What is a DNS server?

A DNS server plays a fundamental role in how the Internet works by translating user-readable domain names (such as www.example.com ) into IP addresses that computers and networks can understand.

This DNS resolution is essential for establishing a connection between the user’s browser and the server that hosts the data being searched for. In other words, the DNS acts like a communication network, ensuring that each request quickly results in the right web service or information.

Without this mechanism, users would have to memorize and enter complex IP addresses to access web pages, making browsing much less intuitive. Thanks to DNS, the fluidity and ease of use of the internet are ensured.

A simple web search triggers a complex process called DNS resolution, allowing users to quickly access the web pages they want. Here are the key steps of this system:

1. The user enters a URL in their browser
   With their internet connection, users can enter a URL, such as ‘ovhcloud.com’, into their browser. This request is sent to the DNS resolver via the modem-router.
    
2. The DNS resolver initiates resolution
   Usually managed by the Internet Service Provider (ISP), the DNS resolver sends the request to the root DNS server.
    
3. The root DNS server directs the query
   The root server identifies the extension (Top-Level Domain or TLD) associated with the domain name ‘ovhcloud.com’, in this case the .com, and returns the address of the DNS server responsible for this TLD to the resolver.
    
4. The DNS resolver continues the search
   The resolver then forwards the request to the DNS server responsible for the TLD, which replies to it, this time specifying the address of the authoritative DNS server for the domain being searched for.
    
5. The authoritative DNS server provides the IP address
   The resolver sends the request to the authoritative server, which consults its DNS records and returns the IP address of the web server associated with the domain name.
    
6. DNS cache optimizes the process
   The IP address is then transmitted to the browser and stored in the local DNS cache to speed up subsequent requests.
    
7. Connect to the web server and view the page
   Finally, the browser uses the IP address provided to send an HTTP request to the web server. In response, the domain name will provide the content for the requested webpage, in this case the ‘ovhcloud.com’ homepage.

DNS zone and subdomains

A DNS server works by relying on a file called a DNS zone. This file contains essential information on the domain name and its sub-domains, organized in the form of records. These records can be used to direct requests to the correct servers and services associated with the domain.

The different types of DNS records

Each type of record plays a specific role in managing domain-related information:

• A record: It associates a domain name with an IPv4 address.
• AAAA record: Similar to A record, but for IPv6 addresses.
• CNAME record: Allows you to create an alias for a domain name, such as a subdomain (e.g. mail.domain.com).
• MX record: Redirects emails to the associated email server.
• TXT record: Contains textual information, often used for domain validation or security (e.g. SPF, DKIM, DMARC).
• SOA record: Provides information about DNS zone administration, such as when the DNS zone was last updated.
• NS record: Identifies the DNS servers responsible for managing the domain.

For each record, a value called Time To Live (TTL) determines how long the record can be cached before it is updated.

Subdomain management

A subdomain is an extension of the primary domain. For example, in "blog.example.com", "blog" is the subdomain. Sub-domains are used to organize and differentiate specific sections or services of a website. Their management is also defined in the DNS zone.

The importance of DNS security

DNS security is a vital aspect of protecting domains and ensuring reliable internet browsing. Without adequate protection, DNS servers can become vulnerable to attacks that compromise user data and disrupt online services.

The main threats related to DNS

1. DNS cache poisoning
   This attack consists of inserting false information into the DNS cache of a resolver server, redirecting users to malicious sites.
    
2. The spoofing DNS
   Similar to cache poisoning, this technique is used to steal the identity of a DNS server to deter requests and deceive users.
    
3. Denial of service (DDoS) attacks
   These attacks target DNS servers to overwhelm them with requests, making the associated services unavailable.

Protect your domains with DNSSEC

To counter these threats, the use of DNSSEC (Domain Name System Security Extensions) is essential. DNSSEC adds a cryptographic validation layer that guarantees the integrity and authenticity of DNS data transmitted between servers. With DNSSEC, users can thus be sure of accessing legitimate sites associated with the domains they are looking for.

Best practices for securing your DNS

• Enable DNSSEC for all your domains.
• Choosing a reliable DNS provider with robust security measures.
• Configure your DNS zone correctly, and limit unauthorized access.
• Set up a monitoring system to detect suspicious activity on your DNS servers.

It’s a very simple process. Simply go to the section dedicated to your domain name in your Control Panel. You can then change the current DNS servers and replace them with the external server addresses. You can also check out our detailed guide on managing and modifying DNS servers.

Yes, you can fully configure your DNS zone file. You can do this via the OVHcloud Control Panel. Use our tool to simply add elements by entering their information. You can also edit your DNS records manually in text mode, and keep a local backup.

The price of your domain name depends on several factors, including the chosen extension. However, a cheap domain name does not mean that it is less appealing than any other. You can choose a domain name extension that best suits you, depending on your needs. For example, if your business is related to travel and tourism, you could choose an extension relating to this sector, such as .travel. As a registrar, OVHcloud takes care of the administrative steps between its customers and the domain name registry.

If your website is inaccessible, the error may be due to your DNS configuration. If your DNS server not responding or is unavailable, You can refer to our documentation to resolve your unreachable server issue.

Yes, you can modify your browser’s DNS server. Head to your browser’s network settings to make the necessary changes. You can usually choose a different provider directly, or you can enter the primary and secondary DNS manually. It might be listed as primary DNS, primary zone or primary server, and secondary DNS, secondary zone or secondary server. You can also modify the DNS zone on Windows in the network settings. On Linux (Debian and Ubuntu), you can edit the configuration in the command line, via the console and/or terminal.