What Is DNS and How It Works – A Complete Beginner’s Guide

If you’ve ever typed a website name like google.com or youtube.com into your browser, you’ve used DNS even if you’ve never heard of it. DNS (Domain Name System) is one of the most important systems on the internet, and it works quietly in the background every time you open a website, use an app, or send an email. In this guide, we’ll explain What Is DNS and How It Works in easy words.

What Is DNS?

DNS stands for Domain Name System.

The easiest way to understand DNS is to think of it as the phonebook of the internet.

• Humans like to use names: facebook.com, amazon.in, mycoolwebsite.com
• Computers and servers use IP addresses: something like 142.250.195.14 or 2607:f8b0:4005:80a::200e (IPv6)

DNS is the system that translates easy‑to‑remember domain names (like example.com) into the actual IP addresses that computers use to communicate.

So when you type a website name into your browser, DNS’s job is to answer the question:

“What is the IP address of this domain name?”

Once your computer has the IP address, it can connect to the correct web server and load the website.

Without DNS, you would have to remember and type long strings of numbers for every website you visit. That would be painful and unrealistic.

Why Was DNS Created?

In the early days of the internet (ARPANET), there were only a small number of computers. A single text file called hosts.txt was used to map names to IP addresses.

• Every time a new computer/server was added, the file had to be updated and shared.
• As the network grew, it became slow, difficult to manage, and prone to failures.

So, the Domain Name System (DNS) was created in the 1980s to:

1. Scale to millions and now billions of devices.
2. Distribute the database globally rather than storing it in a single central file.
3. Automate name lookups (finding the IP from the name)

Today, DNS is a global, distributed database that powers almost everything on the internet.

Key Terms You Must Know

Before we dive into how DNS works, let’s understand a few important terms.

Domain Name

A domain name is the human‑readable name of a website.

Examples:

• google.com
• wikipedia.org
• mybusiness.in

A domain name usually has multiple parts separated by dots.

TLD (Top‑Level Domain)

The Top‑Level Domain (TLD) is the last part of a domain name, after the final dot.

Examples:

• .com – commercial websites (businesses, companies)
• .org – organizations (nonprofits, communities, institutions)
• .net – network-related websites (ISPs, networking services, infrastructure)
• Country‑specific: .in (India), .uk, .de, .jp

In google.com, the TLD is .com. In gov.in, the TLD is .in.

Second‑Level Domain

This is the part just before the TLD.

Examples:

• In google.com → google is the second‑level domain
• In amazon.in → amazon

Together, the second‑level domain + TLD make the main domain name (like google.com).

Subdomain

A subdomain is a part added before the main domain name.

Examples:

• www.google.com → www is a subdomain
• mail.example.com → mail is a subdomain
• blog.mysite.com → blog is a subdomain

Subdomains are often used to separate different sections or services of a website.

IP Address

An IP address is a unique number assigned to each device or server on a network.

Two common versions:

• IPv4: looks like 192.168.1.1 – 4 numbers separated by dots
• IPv6: looks like 2400:cb00:2048:1::c629:d7a2 – longer, with letters and colons

Because these are hard for humans to remember, we use domain names instead, and DNS connects them.

DNS Resolver (or Recursive Resolver)

The DNS resolver is typically operated by your internet service provider (ISP) or by a public DNS provider such as Google DNS or Cloudflare DNS.

Its job is to:

• Receive your computer’s question: “What is the IP of this domain?”
• Do all the background work to find the answer.
• Return the IP address to your device.

Authoritative DNS Server

An authoritative DNS server is the server that holds the official DNS records for a domain.

For example, if you own mycoolsite.com your DNS provider’s servers are authoritative for that domain. They contain the final, correct DNS records for it.

DNS Records

DNS records are entries stored in DNS servers that define how a domain behaves.

Common types:

• A record – maps a domain to an IPv4 address
• AAAA record – maps to an IPv6 address
• CNAME record – points one domain name to another domain name
• MX record – specifies mail servers for email
• TXT record – holds text data (often for verification, SPF, security, etc.)
• NS record – shows which servers are authoritative for the domain

We’ll go deeper into these later.

How DNS Works Step by Step

Let’s understand what actually happens when you type a website address in your browser. We’ll use example.com as an example.

Step 1: You Type a Domain Name

You open your browser and enter:

https://example.com

Your computer now needs the IP address of example.com to connect.

Step 2: Check Local Cache

Before asking the internet, your device checks a few places where the answer might already be stored (cached):

1. Browser cache – Has your browser recently looked up example.com?
2. Operating system cache – Your OS (Windows, macOS, Linux, Android, iOS) may remember previous DNS answers.

If the IP address is found in the cache and is still valid (not expired), it is used directly. This makes browsing much faster.

If it’s not found, your computer asks the next helper: the DNS resolver.

Step 3: Ask the DNS Resolver

Your computer sends a DNS query (a question) to a DNS resolver.

