What Is DNS? Understanding the Domain Name System

People know websites through their domain names, but computers know websites as IP addresses. The domain name system (DNS) turns those domain names into IP addresses so that users can access the Internet. In this article, learn what DNS is, how it works, and how to do a DNS lookup.

What is DNS?

DNS stands for domain name system, a critical infrastructure that enables users to access websites and online services. It does this by translating human-readable domain names into IP addresses that computers can understand. Acting as a phonebook for the Internet, DNS allows devices to communicate with each other and access online resources.

Every device connected to the Internet receives an IP address assignment. This is how the devices communicate across networks. However, it's difficult for humans to remember numerical IP addresses.

Therefore, we use domain names - like www.whatismyip.com - and the domain name system translates them into machine-readable IP addresses for a successful connection.

How does DNS work?

Though it all happens in less than a second, the domain name system process is complicated and involves many servers. The typical DNS queries go through four different servers. They are the recursive DNS server, the root nameserver, the TLD nameserver, and the authoritative nameserver.

  1. When a user enters a URL into their browser, like google.com, they search for the root of that namespace.
  2. The browser first checks the computer’s operating system. It must see if the memory cache stores the IP address for that URL. If it does not, the operating system queries the resolving name server or recursive name server.
  3. Whether or not the resolving name server knows the IP address directly, it knows how to find the root name server. It queries the root name server, designated as the Internet’s domain name system root zone.
  4. The root server responds to the request with a list of authoritative name servers. These servers correspond with top-level domain, or TLD, name servers.
  5. The operating system receives the returned information. Then, the browser delivers the user to the website via the IP address. A domain name system server hosts all these records. It also stores the data and routes traffic according to the request.

Users looking for the IP address of a domain name can use the DNS Lookup Tool. The tool returns the IP’s domain name and other related information. Users looking for their own IP address can use the What Is My IP homepage to find IP address data. There, they can see their public IPv4 or IPv6 address.

Importance of the domain name system

The domain name system is essential for accessing websites and online services. By resolving domain names to IPs, the system allows for quick and efficient routing of information requests and data. Without the domain name system, networks would struggle with traffic distribution, connectivity, and reliability.

We see the importance of DNS in the impact of domain name system downtime or errors. When the domain name system fails, it disrupts the centralization of networks. It also affects the management and administration of IP changes or server location changes.

When it functions properly, the domain name system assists in security through features like DNSSEC. It also allows a network to continue despite server failure and keeps the Internet running smoothly.

What are DNS servers?

The domain name system would be unable to function without DNS servers. DNS servers house domain name system information for future access. They're also known as name servers or domain name servers.

You don’t just type an IP address into your browser. Therefore, the name server is what connects the URL that you enter with the IP addresses of web servers you’re trying to reach.

Types of DNS servers

Different types of domain name servers

There are a few different types of DNS servers. Understanding the differences can help you understand how the domain name system works as a whole.

Primary servers

Primary DNS servers function normally, taking all the relevant resource records and handling all domain name system queries.

Secondary servers

Secondary DNS servers are configured on your device when connected to your Internet service provider. They ensure the network connects should the primary servers fail and contain read-only zone file copies of information.

Public servers

Public DNS servers are provided by your Internet service provider (ISP). They’re available to anyone, like the Google public domain name system. They contain a great deal of information about websites hosted by IP addresses.

Private servers

Private DNS servers are set up by individuals who want full control over available IP addresses and network access. They use encryption, preventing third parties from intercepting the data.

Selecting a DNS service

There is only one domain name system. However, there are numerous domain name system servers or services available to users. Cloudflare DNS, for example, provides fast, free, private DNS services. Google DNS is public and available to Internet users worldwide.

OpenDNS aims to focus on phishing protection and reliability while resolving queries. Each ISP also provides an automatically-optimized domain name system server for Internet users.

However, the server your ISP provides may not be the best choice. Often, these domain name system servers are not private, since they lack DNS over HTTPS (DoH) protocol. Your ISP server often functions slower as well. Google’s public DNS is the most popular choice for users looking to switch.

However, many companies provide other options to users, like the ones mentioned above. You can also use dynamic DNS services if you have a dynamic IP address.

Change your domain name system service by logging on to your router. Check with your router manual online for specific instructions on where to make the domain name system changes. Each system is different.

How to fix ‘DNS server not responding’ error

A domain name system server is the middleman between domain names and IP addresses. However, sometimes, the server encounters unexpected domain name system errors or can’t properly load. The ‘DNS Server Not Responding’ error means that you cannot currently access the website you want to find. This typically occurs when the domain name system server can’t establish a connection to the Internet.

It’s an annoying problem, but in many cases, fixing the error message is simple. Try restarting your computer or simply switching to a different browser. Often, disconnecting and reconnecting to your WiFi connection will help the issue.

A DNS error on a computer system

If you have external parts correctly configured, but the device still isn't working, the router might be the problem. In that case, there are bigger steps you can take. You can reset your router, which will clear the storage and allow it to try processing your requests again.

Though the error is common, the root cause of the message isn’t always clear. The issue might be with the computer translating IPv6 addresses, which requires you to disable IPv6 entirely.

You could just need to flush your DNS cache, which often works in conjunction with a content delivery network to cache and increase speeds. Alternatively, switch to one of the available public DNS servers. A domain name system flush is easy to perform. You can use the command center to do one.

For Windows, click the Start menu and open up the command line by choosing Command Prompt (Admin) from the menu. Type in ipconfig/flushdns and you’re good to go.

For MacOS, open the Terminal application. Enter the command sudo dscacheutil-flushcache; sudo killall – HUP mDNSResponder. Then, enter the Mac’s password, and click Enter to clear the cache.

