browserutils
← All terms

// glossary

What is DNS?

DNS (Domain Name System) is the hierarchical naming system that translates human-readable domain names like example.com into IP addresses that computers use to route network traffic.

DNS (Domain Name System) is the hierarchical naming system that translates human-readable domain names like example.com into IP addresses like 93.184.216.34 that computers use to route network traffic. Often called “the phonebook of the internet,” DNS is fundamental infrastructure that makes the web usable.

How DNS resolution works

When you type example.com in a browser, here’s what happens:

  1. Browser cache: Checks if it already knows the IP.
  2. OS resolver: Checks the system DNS cache.
  3. Recursive resolver: Your ISP’s (or Cloudflare’s 1.1.1.1, Google’s 8.8.8.8) DNS server takes over.
  4. Root nameserver: Directs the resolver to the .com TLD nameserver.
  5. TLD nameserver: Directs to example.com’s authoritative nameserver.
  6. Authoritative nameserver: Returns the actual IP address.

The resolver caches the result based on the record’s TTL (Time to Live), so subsequent lookups skip most of these steps. A typical DNS lookup takes 20-120ms.

Record types

DNS stores more than just IP addresses. Common record types:

  • A: Maps a domain to an IPv4 address
  • AAAA: Maps a domain to an IPv6 address
  • CNAME: Alias from one domain to another
  • MX: Mail server for the domain
  • TXT: Arbitrary text — used for SPF, DKIM, domain verification
  • NS: Delegates a subdomain to a nameserver
  • SOA: Start of Authority — metadata about the zone
  • SRV: Service discovery (used by SIP, XMPP, etc.)
  • CAA: Specifies which CAs can issue certificates for the domain

DNS and propagation

When you update DNS records, changes don’t take effect instantly. Old records remain cached by resolvers worldwide until their TTL expires. “DNS propagation” typically takes minutes to 48 hours depending on the TTL of the old record. Lower the TTL before making changes, wait for the old TTL to expire, then make the change.

Security concerns

Standard DNS is unencrypted — anyone between you and the resolver can see (and potentially modify) your queries. DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT) encrypt queries to the resolver. DNSSEC adds cryptographic signatures to DNS responses, preventing spoofing, but adoption is still incomplete.

DNS hijacking, cache poisoning, and DNS-based DDoS amplification are real threats. Running your own resolver or using a trusted provider (Cloudflare, Quad9) mitigates some risks.

Look up DNS records with the DNS Lookup tool, browse record types with the DNS Record Types Reference, or check domain ownership with the WHOIS Lookup.

#Related Tools

DNS Lookup Helper
Generate DNS lookup commands and learn about DNS records
DNS Record Types Reference
DNS record types reference (A, AAAA, CNAME, etc.)
WHOIS Lookup Helper
Learn about WHOIS data and generate lookup commands
IP Address Lookup
Find your public IP address and browser info

#Related Terms

What is SSL/TLS?
SSL (Secure Sockets Layer) and TLS (Transport Layer Security) are cryptographic protocols that encrypt communication between clients and servers, forming the foundation of HTTPS.
What are HTTP Status Codes?
HTTP status codes are three-digit numbers returned by a server in response to a client's request, indicating whether the request succeeded, failed, or requires further action.
What is CORS?
CORS (Cross-Origin Resource Sharing) is an HTTP-header-based mechanism that allows a server to indicate which origins other than its own are permitted to load its resources.

#Learn More

Glossary
What is DNS?