Skip to content
Home » Blog » What is DNS (Domain Name System) and how does it work?

What is DNS (Domain Name System) and how does it work?

Domain Name System

The Domain Name System resolves the names of internet sites with their underlying IP addresses adding efficiency and even security in the process.

The Domain Name System (DNS) is one of the foundations of the internet, working in the background to match the names of web sites that people type into a search box with the corresponding IP address, a long string of numbers that no one could be expected to remember.

It`s still possible for someone to type an IP address into a browser to reach a website, but most people want an internet address to consist of easy-to-remember words, called domain names. (For example, Network World.)

In the 1970s and early 80s, the task of matching domain names and IP addresses was assigned to one person – Elizabeth Feinler at Stanford Research Institute, who maintained a master list of every internet-connected computer. This was obviously unsustainable, given the rapid growth of the internet, and, in 1983, Paul Mockapetris developed DNS, an automated, scalable system that handles domain-name-to-IP-address translation.

With over 342 million domains registered today, it would be tedious to store all these names in one directory. Like the Internet itself, directories are globally distributed on domain name servers that communicate with each other on a regular basis to provide updates and remove redundancies.

Another reason to create a distributed system is to improve performance. For example, imagine that all concurrent requests from all over the world to resolve the domain name Google using the underlying IP address were handled in one place. To solve this problem, DNS information is shared among many servers.

This means that a single domain can have multiple IP addresses. For example, the physical server that your laptop or smartphone reaches when you type is different than the server that someone in another country reaches when they type the same site name into their browser. But with DNS, you can reach the right place anywhere in the world.

How Does DNS Work? Recursive Resolvers and Root Servers, Top-Level Servers, and Name Servers

When a computer looks up the IP address associated with a domain name, it first looks up a DNS client (usually a web browser) to perform a DNS lookup. Queries are then sent to recursive DNS servers, also known as recursive resolvers. Recursive resolvers are typically run by Internet Service Providers (ISPs) such as AT&T and Verizon (or other third parties) to know which other DNS servers to contact to resolve a site’s name to its IP address. To do. Servers that actually have the information you need are called authoritative nameservers.

DNS is organized hierarchically. The first DNS query for the IP address is made to recursive resolvers. This search first leads to root servers that contain information about top-level domains (.com, .net, .org) and country domains. Root servers are located all over the world, so the DNS system forwards requests to the closest server.

Once the request reaches the correct root server, it is forwarded to the top-level domain servers (TLD nameservers), where the second-level domain information (the word you type in the search box) is stored. The request is then sent to a domain name server, which looks up the IP address and sends it back to your DNS client device so you can access the correct website. All this takes just a few milliseconds.

What is DNS Cache?

You may use Google many times a day. Instead of having your computer query a DNS nameserver for her IP address every time you enter a domain name, that information is stored on your personal device, so you don’t need to go to a DNS server to match a name to an IP address. is not. address.

Additional caching can occur on routers used to connect clients to the Internet and on your ISP’s servers. Due to the extensive caching, the number of queries that actually reach the DNS nameservers is greatly reduced, making the system faster and more efficient.

How does the DNS (domain name system) numbering system work?

Every device that connects to the Internet needs a unique IP address so that traffic can be routed properly. DNS translates human queries into numbers using a system called IPv4 or IPv6. In IPv4, numbers are 32-bit integers represented in decimal.

A series of numbers is divided into sections containing network components, hosts and subnets, similar to telephone numbers with country codes, area codes, and so on. The network portion of the number identifies the class and category of network associated with the number. A host identifies a specific machine on the network. The subnet portion of the number is optional, but is used to navigate large numbers of subnets and other partitions within your local network.

IPv6 created

Who assigns IP addresses?

In 1998, the US government delegated the task of assigning IP addresses to the Internet Corporation for Assigned Numbers and Names (ICANN). Since then, the nonprofit has fulfilled this role without much disruption. ICANN produces guidelines on issues such as creating new top-level domains (eg, .io).

