How DNS Works
DNS is the internet's phone book. It turns domain names into IP addresses.
The Problem DNS Solves
Computers communicate using IP addresses like 142.250.80.46.
Humans prefer names like google.com. DNS bridges that gap.
When you type a URL into your browser, DNS translates it to an IP address so your computer knows where to connect.
How a DNS Lookup Works
Here's what happens when you visit example.com:
- Browser cache – Your browser checks if it recently looked up this domain
- OS cache – Your operating system has its own DNS cache
- Resolver – If not cached, the query goes to a DNS resolver (usually your ISP's or a public one like 8.8.8.8)
-
Root servers – The resolver asks root servers which servers handle
.com -
TLD servers – The
.comservers point to example.com's nameservers - Authoritative nameserver – Finally, example.com's own nameserver returns the IP
This chain happens in milliseconds. Once resolved, the result is cached to speed up future requests.
DNS Record Types
DNS isn't just about IP addresses. Different record types serve different purposes:
| Record | Purpose | Example |
|---|---|---|
| A | Maps domain to IPv4 address | 93.184.216.34 |
| AAAA | Maps domain to IPv6 address | 2606:2800:220:1:248:1893:25c8:1946 |
| MX | Specifies mail servers | mail.example.com |
| CNAME | Alias to another domain | www.example.com → example.com |
| TXT | Text data (verification, SPF, etc) | v=spf1 include:_spf.google.com ~all |
| NS | Nameservers for the domain | ns1.example.com |
You can check any domain's records with our DNS Records tool.
TTL (Time to Live)
Each DNS record has a TTL value (in seconds) that tells resolvers how long to cache it. Common values:
- 300 (5 minutes) – For records that change frequently
- 3600 (1 hour) – Standard for most records
- 86400 (24 hours) – For stable records that rarely change
When you change DNS records, it takes up to the TTL period for the change to propagate globally.
Public DNS Resolvers
You don't have to use your ISP's DNS. Popular alternatives:
| Provider | Primary | Secondary |
|---|---|---|
8.8.8.8 | 8.8.4.4 | |
| Cloudflare | 1.1.1.1 | 1.0.0.1 |
| OpenDNS | 208.67.222.222 | 208.67.220.220 |
| Quad9 | 9.9.9.9 | 149.112.112.112 |
These can be faster, more reliable, or offer additional features like malware blocking.
Reverse DNS
Regular DNS maps names to IPs. Reverse DNS does the opposite—mapping IPs back to hostnames.
It uses special PTR records. For example, the reverse DNS for 8.8.8.8
returns dns.google.
Try it with our Reverse DNS tool.
DNS and Privacy
Traditional DNS queries are unencrypted. Your ISP (and anyone on your network) can see every domain you look up.
Newer protocols address this:
- DNS over HTTPS (DoH) – Encrypts DNS inside HTTPS
- DNS over TLS (DoT) – Encrypts DNS with TLS
Most modern browsers support these options in their settings.
Look Up DNS Records
Check any domain's DNS configuration: DNS Lookup