Networks Training

You are here: Home / General Networking / DNS Port Number – What is Domain Name System – How DNS Works

DNS Port Number – What is Domain Name System – How DNS Works

DNS (Domain Name System) is the system that translates an Internet or Host name (that is easier for people to remember) to an IP address. In this article we’ll describe how DNS works, what port numbers are used for DNS protocol etc so keep reading for all info below.

guide about domain name system

What is DNS

A Domain Name could be for example http://networks-trainingwp.8rkhfrrwpy-e9249nqvk6kr.p.runcloud.link (i.e the website you are reading right now) that the DNS translates to an IP address (example 74.54.219.242).

Keep in mind that every domain name on the Internet must be associated with an IP address (either IPv4 or IPv6). This is required in order to reach this domain (i.e the webserver hosting the domain) over the Internet. Note that all TCP/IP communication is based on IP addresses.

If the address is registered in a reverse lookup zone, the IP address is translated back to the DNS name and it is called “reverse DNS lookup” or simply r-DNS.

A DNS system consists of two parts: a server and a resolver. The server keeps information about which DNS names correspond to which IP addresses. A Resolver is the software on the DNS client who is asking the server for information.

Therefore, a DNS server contains mappings/associations of Domain Names to IP addresses. If a specific DNS server does not know the IP address of a domain, it will ask a different DNS server (the authoritative server) to find out the correct IP-to-Domain mapping.

A DNS name consists of a host (e.g www means it is a webserver) and domain (e.g networkstraining.com). Domains are unique and are recorded in global databases.

MORE READING:  10 Different Types of Networks

How DNS Works

simple dns operation

Image Source

The image above shows a simple operation of how domain name system works to provide the IP address of a website.

Let’s see that below:

  • A user (shown as computer host on the top left) opens a browser and wants to visit website abcd.com/index.html
  • Every computer as we know has some network settings configured. These network settings (configured to its Ethernet card or WiFi card) include the IP address of the computer itself and also the IP address of the DNS server (for example this DNS server address can be given to you from your ISP or you can use well known Internet DNS servers such as the Google server which is 8.8.8.8)
  • The computer that wants to visit the above website does not know yet the IP address of abcd.com.  Therefore, it will ask its DNS server “what is the IP address of abcd.com ?” as shown on the picture above.
  • The DNS server will reply back to the computer with an answer “The IP address of abcd.com is 156.1.2.3” for example.
  • Therefore, now the user’s computer will start sending packets to the above IP address which corresponds to the website that the user wants to visit.
  • Note that if the DNS server above does not know the IP address of the specific domain, it will ask other DNS servers on the Internet (authoritative servers) to learn the address and then forward it to the end user.

What is DNS Port Number

DNS uses both TCP and UDP port 53

The most frequently used port for DNS is UDP 53. This is used when a client device (e.g a computer, smartphone etc) communicates with a DNS server in order to resolve a specific domain name (as described above). Keep in mind that when using UDP 53 for DNS, the maximum size of the query packet is 512 bytes which might not be enough as we will see below. 

MORE READING:  Important Points to Know About IPV6

TCP 53 is used mainly for Zone Transfers (see explanation below) and also when the query exceeds 512 bytes. This is valid when DNSSEC is used which adds extra overhead to the DNS query (cryptographic keys, signatures etc). Also, now with IPv6, the query reply packets can also get bigger than 512 bytes.

How to allow DNS through Firewall

From the internal network, you should allow outbound traffic on both TCP and UDP ports 53 towards a trusted external DNS server (e.g the server provided by your ISP).

 If you manage a firewall protecting a DNS server, you should allow UDP 53 from your clients and restrict TCP 53 only from other trusted DNS servers that you want to have zone transfers.

What are Zone Transfers

A Zone Transfer is replication of DNS records from one DNS server to another. This communication uses TCP port 53. Basically it is a fast way to replicate the DNS database of one server across to other servers. The DNS query type used for zone transfer is AXFR.

For security reasons, you must configure the DNS server (e.g BIND) to allow only zone transfers from other trusted servers ONLY. If you allow zone transfers from anyone, a hacker can request a zone transfer to your server and replicate all of its database to itself.

Different DNS Server Software

Here are the most popular DNS server software used in networks:

  • BIND (open source and free)
  • Microsoft DNS
  • Big-IP DNS (from F5)
  • CNR DNS (from Cisco)
  • PowerDNS
  • etc

Related Posts

About Harris Andrea

Harris Andrea is an Engineer with more than two decades of professional experience in the fields of TCP/IP Networks, Information Security and I.T. Over the years he has acquired several professional certifications such as CCNA, CCNP, CEH, ECSA etc.

He is a self-published author of two books ("Cisco ASA Firewall Fundamentals" and "Cisco VPN Configuration Guide") which are available on Amazon and on this website as well.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About Networks Training

We Provide Technical Tutorials and Configuration Examples about TCP/IP Networks with focus on Cisco Products and Technologies. This blog entails my own thoughts and ideas, which may not represent the thoughts of Cisco Systems Inc. This blog is NOT affiliated or endorsed by Cisco Systems Inc. All product names, logos and artwork are copyrights/trademarks of their respective owners.

Amazon Disclosure

As an Amazon Associate I earn from qualifying purchases.
Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or its affiliates.

Suggested Cisco Training

CISCO CERTIFICATION TRAINING
CISCO CCNA 200-120 TRAINING
CCNA SECURITY 640-554 TRAINING
CCENT ICND1 TRAINING
CISCO ICND2 TRAINING
CISCO CCNP TRAINING
shares