← Back to Glossary

What is DNS?

by Iwan Price-Evans on Web technology • July 15, 2022

DNS is the abbreviation for Domain Name System. This is the system that provides a mechanism for finding websites, applications, and resources on the internet. It's essentially like the internet's contact list of phone numbers. DNS is a quick way to locate and connect to a website with a human-readable domain name.

The Domain Name System is a global service that translates website domains and URLs (Universal Resource Locators) to a numbered address that is assigned to a domain or subdomain e.g. www.example.com/shop/. These are called Internet Protocol (IP) addresses and you can think of them as similar to a postal address number. 

The IP address is a unique number like 195.254.2.30 that's translated into a readable domain name such as example.com. The system was created so that humans don't need to memorize these complex IP addresses. 

The earlier versions of IP addresses (IPv4) have a maximum of 12 numbers but as the internet has grown, a new, more complex alphanumeric IP address system (IPv6) has been created. The IPv6 addresses can look like this 2400:cb00:2048:1::c629:d7a2. As you can see, it would be really difficult for humans to remember these numbers. Learn more about IPv4 vs IPv6.

All sorts of devices and locations are connected to the internet and each is assigned an IP address. These can include servers, computers, mobile devices, network routers, and many others.

DNS servers manage the lists of IP addresses and translate them into readable names. When you're using a website, your browser is interacting with the website via the IP addresses. DNS is mapping the website domain to an IP address so the browser knows where the website is on the internet. 

What is a DNS lookup?

When DNS translates a domain name into an IP address a DNS lookup occurs. This is what happens when you start browsing the internet. Your browser sends a request to the DNS server to 'look up' the location and information of the website needed.

DNS lookups return DNS records that contain IP addresses and other information about a domain. There are different types of records for different resources. For example, an A (address) record is the IP address for a website, an NS (nameserver) record is the name of the authoritative server that knows everything about the domain, and there are many more types of records. 

A website DNS lookup typically performs steps to send a request from a web browser, through the DNS lookup process, and back again.

How does DNS work?

When a user enters a website address in a browser, a request for its address is sent over the internet to a DNS server called a recursive resolver server. The request is called a recursive DNS query. Recursive queries receive the address answer or an error if not found.

Recursive resolver servers can have the address cached in which case it will return the answer immediately to the browser and the website will load. This is called a non-recursive query.

If it doesn't have the IP address cached or it doesn't know where it is, the recursive resolver server will query the next-level server. This is where iterative DNS queries occur. 

Iterative DNS queries are sent by the recursive resolver to the three next-level server types, root name server, TLD, and authoritative name server. These continue redirecting the query until they find a DNS record that has the requested IP address. The root server redirects to the TLD server and the TLD server redirects to the authoritative server. 

If the recursive resolver doesn't have the answer cached but already knows which server has the IP address it will not query the root name server or the TLD server and get the answer directly from the authoritative server. This is also called a non-recursive query.

If the recursive resolver server doesn't know the location of the DNS record, the next-level server is the root name server. This is the first place the resolver will look to find the answer. The root name server has an index of every server that has the address being looked up. These servers are controlled by ICANN (Internet Corporation for Assigned Names and Numbers).

The root name server looks at the requested top-level web domain e.g. example.com or example.net and directs the query to the top-level domain (TLD) server. The TLD server will send the query to the appropriate authoritative server based on the top-level domain. 

The last step of the DNS lookup is at the authoritative name server, this is the final source of truth in the DNS process. This server has all the information about the requested domain, including any subdomain information, e.g. blog.something.net. This server has all of the DNS records such as A, NS, TXT, etc. The authoritative server returns the requested record back to the recursive server which will cache the record for future DNS lookups. The recursive server then sends the IP address record back to the browser and the website loads.

If the query gets to the authoritative server and it can't find the DNS record it will respond with an error.

The whole DNS lookup process takes a few milliseconds to query the various servers and get the IP address answer. 

The types of DNS servers 

This is a simple explanation of the difference between the DNS servers.

  • The recursive server asks for the IP address on behalf of the browser.
  • The root name server and the TLD server sit in the middle handling the query if it has been routed through them to the authoritative server.
  • The authoritative server answers the browser query. 

The types of DNS query 

This is a summary of DNS query types.

  • The recursive DNS query is used by the recursive resolver server when it doesn't already know the location of the domain. This query type will initiate iterate DNS queries by the next-level servers.
  • The non-recursive DNS query is used by the recursive server when it already has the DNS record information for the domain.
  • The iterative DNS query is sent by the recursive resolver server to the three next-level server types, the root name server, TLD, and authoritative name server. These redirect the query until they find a DNS record.

Common types of DNS records

As mentioned previously, DNS records return information about a domain and the DNS servers. There are commonly used DNS records that the browser needs to access a website.

  • A record - A means address and contains the IP (IPv4) address of a domain. IPv6 addresses must be held in an AAAA record which accounts for the longer number. There is usually only one A record for a website but there can be more for larger sites. Multiple A records are used when load balancing.
  • NS record - NS means name server and contains the name of the authoritative server that has all of the information for a domain. Typically domains have two or more name servers which are used as backups to ensure queries reach a name server efficiently.
  • CNAME record - CNAME means canonical and these records are used when the A record has an alias like a subdomain. For example. blog.example.com might have the same IP address as example.com and so the CNAME record allows the query to be retried to find the correct domain name. 
  • TXT record - TXT means text and was originally used as a domain notes field for administrators. Modern DNS uses the TXT field to allow the DNS process to automatically check information like domain ownership.

These are some of the most common DNS record types but there are many more. The record type for looking up email servers is an MX record, the record type for looking up a certificate is a CERT record, and so on. The CERT record type is one of a group, specifically used to secure DNS (DNSSEC) and this group has record types for secure signatures and other purposes.