ICANN has a primarily neutral and advisory role. For example, today anyone wishing to register a domain on the Internet can contact any number of ICANN accredited registrars. This essentially decentralizes an already decentralized DNS system. After registration, your new domain will be set up within minutes and accessible worldwide via your DNS servers.

Is DNS Safe?

Cybercriminals are very smart about identifying vulnerabilities that can be exploited in almost any system, and DNS is certainly involved in quite a few attacks. His 2021 IDC survey of more than 1,100 organizations in North America, Europe and Asia-Pacific found that 87% experienced a DNS attack.

The average cost of each attack was approximately $950,000 for all regions and approximately $1 million for North American organizations. According to the report, organizations across all industries experienced an average of 7.6 attacks in the past year.

The move to work off-premises related to the novel coronavirus and the response of organizations to move resources to the cloud for easier access has created new targets for attackers, the report said. I’m here.

Researchers also found a spike in data theft via DNS. 26% of organizations reported having sensitive customer information stolen, compared to 16% in 2020.

The most common types of DNS attacks involve DNS amplification, DNS spoofing, or caching. Poisoning, DNS tunneling, DNS hijacking, or DNS redirect.

What is DNSsec? 

DNSSec is a security protocol developed by ICANN to  make communication between the various tiers of servers involved in DNS lookups more secure. It fixes a communication vulnerability between  top-level, second-level, and third-level DNS directory servers that allows hackers to hijack searches. 

This hijack allows the attacker to respond to searches to her legitimate website by redirecting the user to a malicious website. These websites can upload malware to users or carry out phishing attacks. 

DNSSec addresses this issue by having each layer of DNS servers digitally sign their requests, ensuring that requests sent by end users cannot be hijacked by attackers. This creates a chain of trust, verifying the integrity of requests at every level of search. 

DNSSec determines whether a domain name really exists and, if not, prevents  fraudulent domains from being delivered to innocent applicants seeking  domain name resolution. 

What is DNS over HTTPS (DoH)? 

¬†DNSSec addresses potential vulnerabilities within a distributed network of DNS servers, but some form of deception is used to introduce malicious code into the DNS system. It certainly hasn’t stopped the DNS-based cyberattacks that it injects.¬†

In one of the biggest changes in DNS’s long history, Google, Mozilla, and others are pushing the move to DNS over HTTPS (DoH). DoH is an IETF standard that encrypts DNS requests in the same way¬† the HTTPS protocol secures most of the web. traffic jam.¬†

However, the move to DoH is not without controversy. By encrypting DNS requests, the DoH could prevent the company’s IT department from monitoring employee internet activity, which parents say could lead to the introduction of¬† parental controls over their children’s internet use. They complain that they may be disturbed.¬†

Adoption of DNS over HTTPS was slow. On the client side, DoH comes with the latest versions of Google Chrome and Mozilla Firefox, but  can be disabled by the end user. Organizations that want some  control over the browsers and browser versions  used by their employees have the option of disabling this feature. On the ISP side, many major ISPs have  yet to enable DoH. 

How to Find a DNS Server 

Generally, the DNS servers you use are set up automatically by your ISP when you connect to the Internet. If you want to check which server is her primary nameserver, there is a web utility that can give you information about your current network connection. B. 

Your ISP sets a default DNS server, but you don’t have to use it. Some users may have reasons to avoid their ISP’s DNS. For example, if your ISP uses¬† DNS servers to redirect requests for non-existent addresses to advertising pages.¬†

Alternatively, you can point your computer to a public DNS server that acts as a recursive resolver. One of the most well-known public DNS servers is Google’s public DNS server. The IP address is

What is web hosting?

48 thoughts on “What is DNS (Domain Name System) and how does it work?”

Leave a Reply

Your email address will not be published. Required fields are marked *