What Is DNS?

The Domain Name System (DNS) is the method by which an Internet Protocol (IP) address, a set of numbers (such as 173.194.39.78), is converted on a computer or other connected device into a human-readable domain name (such as www.google.com).

DNS serves as the Internet’s directory, translating human-friendly domain names into machine-readable IP addresses. When an individual enters a website address in their browser, it triggers a request to access that particular site. The role of DNS is to map the text-based URL to its designated IP address, which computers use to locate and deliver web content.

In essence, DNS resolves the required name-to-number conversion because networked devices communicate using numerical identifiers (IP addresses), not words. Each time you visit a webpage, send an email, or engage online in a way that requires resolving domain names, the DNS protocol ensures your digital requests reach their correct destination on the vast network known as the Internet.

A DNS server refers to machines configured within a system that maintain databases that associate domain names with IP addresses. The two main types of DNS servers are authoritative and recursive.

Authoritative servers have definitive control over one or more domains and respond directly with answers about these; they are responsible for providing updated and accurate information about all resources under their governance.

Recursive servers receive queries from client machines like personal computers or smartphones. If they do not know how to translate certain hostnames, they consult authoritative servers across different levels of a hierarchy. Once they retrieve sufficient data, they respond to the querying device. DNS servers streamline the user experience by reducing the complexity involved in direct interactions between the user’s device and various global authoritative sources.

In the earliest days of the Internet, the only way to get to a website was to enter the IP address, that long series of numbers, into their browser window. In the early 1980s, American computer scientist Paul Mockapetris and his colleague Jon Postel developed a system that automatically mapped IP addresses to domain names—and the DNS was born. This same system still serves as the backbone of today’s Internet.^[2]

DNS has been dubbed the “phone book” of the Internet. Suppose you want to read the “New York Times” online. You enter its domain name, www.nytimes.com, into your browser and see the front page of the news outlet. You can then navigate to different sections of the paper by clicking on links titled “Business”, “Sports”, “Opinion”, or to specific articles, each with its own domain name and IP address. Behind the computer screen, the query is sent to several servers across the Internet in this order:

• A recursive resolver server: When a DNS query initiates, it first lands at the recursive resolver server. Think of this as your internet concierge who takes on the initial request to translate a domain name into an IP address. If this server has previously resolved the same domain—thanks to its caching capability—it can provide a quick answer. Otherwise, it diligently moves up the hierarchy to fetch the required information.
• A root name server: Root name servers function as global reference points for all DNS lookups and are fundamental in translating readable hostnames into numerical IP addresses. Despite only 13 unique root zone nameserver addresses, each is strategically mirrored across various locations worldwide using anycast addressing to ensure response robustness and reliability.
• A top-level domain (TLD) name server: This type serves as custodian for specific slices of namespace categorised by top-level domains like .com or .org—and country codes such as .uk or .jp. It’s here where we narrow down our search further within these subdivisions. When given part of a hostname associated with their TLDs, they guide us closer by pointing towards more precise authoritative sources.
• An authoritative name server: Lastly, reaching an authoritative name server means hitting the jackpot for data specificity—they hold definitive records for individual domains, including necessary details like A records (addresses), MX records (mail exchanges), etc., allowing them to return requested mappings between particular domain names and their corresponding IPs back through channels from where queries came. ^[3]

DNS servers and recursive DNS servers are both integral components of the Internet’s domain name resolution process, but they have distinct roles within that system.

DNS Servers

These are typically authoritative name servers that contain specific data about a subset of domain names. They provide the final piece of information in the DNS lookup chain by responding with the IP address associated with a requested hostname. Essentially, these servers act as librarians who know exactly where to find certain books—the “books” being domain names and their corresponding “locations” being IP addresses.

Recursive DNS Servers

In contrast, recursive DNS servers do not hold data about domains themselves. Instead, they act on behalf of clients to resolve queries through a series of requests until the authoritative server grants an answer. You might think of them as assistants who take up your request for information and then consult various sources until they find it for you. They also cache responses so that future requests for the same hostname can be answered more quickly without going through all the steps again.

The key difference between these two DNS servers lies in function. Authoritative DNS directly answers questions based on its stored records, while recursive takes those initial inquiries and does the necessary legwork to obtain definitive responses elsewhere if needed.

DNS comes with several potential security issues. Given that the system is so widely used, any kind of DNS failure could theoretically be catastrophic. That’s a major concern, said Mockapetris, the co-developer of DNS, in an interview with tech magazine “TechTarget” in 2016.^[4] Billions of devices around the world are connected by DNS. And billions more will soon be connected by the Internet of Things (IoT), Mockapetris said.