Your resolver is usually:

• Provided automatically by your ISP, or
• A public DNS like:
  • Google DNS: 8.8.8.8, 8.8.4.4
  • Cloudflare DNS: 1.1.1.1
  • OpenDNS: 208.67.222.222

The question your device asks is essentially:

“Dear resolver, what is the IP address of example.com?”

Step 4: Resolver Checks Its Own Cache

The resolver also keeps a cache.

• If someone else recently visited example.com, the resolver might already know the IP.
• If it does, it returns the IP to your device immediately.

If it doesn’t know the IP address, it needs to query the DNS system to find it. This is where the real magic happens.

Step 5: Query the Root DNS Servers

The DNS system is organized in a hierarchical structure, from top to bottom.

At the very top, we have root DNS servers.

• There are 13 logical root server identities (named A–M), operated by different organizations.
• Each identity is actually replicated across many physical servers worldwide.

The resolver asks a root server:

“Do you know the IP address of example.com?”

The root server does not know the IP of every domain. But it does know where to find the DNS servers for each TLD.

So the root server replies something like:

“I don’t know the IP for example.com, but I know the DNS servers responsible for .com. Here they are.”

It returns the TLD name servers for .com.

Step 6: Query the TLD Name Servers

Next, the resolver contacts one of the .com TLD name servers.

It asks:

“Do you know the DNS servers for example.com?”

The TLD server doesn’t directly know the IP of example.com either, but it does know which authoritative name servers are responsible for the domain example.com.

So it replies with something like:

“Ask these authoritative name servers for example.com.”

These are defined by the NS records of the domain.

Step 7: Query the Authoritative Name Server

Now, the resolver contacts one of the authoritative DNS servers for example.com.

It asks:

“What is the IP address of example.com?”

The authoritative server does have the A record (and/or AAAA record) for example.com.

It responds with an answer like:

example.com -> 93.184.216.34

This is the official, final answer.

Step 8: Resolver Returns the Answer to Your Device

The resolver now:

• Caches the answer for some time (so it can respond faster next time)
• Sends the IP address back to your computer

Your computer also caches the answer for a while.

Step 9: Your Browser Connects to the Web Server

Now that your device knows that example.com → 93.184.216.34, your browser can:

• Open a TCP or TLS connection to 93.184.216.34 on port 80 (HTTP) or 443 (HTTPS)
• Send an HTTP request: “Give me the webpage for example.com”

The web server responds with the HTML, CSS, JavaScript, images, etc.

You see the website in your browser.

All of this — DNS lookup + connection + loading — usually happens in milliseconds.

DNS Records Explained (With Examples)

DNS records are like the lines in a contact list that say who is who and how to reach them.

Here are the most important record types you should know:

A Record (Address Record)

• Maps a domain name to an IPv4 address.
• Example:

example.com.   IN   A   93.184.216.34

This means: example.com → 93.184.216.34.

AAAA Record

• Maps a domain name to an IPv6 address.
• Example:

example.com.   IN   AAAA   2606:2800:220:1:248:1893:25c8:1946

CNAME Record (Canonical Name)

• Points one domain to another domain.
• This is useful when you want different names to ultimately go to the same place, but you don’t want to repeat the IP everywhere.

Example:

www.example.com.   IN   CNAME   example.com.

This means: www.example.com uses the same IP as example.com. If the A record of example.com is updated, www.example.com automatically follows it.

MX Record (Mail Exchange)

• Tells the world which mail servers handle email for your domain.

Example:

example.com.   IN   MX   10 mail1.example.com.
example.com.   IN   MX   20 mail2.example.com.

This means:

• Primary mail server: mail1.example.com (priority 10)
• Backup mail server: mail2.example.com (priority 20; higher number = lower priority)

TXT Record

• Holds text information.
• Often used for:
  • Verifying domain ownership (for Google, Microsoft, etc.)
  • SPF (Sender Policy Framework) – email security
  • DKIM, DMARC – email authentication and anti‑spam

Example:

example.com.   IN   TXT   "v=spf1 include:_spf.google.com ~all"

NS Record (Name Server)

• Specifies which name servers are authoritative for the domain.

Example:

example.com.   IN   NS   ns1.dnsprovider.com.
example.com.   IN   NS   ns2.dnsprovider.com.

These are the servers that hold the official DNS records for example.com.

Other Common Records (Brief)

• SRV – Service records (define specific services like VoIP, etc.)
• PTR – Reverse lookup (IP → domain name), often used by mail servers

What Is DNS Caching and Why It Matter?

Caching means storing data temporarily so that it can be accessed faster next time.

DNS caching happens at several levels:

• Your browser
• Your operating system
• Your router (sometimes)
• The DNS resolver (ISP or public DNS)

Each DNS record has a TTL (Time To Live) value, usually in seconds.

Example:

example.com.   3600   IN   A   93.184.216.34

• 3600 seconds = 1 hour.
• This tells resolvers: “You can cache this answer for 1 hour. After that, check again.”

