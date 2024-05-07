Some background knowledge on the domain name system, and how it operates, is important to understanding DNS zones.

The DNS is a hierarchical, decentralized component of the internet standard protocol responsible for converting human-friendly domain names into the internet protocol (IP) addresses computers use to identify each other on the network.1

Often called the “phonebook for the internet,” a more modern analogy is that DNS manages domain names in much the same way as smartphones manage contacts. Phones save contact numbers in searchable contact lists and eliminate the need for users to memorize individual phone numbers. Likewise, the DNS enables users to connect to websites by using domain names instead of complex IP addresses.

When a user enters a domain name into a browser, the query (often called a DNS request or DNS lookup) begins. A recursive resolver—the middleman between the client device and authoritative servers—then queries a series of servers to find the information it needs to connect the user to the wanted website. Each of these servers is responsible for a segment of the domain namespace.

The query process begins with the root name server. Root name servers sit atop the DNS hierarchy and are responsible for managing the root zone. These servers answer queries for records stored within the root zone and refer requests to the appropriate top-level domain (TLD) name server.

TLD name servers direct queries to the authoritative name servers for the specific domains within their TLD. For example, the TLD name server for ".com" directs domains ending in ".com", the TLD name server for ".gov" directs domains ending in ".gov", and so on.

The domain name server (sometimes referred to as the second-level domain name server) holds the zone file with the IP address for the full domain name, such as “ibm.com.” This zone file might also hold information for a subdomain (such as blog.ibm.com) or that information might be partitioned to its own zone.

Each of these servers stores DNS records with information about the domain that the recursive resolver needs to continue, and ultimately resolve, its query.