At the height of the pandemic, threat actors attacked the DNS settings of people working from home amid the global COVID-19 pandemic. Attackers changed DNS settings in Linksys routers, pointing users to what appeared to be a legitimate website that included a pop-up message with information about the pandemic. But once a user clicked through, it downloaded a fake coronavirus-related app and performed a host of nefarious activities, according to security researchers.^[5]

The FBI’s Internet Crime Complaint Center (IC3) warned the public in March 2020 to watch out for online scams related to COVID-19 that include links that download malware onto the target’s computer. The scams invite people to make charitable contributions, receive airline ticket refunds, offer fake cures for COVID-19 or fake testing kits and other tricks designed to obtain personal information.

A DNS lookup is a critical process of translating domain names into IP addresses, enabling browsers to load Internet resources. Here’s a step-by-step breakdown of this translation process from start to finish.

1. User query initiation: The DNS lookup process starts when a user types a domain name into their web browser or initiates an action that requires internet access. This query signals the need to convert the human-friendly domain name into an IP address.
2. Recursive resolver server inquiry: The user’s device sends the request to a recursive resolver server, typically provided by their Internet Service Provider (ISP). Its job is to retrieve the website’s IP address on behalf of the client, acting as an intermediary responsible for navigating through subsequent stages if it doesn’t already have the answer cached from previous lookups.
3. Root name server direction: If necessary data isn’t in its cache, the recursive resolver queries one of 13 root name servers globally distributed and replicated via anycast networking. These serve at the topmost level in the DNS hierarchy and direct where the next part of the hostname should be looked up—specifically pointing towards the appropriate TLD server based on extension (.com, .org, etc.).
4. Top-Level Domain (TLD) server referral: After receiving guidance from a root server, our quest continues at TLD servers responsible for managing domains under specific suffixes like .net or country codes such as .uk. They hold details about authoritative name servers tasked with holding actual data related to requested hostnames within those zones.
5. Authoritative name server resolution: Nearing the endgame now, having been referred by TLDs, we reach out directly to the relevant authoritative nameserver, which possesses complete control over providing answers concerning its associated domain space. This is the final stop before obtaining much-needed IP mapping, enabling communication setup between the querying client and destination host machine.
6. IP address response return: Upon successful resolution—the authoritative server hands back a valid record detailing the correct numerical identifier linked with the original inputted text-based URL so this can then be communicated back down the line until reaching the initial requesting agent—the user’s device itself, thereby completing the loop and allowing intended network resource access.
7. Caching for efficiency: To improve speed for future inquiries regarding the same destinations—resolved addresses are temporarily stored along path-involved intermediaries, particularly within recursive resolvers’ local caches. This makes repeat visits far swifter experiences by bypassing the entire chain unless TTL values dictate otherwise due to refresh needs.

The steps involved in a DNS lookup form an essential sequence ensuring users can reliably and quickly access websites across the Internet. This system operates smoothly behind the scenes to maintain the connectivity we often take for granted during our daily online interactions.

When selecting the best DNS server, consider speed, reliability, security features, and privacy policies. A better-than-average DNS server will often boast enhanced performance in these areas compared to standard options provided by ISPs. Here are some of the top contenders:

• Google Public DNS: Renowned for its speed and robust infrastructure, Google’s offering is a go-to choice for users looking to enhance their browsing experience with improved latency.
• Cloudflare: Prioritising privacy and performance, Cloudflare’s 1.1.1.1 service does not log IP addresses and promises faster access times than many competitors.
• Quad9: Security is where Quad9 shines; it blocks malicious domains known for phishing or malware distribution while maintaining high standards of speed.
• OpenDNS: Owned by Cisco Systems Inc., OpenDNS provides customisable filtering options, which make it ideal for those seeking more control over their internet navigation safety measures.

Features you should look for when selecting a DNS service include:

• Fast response times
• High uptime guarantees
• Built-in security measures (e.g., protection against phishing attacks)
• Privacy assurances (minimal data logging)
• Parental controls and customisability

Choosing the right one hinges on your priorities—whether unyielding security layers or uncompromised speed—and each option above has proven its mettle in various aspects, making them stand-out choices within today’s crowded field servers.

Resources

DNS Made Easy (2019). “What Is DNS? The glue that holds the Internet together.”
Cloudflare. “What is DNS? How DNS works.”
Margie Semil of TechTarget (January 2016). “DNS challenges have changed, but it’s vital role hasn’t.”
Shannon Vavra, Cyberscoop (March 2020). “Hackers are messing with routers’ DNS settings as telework surges around the world.”
Federal Bureau of Investigation (FBI) (March 2020). “FBI sees rise in fraud schemes related to the coronavirus (Covid-19) pandemic.”

[1] Cloudflare.com
[2] Cloudflare.com
[4] Shannon Vavra, Cyberscoop. “Hackers are messing with routers’ DNS settings as telework surges around the world” March 2020.
[5] Shannon Vavra, Cyberscoop. “Hackers are messing with routers’ DNS settings as telework surges around the world” March 2020.