Why caching is important:

1. Speed – Faster responses, better user experience
2. Less load – Reduces traffic to root, TLD, and authoritative servers
3. Resilience – Short outages might not be noticeable if cached data is still valid

However, caching also means that DNS changes are not always instant. If you change a DNS record, it may take some time (until old caches expire) for everyone in the world to see the new value.

Types of DNS Queries

There are a few different types of DNS queries:

Recursive Query

This is what your device usually sends to the resolver.

It basically says:

“Don’t come back to me until you have a final answer or an error.”

The resolver then does all the work: root → TLD → authoritative → back to you.

Iterative Query

When the resolver talks to other DNS servers (root, TLD, authoritative), it often uses iterative queries.

That means:

• If the server doesn’t know the final answer, it replies with a referral (e.g., “I don’t know, but try these servers”).
• The resolver then decides where to ask next.

Non‑Recursive Query

If a resolver already has the answer in its cache, it can respond immediately, without asking anyone else. This is a non‑recursive query.

Common DNS Problems you may experience

When DNS doesn’t work properly, you’ll often see error messages like:

• DNS_PROBE_FINISHED_NXDOMAIN
• Server DNS address could not be found
• This site can’t be reached

Here are a few common causes:

Incorrect DNS Settings

• Your computer or router might be using a DNS server that isn’t working.
• Fix: Change your DNS settings to a reliable provider (like Google DNS 8.8.8.8 or Cloudflare 1.1.1.1).

Propagation Delay

When you change DNS records (for example, moving your website to a new host), it can take minutes to hours for the changes to spread across the internet.

This delay is called DNS propagation.

Misconfigured DNS Records

Examples:

• A record points to the wrong IP address
• Missing or incorrect MX records → email not working
• Wrong NS records → entire domain might stop resolving

Local DNS Cache Issues

Sometimes, your device or browser may cache an outdated or incorrect DNS entry.

Fix:

• Clear browser cache
• Flush DNS cache on your system (commands like ipconfig /flushdns on Windows, sudo dscacheutil -flushcache on macOS, etc.)

Public DNS Services (For Faster and Safer Browsing)

Most people use the DNS servers provided automatically by their internet provider. But you can also use public DNS resolvers, which may be:

• Faster
• More reliable
• More private
• Sometimes with security or content‑filtering features

Popular options:

1. Google Public DNS
   • IPv4: 8.8.8.8 and 8.8.4.4
   • IPv6: 2001:4860:4860::8888, 2001:4860:4860::8844
2. Cloudflare DNS (privacy‑focused)
   • IPv4: 1.1.1.1 and 1.0.0.1
3. OpenDNS (Cisco)
   • IPv4: 208.67.222.222 and 208.67.220.220

You can configure these in:

• Your computer’s network settings, or
• Your router, so that all devices in your home can use it.

DNS Security Basics

Traditional DNS was not designed with strong security in mind. That leads to some potential issues:

DNS Spoofing / Cache Poisoning

• Attackers may try to insert false DNS data into a resolver’s cache.
• If successful, users trying to visit a real website (like yourbank.com) could be silently redirected to a fake, malicious website.

DNSSEC (DNS Security Extensions)

DNSSEC adds digital signatures to DNS data.

• It helps ensure the data hasn’t been tampered with.
• Resolvers can verify that the DNS response truly comes from the legitimate authoritative server.

Not every domain uses DNSSEC yet, but it’s becoming more widely adopted.

DoH and DoT

• DNS over HTTPS (DoH) and DNS over TLS (DoT) encrypt DNS queries.
• This prevents others on the network (like Wi‑Fi snoopers or some ISPs) from easily seeing which domains you’re looking up.

Modern browsers like Firefox and Chrome support DNS over HTTPS with certain providers.

How DNS Relates to Your Website or Business

If you own a website, you will definitely work with DNS at some point, even if indirectly.

You may need to:

1. Point your domain to your hosting server
   • Usually by adding or editing A or CNAME records.
2. Set up email for your domain
   • Configure MX, SPF (TXT), DKIM, and DMARC records.
3. Use third‑party services (CDNs, mailing services, etc.)
   • They often ask you to add specific DNS records for verification or routing.

Even if you use a simple hosting control panel, understanding DNS helps you:

• Avoid mistakes
• Fix issues faster when something breaks
• Communicate better with your hosting or IT team

Quick Recap (DNS in Simple Words)

Let’s summarize everything in an easy, human way:

• The Internet uses IP addresses (numbers) to identify computers and servers.
• Humans like names (like google.com).
• DNS is the system that connects these two.
• When you type a website name:
  1. Your device asks a DNS resolver for the IP.
  2. The resolver may check its cache.
  3. If it doesn’t know, it goes step‑by‑step:
     • Root servers → TLD servers (.com, .org, etc.) → authoritative servers
  4. Finally, it gets the IP address and returns it.
  5. Your browser uses the IP to connect to the correct web server.
• This happens in milliseconds, thousands or millions of times per second across the world.

DNS is like the address book of the internet. It’s invisible most of the time, but without it, the modern web simply wouldn’t work.