A Comprehensive Look at the Domain Name System (DNS)

What is DNS?

DNS, short for Domain Name System, is the protocol within the set of standards for how computers exchange data on the internet and many private networks, known as the TCP/IP protocol suite. Its fundamental job is to translate human-friendly hostnames, like “www.example.com”, into machine-friendly IP addresses, like “” (IPv4), or more complex versions like “2001:0db8:85a3:0000:0000:8a2e:0370:7334” (IPv6).

This system allows us to use an easy-to-remember website name rather than the numerical IP address that computers use to identify each other on the network. Essentially, the DNS serves as the internet’s phone book, ensuring that information requests sent by your computer are delivered to the correct destination.

How does DNS work?

DNS operates via a hierarchical system. At the top, there are root servers that contain information about top-level domains (TLDs) like “.com”, “.net”, “.org”, etc. Beneath these, there are authoritative servers for each domain (like “example.com”), which holds DNS records for each of its subdomains. A DNS record is like an entry in a phone book - it tells the DNS system which IP address corresponds to which domain name.

When you type a URL into your web browser, your computer doesn’t immediately know the IP address corresponding to that domain. It needs to send a DNS query to discover this information. This is where DNS resolvers and DNS servers come into play.

4 DNS servers are involved in loading a webpage

  1. DNS Recursor: The recursor, also known as the DNS resolver, is the first server in the chain of DNS lookup. It’s a server designed to receive queries from client machines, typically users’ computers, through applications like web browsers. Essentially, it acts as a middleman who makes requests on behalf of the client, then returns the results.
  2. Root Nameserver: The root server is the next step in the DNS lookup chain. It responds to the resolver with information directing it toward the TLD (Top Level Domain) server. There are 13 sets of these root servers, labeled A through M, scattered worldwide.
  3. TLD Nameserver: This server hosts the last part of a hostname (e.g., “.com”, “.net”). The TLD server receives the query from the root server, then directs the query to the authoritative nameserver associated with the specific domain.
  4. Authoritative Nameserver: The authoritative server is the final stop on the DNS lookup journey. If the domain has the requested record, the IP address for the desired website is returned to the resolver. The resolver then sends the IP address back to your computer.

What’s the difference between an authoritative DNS server and a recursive DNS resolver?

An authoritative DNS server is a server that holds DNS zone files or records. It serves these records in response to queries from DNS resolvers. It’s authoritative in the sense that it has definitive information about a particular set of domains.

A recursive DNS resolver, on the other hand, is like a detective. It’s given a name to look up and must go through a series of steps to find the IP address for that name. The resolver does not have the answer itself, so it has to ask other servers in the DNS hierarchy for the information. Once it receives the response, it will cache it (store it locally) for a certain period to respond more quickly to the same request.

What are the steps in a DNS lookup?

Here’s a simplified breakdown of how a DNS lookup works:

  1. You type a URL into your browser: The browser first checks its cache to see if it has a corresponding IP. If not, it sends a request to the recursive DNS resolver.
  2. The resolver queries a root server: The resolver sends the query to the root server, which responds with a pointer to the relevant TLD server.
  3. The resolver queries the TLD server: The TLD server responds with a pointer to the authoritative nameserver for the specific domain.
  4. The resolver queries the authoritative nameserver: The authoritative server responds with the IP address for the domain, which the resolver sends back to your browser.
  5. Your browser sends a request to the server at the returned IP address (usually via HTTP or HTTPS), and the server responds by sending back the data for the webpage, which the browser then renders and displays to you.

What is a DNS Resolver?

As previously mentioned, a DNS resolver (also known as a DNS recursor) is a server designed to take “friendly” domain names (like “www.example.com”) and resolve them into their corresponding IP addresses. It requests other DNS servers until it receives the required information.

What are the types of DNS queries?

  1. Recursive Query: In a recursive query, the DNS resolver will respond to the client’s request with the requested resource record or an error message if it cannot find it.
  2. Iterative Query: In an iterative query, the DNS server will respond with its best answer. If the server does not have the answer, it will direct the DNS resolver to a server that might know the answer. The resolver then queries the next server.
  3. Non-Recursive Query: In a non-recursive query, the DNS resolver will query the DNS server for a record it should already know, avoiding the process of asking other servers for help.

What is DNS caching? Where does DNS caching occur?

DNS caching stores data in a cache or a local storage location to be accessed more quickly. When a DNS resolver resolves a query, it will cache the response, so if the same query is asked again, it can respond more quickly without needing to run a new search.

Caching can occur in several locations within the DNS lookup process. This includes the web browser, the operating system, the router, the recursive resolver, and the DNS servers involved in the query. The length of time data is stored in the cache can vary, but typically it’s governed by a TTL (time to live) set in the DNS record.