What Is DNS (Domain Name System)?
Get predictions of what new cyber threats will evolve in 2023 and tips on how to protect your environment and defend your organization.
The Domain Name System (DNS) turns domain names into IP addresses, which browsers use to load internet pages. Every device connected to the internet has its own IP address, which is used by other devices to locate the device. DNS servers make it possible for people to input normal words into their browsers, such as Fortinet.com, without having to keep track of the IP address for every website.
A DNS server is a computer with a database containing the public IP addresses associated with the names of the websites an IP address brings a user to. DNS acts like a phonebook for the internet. Whenever people type domain names, like Fortinet.com or Yahoo.com, into the address bar of web browsers, the DNS finds the right IP address. The site’s IP address is what directs the device to go to the correct place to access the site’s data.
Once the DNS server finds the correct IP address, browsers take the address and use it to send data to content delivery network (CDN) edge servers or origin servers. Once this is done, the information on the website can be accessed by the user. The DNS server starts the process by finding the corresponding IP address for a website’s uniform resource locator (URL).
In a usual DNS query, the URL typed in by the user has to go through four servers for the IP address to be provided. The four servers work with each other to get the correct IP address to the client, and they include:
Authoritative nameservers keep information of the DNS records. A recursive server acts as a middleman, positioned between the authoritative server and the end-user. To reach the nameserver, the recursive server has to “recurse” through the DNS tree to access the domain’s records.
To use the phone book analogy, think of the IP address as the phone number and the person’s name as the website’s URL. Authoritative DNS servers have a copy of the “phone book” that connects these IP addresses with their corresponding domain names. They provide answers to the queries sent by recursive DNS nameservers, providing information on where to find specific websites. The answers provided have the IP addresses of the domains involved in the query.
Authoritative DNS servers are responsible for specific regions, such as a country, an organization, or a local area. Regardless of which region is covered, an authoritative DNS server does two important jobs. First, the server keeps lists of domain names and the IP addresses that go with them. Next, the server responds to requests from the recursive DNS server regarding the IP address that corresponds with a domain name.
Once the recursive DNS server gets the answer, it sends that information back to the computer that requested it. The computer then uses that information to connect to the IP address, and the user gets to see the website.
After a user types in a URL in their web browser, that URL is given to the recursive DNS server. The recursive DNS server then examines its cache memory to see whether the IP address for the URL is already stored. If the IP address information already exists, the recursive DNS server will send the IP address to the browser. The user is then able to see the website for which they typed in the URL.
On the other hand, if the recursive DNS server does not find the IP address when it searches its memory, it will proceed through the process of getting the IP address for the user. The recursive DNS server's next step is to store the IP address for a specific amount of time. This period of time is defined by the person who owns the domain using a setting referred to as time to live (TTL).
Computers and various devices that use the internet depend on IP addresses to send a user's request to the website they are attempting to reach. Without DNS, you would have to keep track of the IP addresses of all the websites you visit, similar to carrying around a phone book of websites all the time. The DNS server allows you to type in the name of the website. It then goes out and gets the right IP address for you. Armed with the IP address, your computer (or browser) can bring you to the site.
For instance, if you input www.fortinet.com in your web browser, that URL, on its own, cannot bring you to the website. Those letters cannot be “read” by the servers that connect you with the site. However, the servers are able to read IP addresses. The DNS server figures out which IP address corresponds with www.fortinet.com and sends it to your browser. Then the website appears on your device’s screen because the browser now knows where to take your device.
You may get a message that says “DNS server isn’t responding” after entering a domain name in the URL bar of your browser. This means there was an attempt to communicate with the DNS server, but the server failed to return a result. This could be due to a few different things:
Here are some of the top DNS servers available:
The operating system (OS) used by your device stores DNS resource records through the use of caching. Caching prevents redundancy when someone tries to go to a site. This, in turn, reduces the amount of time it takes to get to the website. If the device you are using recently went to the page it is trying to access, the IP address can be supplied by the cache. In this way, the website request can be completed without involving the DNS server.
The DNS cache, therefore, helps streamline the DNS lookup process that would otherwise be necessary to link a domain name to an IP address. This makes the process of getting to the website much faster.
The operating systems of many devices are capable of maintaining a local copy of DNS lookups. This makes it possible for the OS to quickly get the information it needs to resolve the URL to the correct IP address.
Each domain has DNS records, and these are pulled by nameservers. You can check the status of the DNS records associated with your domain. You can also examine the nameservers to ascertain which records are being pulled by the servers. On a Windows computer, for example, this is done using the NSLOOKUP command. Here’s how to do it:
A DNS resolver is also referred to as a recursive resolver. It is designed to take DNS queries sent by web browsers and applications. The resolver receives the website URL, and it then retrieves the IP address that goes with that URL.
During the DNS lookup process, three different kinds of queries are performed. The queries are combined to optimize the resolution of the DNS, saving time.
In some cases, a regular user may not need a paid DNS server. However, there are significant benefits of paying for a premium DNS.
DNS cache poisoning, also called DNS spoofing, involves the introduction of corrupt DNS data into the resolving device’s cache. This results in the nameserver returning the wrong IP address.
The operating systems of many devices are capable of maintaining a local copy of DNS lookups. This makes it possible for the OS to quickly get the information it needs to resolve the URL to the correct IP address.
A Domain Name System (DNS) turns domain names into IP addresses, which allow browsers to get to websites and other internet resources. Every device on the internet has an IP address, which other devices can use to locate the device. Instead of memorizing a long list of IP addresses, people can simply enter the name of the website, and the DNS gets the IP address for them.
An example of a DNS is that which is provided by Google. The address of Google’s primary DNS is 8.8.8.8.
On a Windows computer, you can find your DNS by going to the command prompt, typing “ipconfig/all”, and then hitting Enter.
There are four types of DNS: recursive resolvers, root nameservers, TLD nameservers, and authoritative nameservers.
Yes, changing your DNS does not present any inherent dangers.
Yes, a private DNS can offer you enhanced security compared to other DNS options.