How Does DNS Work? Domain Name System Explained

// What is DNS?

DNS — the Domain Name System — is often called the "phone book of the internet." When you type ip-tracker.eu into your browser, your computer has no idea where to find it. DNS translates that human-readable name into a numeric IP address (like 185.220.101.46) that computers use to communicate.

Without DNS, you would need to memorise IP addresses for every website you visit. DNS creates an abstraction layer, letting humans use memorable names while the underlying network infrastructure uses numerical addressing.

// The DNS Hierarchy

DNS is organised as a distributed, hierarchical system with three main levels:

Root servers — The top of the hierarchy. There are 13 sets of root servers (operated by organisations like ICANN, Verisign, and NASA) distributed worldwide. They know which servers handle each top-level domain.
TLD nameservers — Handle top-level domains like .com, .eu, .org. They know which authoritative nameservers are responsible for each domain under their TLD.
Authoritative nameservers — Hold the actual DNS records for your specific domain. These are the servers configured with your hosting provider or registrar.

// DNS Record Types

Each domain can have multiple DNS records, each serving a different purpose:

Type	Purpose	Example
A	Maps domain → IPv4 address	ip-tracker.eu → 185.x.x.x
AAAA	Maps domain → IPv6 address	ip-tracker.eu → 2a01::1
CNAME	Alias pointing to another domain	www → ip-tracker.eu
MX	Mail server for email delivery	mail.google.com (priority 10)
TXT	Text data (SPF, DKIM, site verification)	v=spf1 include:... -all
NS	Authoritative nameservers for domain	ns1.cloudflare.com
SOA	Zone authority & serial number	Primary NS + admin contact
PTR	Reverse lookup (IP → domain)	Used for email verification

// DNS Resolution: Step by Step

Here is exactly what happens when you type a URL into your browser:

1

Browser checks its local cache — if it recently looked up this domain, it reuses the cached result.

2

OS checks its own resolver cache and the hosts file (/etc/hosts or C:\Windows\System32\drivers\etc\hosts).

3

A query is sent to your configured recursive resolver — usually your ISP's DNS server, or a public resolver like 8.8.8.8 (Google) or 1.1.1.1 (Cloudflare).

4

The recursive resolver asks a root nameserver: "Who handles .eu?"

5

Root server returns the address of the .eu TLD nameserver.

6

Recursive resolver asks the TLD server: "Who handles ip-tracker.eu?"

7

TLD server returns the domain's authoritative nameserver.

8

Recursive resolver asks the authoritative nameserver for the A record.

9

The IP address is returned, cached according to TTL, and passed back to your browser.

10

Your browser opens a TCP connection to that IP address and loads the page.

This entire process typically completes in 20–120 milliseconds.

// TTL — Time To Live

Every DNS record has a TTL value (measured in seconds) that tells resolvers how long to cache the result before querying again.

example.com. 3600 IN A 93.184.216.34 ───────────────────────────────────── TTL = 3600 seconds = 1 hour

Low TTL (60–300s) — Changes propagate quickly. Good before planned migrations, but generates more DNS queries.
High TTL (3600–86400s) — Better performance and fewer queries. DNS changes take longer to propagate globally.

Before moving a website to a new server, lower the TTL to 300 seconds at least 24 hours in advance so the change propagates quickly when you make the switch.

// DNS Privacy

Standard DNS queries are sent in plain text over UDP port 53, meaning your ISP and anyone monitoring the network can see every domain you look up — even when you use HTTPS for the connection itself.

Privacy-focused alternatives:

DNS over HTTPS (DoH) — Encrypts DNS queries inside HTTPS traffic. Supported by Chrome, Firefox, and Windows 11. Providers: Cloudflare (1.1.1.1), Google (8.8.8.8), NextDNS.
DNS over TLS (DoT) — Similar encryption over port 853. More transparent to network administrators than DoH.

How Does DNS Work?