DNS (Domain Name System) is a global distributed database for storing the mapping relationship between domain names and Internet IP addresses.

DNS is divided into two main categories: authoritative DNS, and recursive DNS.

Authoritative DNS

Authoritative DNS is a DNS server set up at the domain name registrar for a specific domain name record, and is used for the management of the specific domain name itself. It only resolves domain names that it owns, and denies access to domains that are not its own.

Recursive DNS

Recursive DNS, also known as Local DNS, is used for domain name lookups. Recursive DNS iterates over the answers returned by the authoritative server until the final IP address is queried, returns it to the client, and caches the request results locally.

DNS records

  • A record: Points to an IPv4 address.
  • AAAA record: Points to an IPv6 address.
  • CNAME record: Points to a domain name.
  • NS record: Specifies the domain name resolution server, i.e., the server responsible for managing the IP records corresponding to the domain name.
  • MX record: Points to the mail server address.
  • TXT record: Can be filled in arbitrarily, or empty.


Indicates the time in seconds that a resolution record is cached in the recursive DNS. When a recursive DNS gets a resolution record, it is cached according to the TTL, but it is possible that the recursive DNS does not follow the TTL, for example, the recursive DNS finds the TTL too small and frequent recursive requests exhaust the resources of the recursive DNS. Optimizing to reduce the number of requests to authoritative DNS servers and accessing recursive DNS as much as possible requires adjusting the TTL length higher to allow clients to access the recursive DNS cache as much as possible. However, longer TTL times may result in invalid changes to the source DNS record, since the record values are cached in the recursive dns according to the TTL specification.

DNS resolution process

When a browser enters www.airbnb.com address, it first queries the DNS service based on the Domain and gives the corresponding IP. The complete recursive DNS query process requires a DNS server from the root domain “.” server, top-level domain name server “.com”, first-level domain name server “airbnb.com”, one level of recursive query, until finally find the authoritative server to obtain the results and return to the customer. At the same time, the recursive server caches the query results according to the domain name TTL, which facilitates repeated queries for the same domain name.

DNS resolution process

The first resolution takes longer because there is a back source authority, and the second resolution record is cached in recursive DNS based on the TTL.

DNS resolution process


CoreDNS is a flexible and scalable DNS server that acts as a Kubernetes cluster DNS. like Kubernetes, the CoreDNS project is hosted by CNCF and most of its functionality is implemented by plugins.

DNS In Kubernetes

DNS Policy: https://godoc.org/k8s.io/api/core/v1#DNSPolicy

Pod dnsPolicy is ClusterFirst, the cluster DNS is used instead of the host DNS configuration.

Pod dnsPolicy

Check the DNS configuration file /etc/resolv.conf in the Pod. nameserver is the Virtual IP for CoreDNS Service. search is the search list. options ndots means greater than a specific number, if you don’t search, resolve according to the original domain name, otherwise you will resolve according to the search If all of them are Not Found, then it will be resolved according to the original domain name.

Pod dnsPolicy

CoreDNS SVC corresponds to the Virtual IP, which is the DNS profile nameserver server IP in the Pod.