa” categories: [“cyber-shujaa”] title: “Dns” date: 2025-06-11
DNS (DOMAIN NAME SYSTEM
1.0 Introduction
DNS, or Domain Name System, is like the internet’s phonebook. Every device online has an IP address a string of numbers like 104.26.10.229 used to identify it. But remembering numbers isn’t exactly user-friendly. That’s where DNS steps in. Instead of typing in a complex IP, you just type something simple like tryhackme.com, and DNS handles the rest, translating the name into the right IP address so your browser knows where to go. It’s a small step that makes the internet feel human.
1.1 What is DNS
1.2 Domain Hierarchy
Top-Level Domain (TLD):
The TLD is the last part of a domain name—for example, .com in tryhackme.com. There are two main types:
- gTLDs (Generic): Like .com, .org, .edu, used to show the purpose of a website.
- ccTLDs (Country Code): Like .uk, .ca, used to show geographic location.
There are now thousands of TLDs, including newer ones like, .club, .online, and more.
Second-Level Domain (SLD):
This is the part before the TLD—tryhackme in tryhackme.com. It’s what you register and name your site. It can have up to 63 characters, using only letters, numbers, and hyphens (with a few restrictions).
Subdomain:
A subdomain appears before the SLD, like admin in admin.tryhackme.com. You can use multiple subdomains (e.g., jupiter.servers.tryhackme.com), but the full domain name must stay under 253 characters. Just like SLDs, subdomains follow similar naming rules.
1.3 DNS Record Types
DNS isn’t just for websites though, and multiple types of DNS record exist. i’ll go over some of the most common ones that you’re likely to come across.
A Record
These records resolve to IPv4 addresses, for example 104.26.10.229
AAAA Record
These records resolve to IPv6 addresses, for example 2606:4700:20::681a:be5
CNAME Record
These records resolve to another domain name, for example, TryHackMe’s online shop has the subdomain name store.tryhackme.com which returns a CNAME record shops.shopify.com. Another DNS request would then be made to shops.shopify.com to work out the IP address.
MX Record
These records resolve to the address of the servers that handle the email for the domain you are querying, for example an MX record response for tryhackme.com would look something like alt1.aspmx.l.google.com. These records also come with a priority flag. This tells the client in which order to try the servers, this is perfect for if the main server goes down and email needs to be sent to a backup server.
TXT Record
TXT records are free text fields where any text-based data can be stored. TXT records have multiple uses, but some common ones can be to list servers that have the authority to send an email on behalf of the domain (this can help in the battle against spam and spoofed email). They can also be used to verify ownership of the domain name when signing up for third party services.
1.4 Making A Request
What happens when you make a DNS request
You (the Client)
You enter a domain name (e.g., tryhackme.com) into your browser. Your device first checks its local DNS cache to see if it already knows the IP address.
Recursive DNS Server
If your device doesn’t have the answer, it sends the request to a Recursive DNS Server (usually from your ISP or a public DNS like Google). This server also checks its own cache.
Root DNS Server
If the answer isn’t cached, the recursive server queries a Root DNS Server. Root servers don’t know the final IP but can point you in the right direction.
TLD DNS Server
The root server refers the request to the Top-Level Domain (TLD) DNS Server, like one handling .com domains.
Authoritative DNS Server
The TLD server responds with the authoritative nameserver for the domain (e.g., kip.ns.cloudflare.com). This server holds the actual DNS records.
Recursive DNS Server (again)
The recursive server gets the final answer (e.g., the IP address of tryhackme.com) and caches it for future requests.
Your computer (again)
The recursive server returns the answer to your device, which also caches the result.
Connection Made
Your device now uses the IP address to connect to the actual tryhackme.com server.
1.5 Practical
What is the CNAME of shop.website.thm?
Top of Form
What is the value of the TXT record of website.thm?
Top of Form
What is the numerical priority value for the MX record?
Top of Form
What is the IP address for the A record of www.website.thm?
Top of Form
1.6 Conclusion
In conclusion, DNS is the internet’s vital translator that turns easy-to-remember domain names into the numerical IP addresses computers understand. Behind the scenes, it follows a smart, multi-step process involving caches and different types of servers to deliver the right address quickly and reliably. Understanding this flow not only helps us appreciate the complexity of the internet but also lays the groundwork for deeper exploration into cybersecurity and networking.