What DNS cache does and why we need it
Understanding the function of web navigation to comprehend the fundamental role of the DNS server and DNS cache.
To understand the use and function of the DNS cache we have to take a step back and fully comprehend the various steps needed for web navigation.
1. How do I reach a web site?
Every web address that we want to visit with our browser needs to be resolved with a respective IP address of the server to which we send the request.
To give a practical comparison, it’s like wanting to call a friend of whom we know the name. We also need to know their telephone number.
An IP address is made up of for groups of numerical figures (IPv4) or 8 alphanumeric groups (IPv6).
For example, an IPv4 address could be 192.168.1.1
An IPv6 address is: 2001:0db8:85a3:0000:1321:8af:fe01:2211.
If the PC does not recognize the IP address of the server, it cannot create an IP package to transmit.
To be able to send an HTTPS request to a server via IP, the client must first carry out a “DNS query” request towards a DNS server to resolve the name host with the relative IP address.
The answer from the DNS server that contains the IP address is called the “DNS response”.
An HTTPS web navigation request is sent with TCP protocol within an IP package.
Every IP package transmitted by a device has a sender IP address and a recipient IP address also. The IP package in turn is transported by an ethernet frame.
The recipient receives an IP package forwarded by the various routers present in the network, who decide how to advance the package by looking at the destination IP address and choosing the correct ‘path’.
The routers (and also the PC, smartphone, tablet etc..) can make decisions of the correct path based around the IP address of the destination, they cannot do so based on the web page address.
For this reason, it is necessary to resolve the name of the web site (for example flashstart.com) with the relative IP address (151.139.128.10 for example).
>> FlashStart protects you from a wide array of threats and blocks access to malicious sites. Try it now: working with the internet has never been so secure!
2. DNS resolution laboratory
You can try and resolve the name of a web site to discover its relative IP address:
» open a terminal in (windows, macOS, Linux)
» type “ping flashstart.com”
» you will then get the answer to the Ping request with its relative IP address, this will then be memorised in the DNS cache.
Once you have received the request, the recipient will create a response package which it will return to the sender.
Let’s try and imagine the amount of web sites that are present throughout the world. Exactly, almost impossible to imagine.
The devices don’t memorise all of the IP addresses of every web site on the internet, they simply always ask every time that it is needed and save it in the DNS cache.
The next time that the device needs to use the IP address for reaching a web site it will first verify if that record is already present in the DNS cache.
Accessing the DNS cache, instead of asking for the name through the DNS protocol to the DNS server every time, saves a notable amount of time and makes the web navigation ‘more immediate’ (the device no longer needs to wait for the answer from the DNS server because it already knows the IP address to which it sends the request).
>> FlashStart protects you from a wide range of threats and blocks access to malicious sites → Try it now
3. DNS cache for ISP, WISP and company users
For ISP, Wisp or company operators with many clients it is definitely an interesting and important function development from FlashStart of making the DNS cache on the network.
This function is called CloudBOX and can be installed on a physical server or inside a hypervisor (virtual ambient VMware ESXI, Hyper-V or Proxmox).
FlashStart CloudBOX allows you to have a DNS cache of all of the requests that arrive from your network and manage the sites that are authorised or filtered.
CloudBOX conserves the memory of the requested DNS carried out along with the eventual answers received from the cloud. In this way it is capable of further optimizing the resolution times.
This solution allows also the reduction of DNS outgoing traffic from the network towards other DNS servers, therefore reducing band consummation and number of requests going out.
A demo of CloudBOX is available on this page: https://flashstart.com/cloudbox/
>> FlashStart’s artificial intelligence guarantees continuously updated protection for your browsing → Try it now!
4. For how long do the DNS cache records remain saved?
The DNS cache only memorises the most used records for a limited time, defined by the Durata (TTL) value expressed in seconds. When that time has expired, if the records have not been utilised, they are eliminated from the DNS cache.
5. How can I see which records are present in the DNS cache of my PC?
It is possible to visualize the contents of your DNS cache through a simple command in terminal.
6. Visualisation laboratory of DNS cache
Together we can do a little exercise:
» from PC windows open a command terminal.
» To open this terminal press WIN + R.
» You will see a “Run” window.
» Type “cmd.exe” and press OK.
» In the command terminal write: “ipconfig /displaydns” and press enter.
At this point there will be displayed inside the terminal the contents of the DNS cache.
Having understood how the resolution of a name of a web site through a DNS server works, we can also understand the importance of the use of a secure and trustworthy DNS server.
7. How can I make web navigation more secure thanks to DNS?
A secure DNS server will deliver the IP addresses of only those web servers that are considered secure, filtering the web servers that have been flagged as damaging, dangerous and of a threat.
When a DNS server receives a request for the resolution of a web address flagged as dangerous/harmful/infected or threat, it will not answer with the “correct” IP address but instead with the IP address of the FlashStart server where there will be visualized an alert message informing the user of a blocked danger.
In this way your devices will not know the path of how to reach a server that is considered damaging/harmful/non secure and will be protected against possible attacks.
Even the harmful web server IP address will not be saved in the DNS cache.
With the FlashStart dashboard it is possible to configure the websites that you desire to block, in addition to others that have been flagged as dangerous of which the list is updated many times a day.
For example, with DNS web filtering it is possible to block Social Networks for some chosen hours to carry out a content filter for avoiding the navigation by minors or staff.
Using a DNS server without content filter you could be exposed to grave – very grave – problems brought about through navigating sites that have dangerous content such as phishing (password stealing by simulating sites that are very well known in which they request that you insert your access data login and password), trojan (silent software that inserts itself into your PC and steals information or even carries out attacks, exactly like the legendary Trojan Horse used by the Greeks against the Trojans), cryptolocker (software that ciphers data present on your PC and asks for a ransom to get it back) and general malware (harmful software).
You can activate the FlashStart® Cloud protection on any sort of Router and Firewall to secure desktop and mobile devices and IoT devices on local networks.
