π What Is DNS?
DNS (Domain Name System) is the phonebook of the Internet.
It translates human-friendly names like google.com into IP
addresses so devices can find each other.
Why DNS is the Silent Hero of the Internet
- You type google.com
- Your device needs the IP address (like 142.250.183.14)
- DNS translates the name → IP automatically
When DNS fails:
- Websites break
- Apps stop responding
- Emails fail
- VPN & authentication can break
Fun fact: 70–80% of initial network failures trace back to DNS.
How DNS Works (Very Simple)
Root → TLD → Authoritative → IP returned
Types of DNS Servers
1️⃣ Recursive Resolver
- This is the first DNS server your device talks to.
- It does all the hard work of finding the final IP address for you.
- Stores (caches) answers so the next lookup is faster.
- Examples: Google DNS (8.8.8.8), Cloudflare (1.1.1.1), Quad9 (9.9.9.9)
2️⃣ Authoritative DNS Server
This is the DNS server that holds the real, original DNS records for a domain. Whenever someone looks up a domain, this server provides the final and correct answer.
- Stores official DNS records like A, AAAA, MX, CNAME, TXT, NS, SOA.
- Doesn’t perform searching — it simply answers with what it already knows.
- Owned by the domain’s hosting provider or where the DNS zone is configured.
- Two types:
- Primary (Master) Server — where the zone file is created and managed.
- Secondary (Slave) Server — a read-only copy for redundancy and speed.
- Without an authoritative server, your domain won’t resolve because no system would know your IP address.
- Examples: Cloudflare DNS hosting, Route53, GoDaddy DNS, Namecheap DNS, DigitalOcean DNS.
3️⃣ Root DNS Servers
- These are the “top-most” DNS servers — the starting point of the entire DNS hierarchy.
- They don’t give IP addresses; instead, they guide your resolver to the correct TLD server.
- There are 13 main root server names (A–M), but each has hundreds of global mirror servers.
- They ensure global stability and help direct DNS traffic efficiently.
4️⃣ TLD (Top-Level Domain) Servers
- These servers manage domain extensions such as .com, .in, .net, .org, etc.
- They don’t store full DNS records — only tell the resolver which authoritative server holds the domain’s actual records.
- Example: For google.com, the TLD server for .com points you to Google’s authoritative DNS server.
- Run by registries like Verisign (.com, .net), NIXI (.in), PIR (.org) and others.
5️⃣ Caching DNS Servers
- These servers store DNS answers temporarily to speed up future lookups (using TTL timers).
- Reduce Internet traffic and make browsing much faster.
- If they already have the answer in cache → reply instantly without contacting other DNS servers.
- Examples: ISP DNS servers, corporate DNS servers, and public DNS resolvers.
Types of DNS Queries
1️⃣ Recursive Query
In a recursive query, the client (usually your computer or application) asks a DNS resolver to provide a complete answer — the IP address corresponding to a domain name. The resolver takes full responsibility to query other DNS servers on behalf of the client until it finds the final answer. If it cannot find an answer, it returns an error.
- Client sends domain request to recursive resolver.
- Resolver queries root, TLD, and authoritative servers as needed.
- Resolver returns the final IP to the client.
- Example: Your browser asks Google DNS for
example.com, and Google DNS resolves it completely.
2️⃣ Iterative Query
In an iterative query, the DNS resolver does not find the final answer itself. Instead, it returns the best possible referral to another DNS server. The client or another resolver then continues the query process step by step until it reaches the authoritative server.
- Client asks a resolver for a domain.
- Resolver responds with the address of the next DNS server to query.
- The process repeats until an authoritative server provides the IP address.
- Example: Your resolver asks the root server for
example.com, root points to the TLD server, TLD points to authoritative server.
3️⃣ Non-Recursive Query
In a non-recursive query, the DNS resolver already has the answer in its cache and returns it immediately to the client. This is the fastest type of query because no additional lookups are needed.
- Client asks the resolver for a domain it has cached.
- Resolver immediately returns the IP address from its cache.
- Example: Accessing
google.comright after visiting it — the resolver already knows the IP.
