3D illustration of a DNS (Domain Name System) server stack connected to a globe, domain name, and IP address, visualising how DNS translates website names into IP addresses.

Category:

What is DNS? A Simple Guide to How the Internet Finds Websites

Jun 22, 2026

DNS stands for Domain Name System. It's the system that translates website names into IP addresses, helping computers find and connect to the right place online.

When you type a website address such as www.example.com into your browser, your device doesn't automatically know where that website lives.

DNS takes the website name you enter and works out where it needs to go.

For example:

Domain name: www.example.com
IP address: 93.184.216.34

Without it, we'd all be trying to remember long strings of numbers every time we wanted to visit a website.

Why is DNS Important?

Every click, search and website visit depends on DNS helping your device find the right destination.

DNS helps:

Connect users to websites quickly
Route internet traffic correctly
Support email delivery
Improve website performance
Enable domain names instead of numerical IP addresses
Keep online services accessible around the world

Without DNS, finding a website would feel a bit like trying to call someone without saving their number.

How Does DNS Work?

Whenever you visit a website, a DNS lookup takes place.

The process begins when you enter a domain name into your browser. DNS then finds the corresponding IP address so your browser knows where to send the request.

A lot happens behind the scenes, but DNS can usually find the right answer in a matter of milliseconds.

A Simple DNS Example

Imagine you type:

www.example.com

Your browser asks:

"Where can I find this website?"

DNS then searches for the matching IP address and returns something like:

93.184.216.34

Your browser finds the right server, loads the page and gets you on your way.

The Four Main DNS Servers

Finding the right IP address is a team effort involving several different DNS servers.

1. DNS Resolver

The DNS resolver is the first stop.

It receives your request and begins searching for the correct IP address.

Most DNS resolvers are operated by:

Internet service providers (ISPs)
Google DNS
Cloudflare DNS
OpenDNS

2. Root Nameserver

The root nameserver acts like a directory.

It doesn't know the final IP address, but it knows where to send the query next.

3. TLD Nameserver

TLD stands for Top-Level Domain. Examples include:

.com
.org
.net
.co.uk

The TLD server points the request towards the authoritative server responsible for that domain.

4. Authoritative Nameserver

This server contains the DNS records for the domain.

It provides the final answer by returning the correct IP address.

If other DNS servers need that final answer, this is where they go to get it.

What Happens During a DNS Lookup?

A DNS lookup follows a sequence of steps.

Step 1: You enter a domain name into your browser.
Step 2: The browser checks its local DNS cache.
Step 3: If no cached record exists, the request goes to a DNS resolver.
Step 4: The resolver queries a root nameserver.
Step 5: The root server directs the query to the correct TLD server.
Step 6: The TLD server points the resolver to the authoritative nameserver.
Step 7: The authoritative nameserver returns the domain's IP address.
Step 8: The resolver sends the IP address back to your browser.
Step 9: Your browser connects to the web server.
Step 10: The website loads.

The entire process typically takes less than a second.

What Is a DNS Resolver?

A DNS resolver is responsible for finding the IP address linked to a domain name.

It's often called a recursive resolver because it does the work of tracking down the answer.

Popular public DNS resolvers include:

Google Public DNS (8.8.8.8)
Cloudflare DNS (1.1.1.1)
OpenDNS

Resolvers can also store DNS information temporarily, so they don't need to repeat the same lookup every time.

This helps websites load faster and reduces unnecessary requests.

Recursive Resolver vs Authoritative DNS Server

Don't let the terminology put you off. The concepts themselves are fairly simple.

They're both helping you reach the same destination, just in different ways.

Recursive Resolver

The recursive resolver searches for the answer on behalf of the user.

Its job is to locate the correct DNS record.

Authoritative DNS Server

The authoritative DNS server stores the actual DNS records.

Its job is to provide the definitive answer when asked.

In simple terms:

Resolver = searches for information
Authoritative server = owns the information

Common Types of DNS Records

DNS records contain instructions that tell internet services how to behave.

A Record – Maps a domain name to an IPv4 address. Example: example.com → 93.184.216.34
AAAA Record – Maps a domain name to an IPv6 address.
CNAME Record – Creates an alias from one domain name to another. Example: blog.example.com → example.com
MX Record – Specifies which mail servers handle email for a domain.
TXT Record – Stores text-based information used for verification, security, and email authentication. Common uses include:
- Domain verification
- SPF records
- DKIM authentication
- Security policies
NS Record – Identifies the authoritative nameservers responsible for a domain.

What Is DNS Caching?

DNS caching helps speed things up by temporarily storing DNS information.

That means devices and servers can reuse information they've already looked up, rather than starting the whole process from scratch every time someone visits a website.

Benefits include:

Faster website loading
Reduced network traffic
Lower server load
Improved reliability

What Is DNS Propagation?

DNS propagation refers to the time it takes for DNS changes to update across the internet.

When you:

Change nameservers
Update an A record
Modify MX records

The update doesn't appear everywhere immediately.

Different DNS servers around the world must refresh their cached information.

Propagation can take anywhere from a few minutes to 48 hours depending on the record and TTL settings.

What Is TTL in DNS?

TTL stands for Time to Live.

It determines how long a DNS record can remain cached before it must be refreshed.

For example:

TTL: 300 seconds = 5 minutes
TTL: 3600 seconds = 1 hour

Lower TTL values allow changes to spread faster but can increase DNS query volume.

Higher TTL values reduce queries but may slow down updates.

What Are the Types of DNS Queries?

DNS lookups typically use three query types.

Recursive Query: The DNS server must return a complete answer or an error.
Iterative Query: The server returns the best information it has and points the requester to the next server.
Non-Recursive Query: The answer is already available from cache or local records.

DNS Security and DNS Attacks

When a system plays such a big role in connecting people online, it's bound to attract attention from attackers too.

Common DNS threats include:

DNS Spoofing: Attackers provide fake DNS responses to redirect users.
DNS Cache Poisoning: Corrupted DNS cache entries send visitors to malicious websites.
DDoS Attacks: Attackers overwhelm DNS infrastructure with excessive traffic.
DNS Hijacking: DNS settings are altered without permission.

Security measures include: