DNS (Domain Name System)

What Is DNS?

DNS is a hierarchical, distributed database system that maps domain names to IP addresses. It's one of the core technologies that makes the internet usable for humans.

What DNS does:

• Translates example.com → 93.184.216.34
• Enables you to use memorable names instead of IP addresses
• Routes your requests to the correct servers
• Distributes this lookup process across thousands of servers worldwide

Why DNS matters:

Every time you visit a website, send an email, or use an app that connects to the internet, DNS is working. It handles billions of queries per day, making the internet navigable without requiring users to know technical addressing.

DNS is often called the "phone book of the internet" because, like looking up a person's phone number by their name, DNS looks up a computer's IP address by its domain name.

What Does DNS Stand For?

DNS stands for Domain Name System:

• Domain: The human-readable address (like example.com)
• Name: The naming convention that makes addresses memorable
• System: The distributed network of servers that handles lookups

The Domain Name System was designed in 1983 by Paul Mockapetris to replace the previous system of manually maintained host files. As the internet grew, a scalable, automated solution became essential.

How DNS Works

When you type www.example.com into your browser, here's what happens:

Step 1: Browser cache check

Your browser first checks if it recently looked up this domain. If cached, it uses the stored IP address immediately.

Step 2: Operating system cache

If not in browser cache, the OS checks its own DNS cache.

Step 3: Resolver query

If still not found, your computer queries a DNS resolver (usually provided by your ISP or a service like Google DNS or Cloudflare).

Step 4: Root server query

The resolver asks a root name server: "Where can I find information about .com domains?"

Step 5: TLD server query

The root server directs the resolver to the .com TLD server. The resolver asks: "Where can I find example.com?"

Step 6: Authoritative server query

The TLD server points to example.com's authoritative name server. The resolver asks: "What's the IP address for www.example.com?"

Step 7: Response

The authoritative server returns the IP address. The resolver caches this answer and sends it to your computer.

Step 8: Connection

Your browser connects to the IP address and loads the website.

This entire process typically takes milliseconds—usually 20–120ms for uncached lookups.

What Is a DNS Server?

A DNS server is a computer that stores DNS records and responds to lookup queries. Different types of DNS servers handle different parts of the resolution process:

Recursive resolver (DNS resolver):

The server your computer contacts first. It does the work of querying other servers on your behalf and caches results. Your ISP provides one, or you can use public resolvers like:

• Google Public DNS: 8.8.8.8, 8.8.4.4
• Cloudflare DNS: 1.1.1.1, 1.0.0.1
• OpenDNS: 208.67.222.222, 208.67.220.220

Root name servers:

13 sets of servers (labeled A through M) that know where to find TLD servers. They're the starting point for resolving any domain name.

TLD name servers:

Servers that handle queries for specific top-level domains (.com, .org, .net, etc.). Operated by registries.

Authoritative name servers:

The servers that hold the actual DNS records for specific domains. When you register a domain, you specify which authoritative servers hold your records (often your registrar's or hosting provider's servers).

DNS Records Explained

DNS servers store different types of records for different purposes:

Common DNS record uses:

A and AAAA records:

Point your domain to your web server's IP address. Most fundamental record type.

CNAME records:

Create aliases. For example, making www.example.com point to example.com so both work.

MX records:

Tell email servers where to deliver mail for your domain. Essential for custom email addresses.

TXT records:

Used for verification (proving you own a domain) and email authentication (SPF, DKIM, DMARC).

DNS and Domain Names

DNS is what makes domain names work. When you register a domain, you're reserving a name in the DNS system.

The connection:

1. You register yourdomain.com through a registrar
2. You set name servers (NS records) pointing to your DNS provider
3. You create DNS records (A, CNAME, MX, etc.) at that provider
4. When someone visits yourdomain.com, DNS translates it to your server's IP

Managing DNS:

Most registrars provide DNS hosting, or you can use:

• Your web hosting provider's DNS
• Dedicated DNS services (Cloudflare, Route 53, DNSimple)
• Your own DNS servers (for advanced users)

DNS propagation:

When you change DNS records, the changes need to spread across the global DNS system. This "propagation" typically takes minutes to 48 hours, depending on TTL (Time to Live) settings and caching.

What Is a DNS System?

The DNS system is the complete infrastructure that makes domain name resolution work:

Components of the DNS system:

Hierarchical structure:

DNS organizes domains in a tree structure:

• Root (.)
• Top-level domains (.com, .org, .net, ccTLDs)
• Second-level domains (example.com)
• Subdomains (blog.example.com)

Distributed database:

No single server holds all DNS information. Data is distributed across millions of servers worldwide, making the system resilient and fast.

