What Is DNS and Why Does It Exist?
The Domain Name System (DNS) is the distributed database that translates human-readable domain names like example.com into the IP addresses that computers use to route network traffic. Without DNS, every website visit would require knowing the destination server's IP address — a 32-bit number for IPv4 or a 128-bit number for IPv6. DNS makes the internet navigable by humans.
DNS is not a single server or database — it's a globally distributed, hierarchical system with millions of servers cooperating to answer billions of queries per day.
The DNS Hierarchy
DNS is organized as a tree with three main levels:
- Root Zone — The top of the DNS tree. There are 13 root server addresses (operated by multiple distributed anycast nodes worldwide) that know the authoritative servers for every top-level domain.
- Top-Level Domains (TLDs) — Registries like Verisign (for
.com) or PIR (for.org) maintain the authoritative servers for their TLD. - Authoritative Name Servers — The servers configured by you (or your domain registrar/DNS host) that hold the actual DNS records for your domain.
The Resolution Process: Step by Step
When you type www.example.com into your browser, here's what happens:
- Browser cache — Your browser checks its own DNS cache. If it has a recent answer, it uses it immediately.
- OS resolver cache — The operating system checks its local cache.
- Recursive resolver — Your request goes to a recursive resolver (usually provided by your ISP or a public resolver like 1.1.1.1 or 8.8.8.8). This server does the legwork.
- Root server query — The recursive resolver asks a root server: "Who knows about
.com?" It gets back a referral to the.comTLD servers. - TLD server query — The resolver asks the
.comTLD server: "Who's authoritative forexample.com?" It gets back a referral to Example's name servers. - Authoritative server query — The resolver asks Example's authoritative name server for the A record of
www.example.comand gets an IP address back. - Response returned — The IP address is returned to your browser, cached according to the record's TTL, and the connection begins.
Common DNS Record Types
| Record Type | Purpose | Example Value |
|---|---|---|
| A | Maps domain to IPv4 address | 93.184.216.34 |
| AAAA | Maps domain to IPv6 address | 2606:2800:220:1:: |
| CNAME | Alias to another domain name | www → example.com |
| MX | Mail server for the domain | mail.example.com (priority 10) |
| TXT | Arbitrary text; used for SPF, DKIM, verification | v=spf1 include:... ~all |
| NS | Authoritative name servers for domain | ns1.example-dns.com |
| SOA | Start of Authority — zone metadata | Serial, refresh, retry, expire |
Understanding TTL
Every DNS record has a TTL (Time to Live) — measured in seconds — that tells resolvers how long to cache the answer before querying again. A TTL of 300 means the record is cached for 5 minutes. Short TTLs give you faster propagation of changes; long TTLs reduce DNS query load and improve performance. When planning DNS changes (like migrating a site), lower your TTL well in advance so the change propagates quickly when you make it.
DNS Security: DNSSEC
Standard DNS is unauthenticated — responses can be forged in cache poisoning attacks. DNSSEC adds digital signatures to DNS responses, allowing resolvers to verify that records are authentic and unmodified. While not universally deployed, DNSSEC is supported by major TLDs and registrars and is worth enabling for security-sensitive domains.