Domain Name System (DNS)

The phonebook of the internet that translates domain names to IP addresses

What is DNS?

The Domain Name System (DNS) is a hierarchical and decentralized naming system for computers, services, or other resources connected to the Internet or a private network. It translates human-readable domain names (like netcode-atlas.dev) to machine-readable IP addresses (like 192.0.2.1).

DNS is often described as the "phonebook of the Internet" because it helps users connect to websites using familiar domain names instead of having to memorize numerical IP addresses.

DNS resolution process diagram

How DNS Works

The DNS resolution process involves several steps that happen in milliseconds:

  1. A user enters a domain name in their browser
  2. The browser checks its cache for a recent DNS lookup
  3. If not cached, the request goes to a recursive DNS resolver
  4. The resolver queries root servers, then TLD servers, then authoritative nameservers
  5. The IP address is returned to the browser
  6. The browser connects to the server using the IP address

DNS Latency Comparison

Different DNS resolvers have varying response times. Here's a comparison of average latency for popular DNS services:

DNS Record Types

A Record

Maps a domain name to an IPv4 address. The most fundamental DNS record type.

netcode-atlas.dev. 300 IN A 192.0.2.1

AAAA Record

Maps a domain name to an IPv6 address. The IPv6 equivalent of an A record.

netcode-atlas.dev. 300 IN AAAA 2001:db8::1

CNAME Record

Creates an alias from one domain name to another. Useful for subdomains or redirects.

www.netcode-atlas.dev. 300 IN CNAME netcode-atlas.dev.

MX Record

Specifies mail servers for a domain, directing email to the correct mail servers.

netcode-atlas.dev. 300 IN MX 10 mail.netcode-atlas.dev.

DNS Security

DNSSEC

DNS Security Extensions (DNSSEC) adds a layer of security to DNS by enabling DNS responses to be validated cryptographically. This prevents attackers from manipulating or poisoning DNS responses.

DoH and DoT

DNS over HTTPS (DoH) and DNS over TLS (DoT) encrypt DNS queries to prevent eavesdropping and manipulation of DNS data by third parties.

Common DNS Attacks

  • DNS Spoofing/Cache Poisoning: Corrupting DNS data to redirect traffic to malicious sites
  • DNS Tunneling: Using DNS queries to exfiltrate data or establish command and control channels
  • DDoS Attacks: Overwhelming DNS servers with traffic to make domains unreachable
  • Domain Hijacking: Unauthorized transfer of a domain name to another registrar