What Is DNS (Domain Name System)?

The Domain Name System (DNS) turns domain names into IP addresses, which browsers use to load internet pages. Every device connected to the internet has its own IP address, which is used by other devices to locate the device. DNS servers make it possible for people to input normal words into their browsers, such as Fortinet.com, without having to keep track of the IP address for every website.

A DNS server is a computer with a database containing the public IP addresses associated with the names of the websites an IP address brings a user to. DNS acts like a phonebook for the internet. Whenever people type domain names, like Fortinet.com or Yahoo.com, into the address bar of web browsers, the DNS finds the right IP address. The site’s IP address is what directs the device to go to the correct place to access the site’s data.

Once the DNS server finds the correct IP address, browsers take the address and use it to send data to content delivery network (CDN) edge servers or origin servers. Once this is done, the information on the website can be accessed by the user. The DNS server starts the process by finding the corresponding IP address for a website’s uniform resource locator (URL).

In a usual DNS query, the URL typed in by the user has to go through four servers for the IP address to be provided. The four servers work with each other to get the correct IP address to the client, and they include:

1. DNS recursor: The DNS recursor, which is also referred to as a DNS resolver, receives the query from the DNS client. Then it communicates with other DNS servers to find the right IP address. After the resolver retrieves the request from the client, the resolver acts like a client itself. As it does this, it makes queries that get sent to the other three DNS servers: root nameservers, top-level domain (TLD) nameservers, and authoritative nameservers.
2. Root nameservers: The root nameserver is designated for the internet's DNS root zone. Its job is to answer requests sent to it for records in the root zone. It answers requests by sending back a list of the authoritative nameservers that go with the correct TLD.
3. TLD nameservers: A TLD nameserver keeps the IP address of the second-level domain contained within the TLD name. It then releases the website’s IP address and sends the query to the domain’s nameserver.
4. Authoritative nameservers: An authoritative nameserver is what gives you the real answer to your DNS query. There are two types of authoritative nameservers: a master server or primary nameserver and a slave server or secondary nameserver. The master server keeps the original copies of the zone records, while the slave server is an exact copy of the master server. It shares the DNS server load and acts as a backup if the master server fails.

Computers and various devices that use the internet depend on IP addresses to send a user's request to the website they are attempting to reach. Without DNS, you would have to keep track of the IP addresses of all the websites you visit, similar to carrying around a phone book of websites all the time. The DNS server allows you to type in the name of the website. It then goes out and gets the right IP address for you. Armed with the IP address, your computer (or browser) can bring you to the site.

For instance, if you input www.fortinet.com in your web browser, that URL, on its own, cannot bring you to the website. Those letters cannot be “read” by the servers that connect you with the site. However, the servers are able to read IP addresses. The DNS server figures out which IP address corresponds with www.fortinet.com and sends it to your browser. Then the website appears on your device’s screen because the browser now knows where to take your device.

You may get a message that says “DNS server isn’t responding” after entering a domain name in the URL bar of your browser. This means there was an attempt to communicate with the DNS server, but the server failed to return a result. This could be due to a few different things:

1. Your internet connection is weak or unstable, making it hard for your browser to communicate with the DNS server
2. Your DNS settings or browser need to be updated
3. There is an issue with the DNS server, such as a loss of power at the data center where it is housed

Here are some of the top DNS servers available:

1. Cloudflare 1.1.1.1. This is a simple-to-use DNS service that comes with tutorials for all of the most popular operating systems, such as Mac, Windows, Android, iOS, and Linux. Users can also use Cloudflare’s service to block adult content.
2. Google Public DNS. The Google Public DNS service is different from Cloudflare’s in that it is designed for more technically adept users. But you can find tutorials if needed.
3. Quad9. Quad9’s DNS service is renowned for its fast performance. It also claims to block malicious sites using threat intelligence data.

The operating system (OS) used by your device stores DNS resource records through the use of caching. Caching prevents redundancy when someone tries to go to a site. This, in turn, reduces the amount of time it takes to get to the website. If the device you are using recently went to the page it is trying to access, the IP address can be supplied by the cache. In this way, the website request can be completed without involving the DNS server.

The DNS cache, therefore, helps streamline the DNS lookup process that would otherwise be necessary to link a domain name to an IP address. This makes the process of getting to the website much faster.

The operating systems of many devices are capable of maintaining a local copy of DNS lookups. This makes it possible for the OS to quickly get the information it needs to resolve the URL to the correct IP address.

Each domain has DNS records, and these are pulled by nameservers. You can check the status of the DNS records associated with your domain. You can also examine the nameservers to ascertain which records are being pulled by the servers. On a Windows computer, for example, this is done using the NSLOOKUP command. Here’s how to do it:

1. Access the Windows command prompt by going to Start >> command prompt. You can also get to it via Run >> CMD.
2. Type NSLOOKUP and then hit Enter. The default server gets set to your local DNS, and the address will be your local IP address.
3. You then set the type of DNS record you want to look up by typing "set type=##" where "##" is the record type, then hit Enter. You can also use A, AAAA, A+AAAA, ANY, CNAME, MX, NS, PTR, SOA, or SRV as the record type.
4. Enter the domain name you want to query. Hit Enter.
5. At this point, the NSLOOKUP returns the record entries for the domain you entered.

A DNS resolver is also referred to as a recursive resolver. It is designed to take DNS queries sent by web browsers and applications. The resolver receives the website URL, and it then retrieves the IP address that goes with that URL.

During the DNS lookup process, three different kinds of queries are performed. The queries are combined to optimize the resolution of the DNS, saving time.

1. Recursive query
2. Iterative query
3. Non-recursive query

A Domain Name System (DNS) turns domain names into IP addresses, which allow browsers to get to websites and other internet resources. Every device on the internet has an IP address, which other devices can use to locate the device. Instead of memorizing a long list of IP addresses, people can simply enter the name of the website, and the DNS gets the IP address for them.

An example of a DNS is that which is provided by Google. The address of Google’s primary DNS is 8.8.8.8.

On a Windows computer, you can find your DNS by going to the command prompt, typing “ipconfig/all”, and then hitting Enter.

There are four types of DNS: recursive resolvers, root nameservers, TLD nameservers, and authoritative nameservers.

Yes, changing your DNS does not present any inherent dangers.

Yes, a private DNS can offer you enhanced security compared to other DNS options.