DNS, Explained: What It Is and How It Works

Like a computer, you use numbers to communicate, but you wouldn’t memorize all of your friend’s phone numbers for the same reason you wouldn’t memorize the IP address of every web page you visit. Thanks to DNS—the internet’s phone book—you don’t have to.

DNS is an integral part of everything you do online, and while it might seem complex, there are simple ways to think about it. The next sections explain what DNS is and cover a bit about how it works.

What is DNS?

DNS stands for Domain Name System. In a general sense, it acts as the internet’s directory, and lets you connect to websites using words instead of numbers.

In the 1970s, if you wanted to add a new address to the fledgling internet, you had to call Elizabeth “Jake” Feinler at the Stanford Research Institute. She oversaw the directory of the first public packet-switched computer network, called ARPANET. At your request, Feinler would manually add your new domain name and its corresponding numerical address in a single file called ‘HOSTS.TXT’.

By the late 1980s, Feinler’s central address directory became too cumbersome to maintain, and the Domain Name System (DNS), which instead distributed the directory across multiple servers and locations, was created in its place. Since then, DNS has been consistently updated to accommodate the modern internet.

DNS is often called the phone book of the internet because it manages the mapping between names and numbers. To refresh this metaphor, think of DNS as the contacts app on your phone, which organizes and puts a name to the contact information of everyone you know. Thanks to your contacts app you can tell Siri, for instance, to “Call Mom” and your phone will dial her number; thanks to DNS, you can type ‘nytimes.com’ in your address bar and your web browser will reach the New York Times to display the latest headlines.

More specifically, DNS is a web service that translates a domain name, like ‘neeva.com’, into an IP address, like ‘231.230.78.12’, to connect to a website and load its resources. DNS makes internet communications possible by turning human-readable domain names into computer-readable numerical IP addresses. This way, you don’t have to remember complicated strings of numbers. Instead, you access information online through easily-remembered words and terms.

IP addresses are an essential part of all online activity. Without them, accessing the internet would be impossible. All internet-enabled devices—from servers, to computers, to phones—find and communicate with one another using these numbers. IP addresses identify where data should be sent in much the same way street addresses on packages and envelopes identify where your mail should end up.

How does DNS work?

To return your request, or query, with a website, DNS maps the domain name you type into your address bar to locate the associated IP address. This process is referred to as a DNS lookup. Web browsing relies on DNS lookups to quickly provide the necessary details, called DNS records, to connect you to a remote server, regardless of where you and the server are respectively located. A DNS lookup takes a fraction of a second, is imperceptible, and requires no interaction from your device aside from the initial query.

DNS is a globally distributed service, meaning it doesn’t exist on a single server—as Feinler’s directory did—but consists instead of a large distributed system of servers belonging to multiple entities across the web and around the world.

DNS is organized into small domains; no single server stores every domain. A server is responsible only for its domain, and knows to point to other servers, which are responsible for other domains. When a server gets a request about an address inside its domain, it provides the answer; when a server gets a request for an address outside of its domain, it forwards the query to another server.

To avoid going through this process multiple times for the same query, servers can cache, i.e. store, the information for a set amount of time. Caching improves load times, reduces bandwidth, and promotes efficiency. The length of time the DNS records are held, known as time to live (TTL), depends on various factors; longer periods lessen the load on servers, whereas shorter periods ensure more accurate responses.

Within DNS, access providers, including businesses, universities, governments, and other organizations, have their own assigned domain names and corresponding IP addresses, and run their own DNS servers to manage the mapping of those names and addresses. Most URLs, for example, are set up around the domain name of the server that takes user requests, e.i. ‘harvard.edu’ or ‘usa.gov’.

DNS isn’t only for web browsing. There’s a DNS lookup with all kinds of network requests that involve reaching out to a remote server, including software updates, mobile apps, and—for worse—malware. In each of these examples your device reaches out to a domain name rather than an IP address, so that if an IP address changes—which they sometimes do—you can still establish a connection to the server.

Types of DNS

Servers across the globe maintain and deliver DNS records, including server names, IP addresses, and subdomains (like the ‘en’ in ‘en.wikipedia.org’). There are different types of DNS servers a query needs to pass between—each with different roles in the sequence that translates domain names to IP addresses:

• Recursive DNS server. A recursive DNS server—or DNS resolver—is the first step in a DNS lookup, and is typically managed by your internet service provider (ISP). It accepts and processes your DNS queries (i.e. the domain names you enter in your web browser), then either provides the records if they’ve been cached, or passes your query on to another server further up the chain. Think of the recursor as the intermediary that obtains information on your behalf, like a librarian who helps you find your books.
• Root name server. These servers are, as the name implies, at the foundation of the DNS infrastructure. If the records haven’t been cached, the recursive DNS server sends the query to a root server. Think of a root name server as an index that points to the different servers with the information being requested, like a library index that points to various bookshelves.
• TLD server. The top-level domain server, or TLD server, directs your query based on the top-level domain (TLD). That is, it hosts the last part of the domain name, such as ‘.com’, ‘.org’,  or ‘.net’. For instance, if you request ‘neeva.com’, a TLD server for the ‘.com’ part will respond, then point you to the nameserver for ‘neeva’. To return to the library metaphor, think of a TLD server as a specific rack of books on the shelf.
• Authoritative DNS server. Sometimes called a master DNS server or an authoritative name server, the authoritative DNS server is your query’s last stop. These servers are a domain’s highest authority; it’s where administrators manage IP addresses, subdomains, and server names for their domains. In other words, these servers contain the domain’s specific DNS records, which authoritative servers send back to the recursive server, where they can be cached for future lookups.

To summarize and simplify, think of a DNS query like this: The recursive server asks for DNS records (including the IP address) on your behalf, and the authoritative server ultimately answers your query. The root and TLD servers handle your request as it travels between these two endpoints, and rarely provide records themselves. Each server plays a different role and is integral to the DNS infrastructure.

Public vs. private DNS

There’s also a distinction between public and private DNS. Organizations often use DNS internally for requests that involve reaching out to a remote server within their own network. This is called private or local DNS. Public DNS, on the other hand, refers to requests that reach out to the wider web, i.e. the internet.

Typical DNS lookup steps

To better understand how a domain name is translated to its corresponding IP address, it helps to follow a query along the DNS lookup process. Here are some of the basic steps in a typical query:

1. You open your web browser and enter a domain name, like ‘neeva.com’, in your address bar.
2. Your query is routed to a DNS recursive resolver to find out which IP address the domain name corresponds to. If the information has been cached, the resolver returns the IP address and the website will load.
3. Otherwise, the resolver forwards the request to a root name server.
4. The root name server responds with the address of a TLD server.
5. The resolver then forwards the request to a TLD server, which stores the information for the domain.
6. The TLD server then responds with the address of the authoritative server.
7. The authoritative server searches for the domain name’s DNS record and returns it to the resolver. If the authoritative server can’t find the information, it returns an error message.
8. If the information is found, the resolver returns the IP address to your web browser, which loads the website. The resolver also caches the IP address for the next time it receives a request for the same information.

Interested in experiencing a new and better way to search the web? Neeva is the world’s first private, ad-free search engine, committed to showing you the best result for every search. We will never sell or share your data with anyone, especially advertisers. Try Neeva for yourself, at neeva.com