Use a DNS checker to assess the domain name system

It’s critical to ensure that the translation between a website’s domain name and IP address is accurate. When you register a new domain name, the domain name system servers assign the proper IP. Web browsers can now read it and take users to the right location online.

Some users who recently switched hosting providers or started a new website may have issues. If this is you, use a domain name system checker to assess how far the domain propagated. The DNS check also shows what domain name system servers report for your domain name

What are the steps in a DNS lookup?

DNS record lookups show translated IP addresses and domain names. With the tools, users can find the IP address of a domain name and other information related to domains.

Users can also perform a reverse DNS lookup. This type of search uses pointer records to query an IP address to find a hostname. Note that some IP addresses do not return a domain name. This occurs if there are multiple domains associated with a given IP address.

The forward DNS lookup, or simple DNS lookup, is the most used approach to the domain name system. You can use a DNS lookup tool or the nslookup command.

Domain name system lookup for Windows

For Windows computers, follow these steps to search the domain name system with the nslookup command:

  1. Go to Start.
  2. Click Run, then type command to open the command prompt.
  3. Type nslookup and hit Enter.

Your search will bring back information about your local DNS server and IP address.

Domain name system lookup for MacOS

For Mac computers, follow these steps to search the domain name system with the nslookup command:

  1. Open Finder.
  2. Click Applications.
  3. Double-click Utilities, then double-click the Terminal icon.
  4. In the pop-up box, type nslookup followed by the IP address or domain you want to query. Then, hit Enter.

Your search will return the domain name system server and IP address of the information you entered.

Three types of DNS queries

When you perform a domain name system lookup, it may involve any of three types of queries. They are recursive queries, iterative queries, and non-recursive queries.

  • Recursive queries occur when a DNS client requests that the server return the requested resource. This occurs if the resource previously lacked a user query. If the resolver can't return the record, it will turn back an error message.
  • Iterative queries occur when the queried server lacks a complete match for the query name, but must still provide a response. It returns a referral to a server with authority for a lower-level domain namespace. The client can then query that referral address and the process continues until the client locates the necessary information.
  • Non-recursive queries occur when a domain name system resolver client requests information from a server. However, it's information to which the server already has access. Servers cache records to prevent unnecessary bandwidth consumption. Therefore, non-recursive queries occur when the server already cached the record.

How to find DNS leaks when using a VPN

DNS leaks using VPN

Virtual private networks, or VPNs, route all traffic through the private VPN network and change the user's IP address. This includes domain name system queries. You don’t have to worry about a VPN messing up the domain name system and causing connectivity errors. The request will go to the private domain name system servers instead of the default public DNS servers.

However, sometimes there are security issues. The request doesn’t go straight through to the VPN provider’s domain name system servers. The request goes to the ISP’s DNS servers, bypassing the VPN in a domain name system leak.

Luckily, you can easily find out if you’re experiencing a domain name system leak. Simply use the DNS Leak Test website.

Users should also be wary of DNS spoofing. This type of spoofing uses altered domain name system records to redirect Internet traffic to fraudulent sites. Much like other forms of spoofing, the victim doesn’t understand the crime committed against them. They realize it only after providing their sensitive information to the site.

Domain name system servers, regardless of which one you use, are vulnerable to malware attacks. Make sure to use a trusted antivirus program so that you don’t unknowingly expose your computer to malware. Maintaining your domain name system servers and computer helps prevent malicious attacks like these.

Understanding advanced topics in DNS

If you're already familiar with the domain name system, expand your knowledge with a few advanced topics. In this section, we'll cover DNS caching, DNS over HTTPS, and DNS over TLS.

DNS caching

DNS caching is the process of storing DNS query results, speeding up future requests for the same domain names. When you look up a website, your device sends a DNS query to find the website's IP.

Once the server resolves the domain to the IP, the information temporarily stays in a DNS cache. The information receives a time-to-live, dictating how long the record can exist before a refresh. Domin name system caching occurs on the browser level, operating system level, router level, and ISP level.

DNS over HTTPS (DoH)

DNS over HTTPS is a security protocol for performing domain name system resolution via the HTTPS protocol. Queries are sent to the server as HTTPS requests, securing the traffic.

DoH encryts the domain name system requests. By doing so, it ensures that only the client and server know the contents of queries and responses. This improves performance, security, and integrity of a request.

DNS over TLS (DoT)

DNS over TLS is a security protocol that, like DoH, encrypts queries and responses. Instead of using HTTPS, this protocol uses Transport Layer Security (TLS). It encrypts all communication between the client and the DNS server.

DoT typically uses port 853 rather than port 53. It provides enhanced security and better protection against hackers and external threats.

Frequently asked questions

What is TTL in DNS?

TTL stands for time to live (TTL). When a server stores a DNS record in its cache, the TTL dictates how long it should store the information for. The longer the time to live, the longer the server stores the information.

What does DNS stand for?

DNS stands for domain name system.

Why is DNS important?

The domain name system is crucial because it translates domain names into IP addresses. This ensures that the Internet works well for users and computers.

Is DNS secure?

Yes, the domain name system is widely considered to be secure.

What is an A record in DNS?

An A record is a type of DNS record. It maps a domain to the physical IP address of the computer that hosts that domain name. In some instances, a device has multiple IPs. Therefore, it also has multiple A records, which can be configured for a single domain.

Other domain name system records include CNAME records and MX records.

What is a DNS provider?

A DNS provider is a platform that hosts domains and uses domain name system records. It facilitates communication for your domain. You can access the DNS zone offered by your provider.

This then allows you or your company to manage your domain name system settings and records. Cloudflare and Google DNS are examples of domain name system providers.