DNS is a name resolution protocol that is used to resolve domain names to IP addresses. The internet is nothing more than a collection of network domains connected together with unique IP addresses as the identifier. It is not practically possible to remember each domain or the device based on an IP address. Instead, it is lot easier to remember the domains using names, and use some dynamic way of converting the names to an IP address.

DNS is a distributed client/server-based communication model. DNS is an application layer protocol where the client will send a DNS query carrying the domain name to the server, which in turn will respond with a DNS response for the respective IP address associated with the domain name. DNS runs on UDP port number 53. The server will maintain a database with a unique domain name and the associated IP addresses. The database can maintain the domain name or the hostnames within the domain. The functionality of converting the domain names to an IP address is known as DNS lookup.

The DNS domain name space is hierarchical in nature, that is, it is subdivided into different domains that makes it flexible and scalable. The DNS hierarchy comprises the following components:

In this chapter, we will discuss the basic principles of the DNS protocol, the functionality, commonly faced issues, and the use of Wireshark to analyze and troubleshoot the protocol.