What Is DNS? Understanding the Domain Name System

People know websites through their domain names. But computers know websites as IP addresses. The domain name system—DNS—turns those domain names into IP addresses so that the webpage can be loaded. It's the way you access the Internet. In this article, learn what DNS is, how it works, and how to do a DNS lookup.

What is DNS?

DNS, or the domain name system, is a naming database that translates domain names into IP addresses. Every device connected to the Internet is assigned an IP address, which is how the devices communicate across networks. However, it's difficult for humans to remember numerical IP addresses. Therefore, we use domain names - like www.whatismyip.com - and the domain name system translates them into machine-readable IP addresses for a successful connection.

How does DNS work?

Though it all happens in less than a second, the DNS process is complicated and involves many servers. The typical DNS queries are sent through four different servers: the recursive DNS server, the root nameserver, the TLD nameserver, and the authoritative nameserver.

  1. When a user enters a URL into their browser, like google.com, they are searching for the root of that name space.
  2. The browser first checks the computer’s operating system to see if the memory cache stored the IP address for that URL. If it is not, the operating system queries the resolving name server, or recursive name server.
  3. Whether or not the resolving name server knows the IP address directly, it knows how to find the root name server. It queries the root name server, designated as the Internet’s domain name system root zone.
  4. The root server responds to the request with a list of authoritative name servers that correspond with top-level domain, or TLD, name servers.
  5. The operating system receives the returned information, and the browser delivers the user to the website via the IP address. A domain name system server hosts all these records. It also stores the data and routes traffic according to the request.

Users looking for the IP address of a domain name can use the DNS Lookup Tool, which returns the IP’s domain name and other related information. Users looking for their own IP address can use the What's My IP homepage to find IP address data and their public IPv4 or IPv6 address.

What are DNS servers?

The domain name system would be unable to function without DNS servers. DNS servers, also known as name servers or domain name servers, are where the domain name system information is actually stored and accessed by the Internet. Because you don’t just type an IP address into your browser, the name server is what connects the URL that you enter with the IP addresses of web servers you’re trying to reach.

Different types of domain name servers

There are also a few different types of DNS servers. Understanding the differences can help you understand how the domain name system works as a whole.

Primary DNS servers function normally, taking all the relevant resource records and handling all domain name system queries.

Secondary DNS servers configure on your device when connected to your Internet service provider. They make sure that the network connects should the primary servers fail and contain read-only zone file copies of information.

Public DNS servers are provided by your Internet service provider (ISP). They’re available to anyone, like the Google public domain name system. They contain a great deal of information about websites hosted by IP addresses.

Private DNS servers are set up by individuals who want full control over available IP addresses and network access. They are encrypted, preventing third parties from intercepting the data.

Selecting a DNS service

Though there is only one domain name system, there are numerous domain name system servers or services available to users. Cloudflare DNS, for example, provides fast, free, private DNS services. Google DNS is public and available to Internet users worldwide. OpenDNS aims to focus on phishing protection and reliability while resolving queries. Each ISP also provides an automatically-optimized domain name system server for Internet users.

However, the server your ISP provides may not be the best choice. Often, these domain name system servers are not private, since they lack DNS over HTTPS (DoH) protocol. Your ISP server often functions slower as well. Google’s public DNS is the most popular choice for users looking to switch. However, many companies provide other options to users, like the ones mentioned above. You can also use dynamic DNS services if you have a dynamic IP address.

Change your DNS service by logging on to your router. Check with your router manual online for specific instructions on where the domain name system changes can be made; each system is different.

How to fix ‘DNS server not responding’ error

A domain name system server is the middleman between domain names and IP addresses. However, sometimes, the server encounters unexpected DNS errors or can’t properly load. The ‘DNS Server Not Responding’ error means that the webpage you’re trying to get to can’t be accessed, typically because the domain name system server can’t establish a connection to the Internet.

It’s an annoying problem, but in many cases, fixing the error message is simple. Try restarting your computer or simply switching to a different browser. Often, disconnecting and reconnecting to your WiFi connection will help the issue.

A DNS error on a computer system

If you have external parts correctly configured, but the device still isn't working, the router might be the problem. In that case, there are bigger steps you can take. You can reset your router, which will clear the storage and give it a chance to try processing your requests again.

Though the error is common, the root cause of the message isn’t always clear. The issue might be with the computer translating IPv6 addresses, which requires you to disable IPv6 entirely; you could just need to flush your DNS cache, which often works in conjunction with a content delivery network to cache and increase speeds, or switch to one of the available public DNS servers. A domain name system flush is easy to perform. You can use the command center to do one.

