DNS

People often compare DNS to the phonebook of the internet. Think about calling a friend without knowing their name. You would have to memorize that full ten digit phone number every time. It sounds pretty inconvenient right. The internet faces a similar issue if we rely on remembering IP addresses like 142.250.185.78. Instead we just type in something simple like google.com.

DNS steps in to handle this problem. The Domain Name System translates those easy to read domain names into the IP addresses machines actually use. Because of DNS we can visit websites and send emails without ever touching those complicated numbers. Online services become straightforward too.

Why DNS Exists

Computers always talk through IP addresses during communication. Humans though find names much easier to handle. DNS fills that space with its distributed and hierarchical setup for naming things. The internet would not work well without it. Picture bookmarking and memorizing an IP address for every single site.

Concept	Without DNS	With DNS
Website Access	Must remember 142.250.185.78	Just type google.com
Email Delivery	Must send to IP of mail server	Use @gmail.com and DNS finds the server
User Experience	Complex, error-prone	Simple, user-friendly

How DNS Resolution Works

When you enter www.example.com into your browser address bar, the name resolution process kicks off right away. It handles turning that domain name into an actual IP address. There are two primary ways this happens in DNS systems:

1. Recursive Resolution The DNS resolver handles everything, whether it's your Internet service provider's or a public option such as Google DNS at 8.8.8.8. It manages the entire process independently without the need for external help.

2. Iterative Resolution The resolver does not handle everything on its own. Instead, it asks each DNS server along the way which one to try next. It continues to follow this chain until it reaches the authoritative server. That server contains the precise IP address for the domain.

The Resolution Path

Step	Description
Root DNS Server	Points to the right Top Level Domain (TLD) server (.com, .org, etc.)
TLD DNS Server	Directs the query to the authoritative server for the domain
Authoritative DNS Server	Holds the actual DNS records and provides the IP address

At the end of this process, your computer receives the correct IP and can connect to the website.

DNS Records Explained

DNS doesn’t just store IP addresses. It uses different types of records for different purposes:

Record Type	Purpose	Example
A	Maps a domain to an IPv4 address	93.184.216.34
AAAA	Maps a domain to an IPv6 address	2606:2800:220:1:248:1893:25c8:1946
CNAME	Points one domain to another	www.example.com → example.com
MX	Directs emails to the correct mail server	mail.example.com
TXT	Stores text for verification/security (SPF, DKIM, etc.)	v=spf1 include:_spf.google.com ~all

Practical Example with nslookup / dig

You can manually query DNS with simple tools:

Using nslookup (Windows/Linux/macOS):

nslookup www.example.com

Using dig (Linux/macOS):

dig www.example.com

To trace the resolution step by step:

dig +trace www.example.com

This shows every hop: Root → TLD → Authoritative.

Caching and TTL

DNS gets set up mainly for quick performance. It stores query results in caches to prevent repeating the exact same requests all the time. Those caches happen right on local devices and also through various DNS resolvers.

Every single record includes its own TTL value. That stands for Time To Live. The value sets the exact duration for keeping the cached info valid. After that time passes, the system needs to perform a new lookup for fresh details.

Scenario	TTL	Effect
Example.com record	3600s	Cached for 1 hour, then refreshed
High-traffic services (e.g. CDNs)	60s	Allows frequent updates for load balancing
Rarely changing records	86400s	Cached for 24h, reduces DNS traffic

Recursive vs Authoritative Servers

Type	Role
Recursive Resolver	Acts on behalf of the client, usually ISP or public DNS server
Authoritative Server	Holds definitive records for a domain

DNS in IPv6

DNS in IPv6 works a lot like how things go with IPv4.

IPv4 sticks with A records for addresses. IPv6 switches over to AAAA records to handle those longer addresses. Most modern networks run both setups side by side. This lets DNS servers hand back multiple records at once in what they call a dual-stack approach. Clients on the network pick which one to use. They usually go for IPv6 first if it is available and working.

DNS Problems

Even though DNS is fundamental, it comes with challenges:

• Propagation delay hits when you update a DNS record. The change has to ripple out across the whole internet. Caching mechanisms and TTL settings slow that down. It can take several hours for the new info to show up everywhere. Sometimes that wait stretches out to a full 48 hours or so.

• DNS cache poisoning is another nasty issue. Attackers slip in fake IP addresses right into those caches. This tricks users into heading to phony websites instead. From there it opens the door to phishing scams. It can also spread malware pretty easily.