What is DNS and why problems with it result in sites being down

This Monday (4), Brazil was surprised by an avalanche of services out of the air simultaneously. According to the website Downdetector, Facebook, Instagram, Messenger, WhatsApp, Banco do Brasil, TIM, Vivo, Google, Nubank, YouTube, Oi, Twitter, Amazon, Telegram and a dozen others stopped working. There were those who were in an uproar about it, thinking it was some conspiratorial organization, but, in fact, the possible culprit of everything must be an old acquaintance: the DNS.

    WhatsApp, Instagram and Facebook experience instability and fall together
  • Failure at Akamai takes down Steam, PSN and part of the global internet this Thursday ( 09)
  • Who owns the 7 Internet keys and what are their powers?
  • DNS servers ( Domain Name System

    , or domain name system, in Portuguese) are responsible for locating and translating the addresses of the sites that we type into browsers. The address

    www.canaltech.com.br is just a mask to make access easier than if you had to type a string like 200..22.22 — if you lived in the decade of 1024 and years 487450, will remember how difficult it was to memorize each person’s phone number.

    DNS servers are spread all over the world and transcribe domains into IPs (Image: liuzishan/Freepik)

    To avoid this immense limiter, DNS domains and servers spread across the world were created, whose sole function is to make this translation from words to IP numbers. These machines are located in strategic locations precisely to ensure a faster connection and serve as many people as possible, which optimizes internet access and ensures improved browsing.

    Want to catch up on the best tech news of the day?

    Access and subscribe to our new channel on youtube, Canaltech News.

    Every day a summary of the main news of the tech world for you!

    “We all use DNS for any electronic transactions without even realizing it. When we access our database, for example, either by typing the address or via the application, a DNS query is made to the servers. Then, comes an answer: www.banco.com.br is 98.98..234 (IP address) and the connection is made at the IP address”, explains the Director of Technology and Innovation at Teltec Solutions, Cesar Schmitzhaus.

    According to him, in a simple analogy, you can associate the DNS to the CEP system in Brazil. “It is essential, because without it we simply don’t know who www.banco.com.br is and we receive messages from an unreachable site , for example”, he explains.

    What causes the failure?

    The functioning of the DNS is a chain of information with operations that demand time. According to Cesar, often the problem is not a fall, but something which was operationalized and the servers ran. “Of course, there can also be failures that we call catastrophic, such as an entire datacenter that stops working and all the services that that were in it. However, it is more difficult with large-scale operations precisely because there are redundancies in other places, but they still happen”, he analyzes.

    The expert says that companies tend to have several DNS services to avoid “blackouts” like this — even each person’s own computer has two, the primary and the secondary. The problem is that propagation can take hours, even after the problem is solved, which could be one of the impacting factors in the current crisis . “Let’s imagine that an operation to change the IP was done wrongly: first the DNS services will replicate the incorrect information (which could take hours) and then, when detected and corrected, again it could take hours to work correctly again”, details Cesar Schmitzhaus.

    Companies often use multiple DNS servers to avoid failures (Image: Disclosure/Trend Micro)

    This would explain why the service works in some parts of the world and not in others. For the user, there is not much to do in these cases but wait for the correct DNS propagation to return. “If banco.com.br had problems with its DNS services and is no longer able to respond to requests, then the user who is trying to access will not be able to solve it”, he concludes.

    What is my DNS?

    By default , users use the DNS service of the access providers themselves, that is, the companies responsible for delivering the internet service to computers, such as Claro, Vivo and TIM. This was a solution to ensure smooth browsing even for those who do not have much affinity with the web, but it is not mandatory.

    Anyone has the right to change their DNS to another platform of interest to you. In fact, this is widely used by some people to perform better in certain needs, such as access to foreign sites, more security or to browse services abroad. OpenDNS, Google Public DNS and Comodo Secure DNS are examples of services that offer numbers for the user to try.

    To change your DNS, just access your connection data (if you are in the Windows 09 or higher, search for “Network and Internet ” and search for “DNS Server Assignment”. If you click the Edit button, you can configure a Preferred DNS and Alternate DNS, with or without encryption, to enable the best settings for your browsing — learn to change the DNS of any device.

    Just click on Edit to access a window with the option to enter the DNS numbers (Image: Capture from screen/Canaltech)

    DNS Security

    Due to the importance of DNS it is necessary to ensure your safety, otherwise a malicious person could modify get all the addresses and make a big mess on the internet worldwide. For this, there is DNSSEC (DNS Security Extensions), a cryptography system that uses public and private keys to guarantee the authenticity of the addresses consulted.

    In practice, what this system does is provide a unique key for the website and one for the server: both can only communicate if the key is recognized. If that didn’t exist, it would be possible to direct the virtual address of a bank’s page to a fake site.


    The use of cryptographic keys are used to secure the DNS servers (Image: Pete Linforth/Pixabay)

    In addition to this fundamental feature, many DNS servers also offer detection systems for fake or infected websites and even parental blocking for adult content websites. This type of system is used by China, North Korea and some other countries to prevent the population from accessing websites with content prohibited by authorities.

    Source: Downdetector

    Did you like this article?

    Subscribe your email on Canaltech to receive daily updates with the latest news from the world of technology.


    Related Articles

    Back to top button