For Windows, click the Start menu and open up the command line by choosing Command Prompt (Admin) from the menu. Type in ipconfig/flushdns and you’re good to go.

For MacOS, open the Terminal application. Enter the command sudo dscacheutil-flushcache; sudo killall – HUP mDNSResponder, enter the Mac’s password, and click Enter to clear the cache.

Use a DNS checker to assess your DNS

It’s critical to ensure that the translation between a website’s domain name and IP address is accurate. When you register a new domain name, the domain name system servers assign the proper IP so that web browsers can read it and take users to the right location online.

For users who recently switched hosting providers or started a new website, use a domain name system checker to assess how far the domain propagated. The DNS check also shows what domain name system servers report for your domain name

What are the steps in a DNS lookup?

DNS record lookups show translated IP addresses and domain names. With the tools, users can find the IP address of a domain name and other information related to domains. Users can also perform a reverse DNS lookup, which uses pointer records to query an IP address in order to find a hostname. Note that some IP addresses do not return a domain name if there are multiple domains associated with a given IP address.

The forward DNS lookup, or simple DNS lookup, is the most used approach to the domain name system. You can use a DNS lookup tool or the nslookup command.

Domain name system lookup for Windows

For Windows computers, follow these steps to search the domain name system with the nslookup command:

  1. Go to Start.
  2. Click Run, then type command to open the command prompt.
  3. Type nslookup and hit Enter.

Your search will bring back information about your local DNS server and IP address.

Domain name system lookup for MacOS

For Mac computers, follow these steps to search the domain name system with the nslookup command:

  1. Open Finder.
  2. Click Applications.
  3. Double click Utilities, then double click the Terminal icon.
  4. In the box that pops up, type nslookup followed by the IP address or domain you want to query. Then, hit Enter.

Your search will return the domain name system server and IP address of the information you entered.

Three types of DNS queries

When you perform a DNS lookup, it may involve any of three types of queries: recursive queries, iterative queries, and non-recursive queries.

  • Recursive queries occur when a DNS client requests that the server return the requested resource. This occurs if the resource has not been previously queried. If the resolver can't return the record, it will turn back an error message.
  • Iterative queries occur when the queried server lacks a complete match for the query name, but must still provide a response. It returns a referral to a server with authority for a lower level domain namespace. The client can then query that referral address, and the process continues until the necessary information is found.
  • Non-recursive queries occur when a DNS resolver client requests information from a server that the server already has access to. Because servers cache records to prevent unnecessary bandwidth consumption, non-recursive queries occur when the record is already cached.

How to find DNS leaks when using a VPN

DNS leaks using VPN

Virtual private networks, or VPNs, route all traffic through the private VPN network and change the user's IP address. This includes domain name system queries. You don’t have to worry about a VPN messing up the domain name system and causing connectivity errors; the request will go to the private domain name system servers instead of the default public DNS servers.

However, sometimes there are security issues and the request doesn’t go straight through to the VPN provider’s domain name system servers. The request goes to the ISP’s DNS servers, bypassing the VPN in a DNS leak. Luckily, you can easily find out if you’re experiencing a domain name system leak by using the DNS Leak Test website.

Users should also be wary of DNS spoofing, which uses altered domain name system records to redirect Internet traffic to fraudulent sites. Much like other forms of spoofing, the victim doesn’t understand the crime committed against them victimized until after they already gave their sensitive information to the site.

Domain name system servers, regardless of which one you use, are vulnerable to malware attacks. Make sure to use a trusted antivirus program so that you don’t unknowingly expose your computer to malware. Maintaining your domain name system servers and computer helps prevent malicious attacks like these.

Frequently asked questions

What is TTL in DNS?

TTL stands for time to live (TTL). When a server stores a DNS record in its cache, the TTL dictates how long it should store the information for. The longer the time to live, the longer the server stores the information.

What is an A record in DNS?

An A record is a type of DNS record that maps a domain to the physical IP address of the computer that hosts that domain name. In some instances, a device has multiple IPs and thus multiple A records, but they can be configured for a single domain.

Other domain name system records include CNAME records and MX records.

What is a DNS provider?

A DNS provider is a platform that hosts domains and uses domain name system records to facilitate communication for your domain. You can access the DNS zone offered by your provider, which then allows you or your company to manage your domain name system settings and records. Cloudflare and Google DNS are examples of domain name system providers.