Caching layers:

Multiple caching levels (browser, OS, resolver, servers) reduce load and speed up repeat lookups.

Redundancy:

Critical DNS servers have multiple copies. Root servers, for instance, have hundreds of instances globally.

Governance:

ICANN coordinates the global DNS system, managing root servers, TLD registries, and policies.

DNS Security

DNS was designed before security was a primary concern. Modern additions address vulnerabilities:

DNSSEC (DNS Security Extensions):

Adds cryptographic signatures to DNS records, verifying that responses haven't been tampered with. Prevents DNS spoofing attacks where attackers return fake IP addresses.

DNS over HTTPS (DoH):

Encrypts DNS queries using HTTPS, preventing eavesdropping on your browsing activity. Supported by major browsers and resolvers.

DNS over TLS (DoT):

Similar encryption using TLS. Used by some resolvers and operating systems.

Common DNS attacks:

DNS spoofing/poisoning:

Attacker inserts fake DNS records, redirecting users to malicious sites.

DNS hijacking:

Attacker changes your DNS settings (via malware or router compromise) to route queries through their servers.

DDoS attacks on DNS:

Overwhelming DNS servers to make websites unreachable.

Protection measures:

• Use reputable DNS resolvers
• Enable DNSSEC for your domains
• Use DNS over HTTPS/TLS
• Keep router firmware updated
• Monitor for unauthorized DNS changes

Changing DNS Settings

You might need to change DNS settings for various reasons:

Changing your computer's DNS resolver:

Switch from your ISP's DNS to a faster or more private option:

Windows:

Settings → Network & Internet → Change adapter options → Properties → IPv4 → Use the following DNS server addresses

Mac:

System Preferences → Network → Advanced → DNS

Common public DNS servers:

• Cloudflare: 1.1.1.1 (privacy-focused, fast)
• Google: 8.8.8.8 (reliable, widely used)
• Quad9: 9.9.9.9 (security-focused, blocks malware)

Changing your domain's DNS records:

Log into your registrar or DNS provider's dashboard to:

• Point your domain to a new web host (update A records)
• Set up email (add MX records)
• Verify domain ownership (add TXT records)
• Create subdomains (add A or CNAME records)

DNS and Website Performance

DNS affects how fast your website loads:

DNS lookup time:

Every new domain your page references requires a DNS lookup. Multiple external resources (fonts, analytics, CDNs) add lookups.

Optimizing DNS performance:

Choose fast DNS providers:

Cloudflare, Route 53, and Google Cloud DNS have globally distributed servers for fast lookups worldwide.

Reduce DNS lookups:

Minimize external domains your page loads resources from.

Use DNS prefetching:

Tell browsers to resolve domains before they're needed:

<link rel="dns-prefetch" href="//example.com">

Set appropriate TTLs:

Longer TTLs mean more caching (faster subsequent loads) but slower propagation when you make changes. Balance based on how often you update records.

DNS for Email

DNS is essential for email delivery:

MX records:

Specify which servers handle email for your domain. Without correct MX records, email won't reach you.

SPF records (TXT):

List which servers are authorized to send email from your domain. Helps prevent spoofing.

DKIM records (TXT):

Contain public keys for verifying email signatures. Proves emails weren't modified in transit.

DMARC records (TXT):

Policy for handling emails that fail SPF/DKIM checks. Tells receiving servers what to do with suspicious messages.

Setting up email:

When you use email services (Google Workspace, Microsoft 365, Fastmail), they'll provide specific DNS records to add. Correct DNS configuration is essential for reliable email delivery.

Troubleshooting DNS

Common DNS issues and solutions:

"DNS server not responding":

• Try a different DNS resolver (change to 8.8.8.8)
• Flush your DNS cache (ipconfig /flushdns on Windows, sudo dscacheutil -flushcache on Mac)
• Restart your router

Website not loading after DNS change:

• DNS propagation takes time—wait up to 48 hours
• Try flushing your local DNS cache
• Check if the change has propagated using online tools

Email not working:

• Verify MX records are correct
• Check SPF, DKIM, and DMARC records
• Ensure DNS has propagated

Checking DNS records:

Use command-line tools or web-based checkers:

• nslookup example.com
• dig example.com
• Online tools: MXToolbox, DNSChecker, WhatsMyDNS