π§Ύ Common DNS Record Types
| Record | Purpose |
|---|---|
| A | Domain → IPv4 address |
| AAAA | Domain → IPv6 address |
| CNAME | Alias domain pointer |
| MX | Mail exchange server |
| TXT | Verification & policies (SPF, DKIM) |
| NS | Nameserver records |
| SRV | Service discovery |
| PTR | Reverse lookup |
π Popular Public DNS Servers
| Provider | IPv4 | IPv6 | Notes |
|---|---|---|---|
| Google DNS | 8.8.8.8 8.8.4.4 |
2001:4860:4860::8888 | Fast & reliable |
| Cloudflare | 1.1.1.1 1.0.0.1 |
2606:4700:4700::1111 | Privacy-focused |
| Quad9 | 9.9.9.9 | 2620:fe::9 | Security filtering |
| OpenDNS | 208.67.222.222 | 2620:0:ccc::2 | Cisco-backed |
| CleanBrowsing | 185.228.168.9 | 2a0d:2a00:1::2 | Family-safe DNS |
How to Configure DNS on Your System
Windows 10 / 11
- Open Control Panel → Network and Internet → Network and Sharing Center.
- Click Change adapter settings on the left panel.
- Right-click your active network adapter (Wi-Fi or Ethernet) and select Properties.
- Select Internet Protocol Version 4 (TCP/IPv4) → Properties.
- Choose Use the following DNS server addresses and enter:
Preferred DNS: 1.1.1.1 Alternate DNS: 8.8.8.8
- Click OK to save changes.
- Flush the DNS cache by opening Command Prompt as administrator and running:
ipconfig /flushdns
macOS (Ventura / Sonoma)
- Open System Settings → Network.
- Select your active network (Wi-Fi or Ethernet) → Details → DNS.
- Click the + button to add DNS servers:
1.1.1.1 8.8.8.8
- Click Apply to save changes.
- Flush the DNS cache in Terminal:
sudo dscacheutil -flushcache
Linux (Ubuntu / Debian / RHEL)
- Edit the DNS configuration file directly:
/etc/resolv.conf, or use your network manager. - Add the following lines:
nameserver 1.1.1.1 nameserver 8.8.8.8
- If using NetworkManager, update DNS via terminal:
nmcli dev show | grep DNS nmcli con mod <connection_name> ipv4.dns "1.1.1.1 8.8.8.8" nmcli con up <connection_name>
How to Validate DNS is Working
After configuring DNS, you should verify that it is resolving domain names correctly. Here are common checks:
1. Ping a Domain
ping google.com
If it resolves to an IP address, DNS is working.
2. Use nslookup
nslookup google.com
This shows which DNS server responded and the resolved IP address.
3. Use dig (Linux / macOS)
dig google.com dig google.com +trace dig google.com @1.1.1.1
These commands show detailed DNS resolution steps, including which servers are queried.
4. Test DNS Port Connectivity
nc -u -v 8.8.8.8 53
This tests if your system can reach the DNS server over UDP port 53.
5. Flush DNS Cache
- Windows:
ipconfig /flushdns - macOS:
sudo dscacheutil -flushcache - Linux (systemd):
sudo systemd-resolve --flush-caches
π‘ Which Port Does DNS Use?
| Query Type | Protocol | Port |
|---|---|---|
| Regular Lookup | UDP | 53 |
| Zone Transfer | TCP | 53 |
| Large Responses / DNSSEC | TCP | 53 |
Extra Insights
- DNS issues commonly cause Microsoft 365 & VPN failures.
- Never mix internal & public DNS.
- Use fallback DNS always.
- Monitor DNS latency regularly.
π Conclusion
DNS Is Critical (Don't Underestimate It)
DNS is the bedrock of the modern Internet. It silently resolves billions of queries every day and converts human-friendly names into machine-friendly IP addresses. When DNS breaks — even if all backend systems are healthy — websites fail, authentication breaks, VPN stops working, and apps become unreachable.
Why You Should Care:
- Most “network down” issues start with DNS.
- Correct DNS configuration improves speed, reliability, and security.
- DNS caching saves time, bandwidth, and accelerates browsing.
- Modern services like Microsoft 365 and SaaS apps heavily depend on DNS.
Whether you’re a beginner or an experienced engineer, understanding DNS gives you a powerful advantage in troubleshooting, optimizing networks, and ensuring smooth Internet experience.
Remember: DNS is not just a lookup – it’s the backbone of how the Internet knows where everything is.
