Why DNS Exists
Computers communicate using IP addresses — numbers like 93.184.216.34 — not names. But humans are far better at remembering example.com than a 32-bit or 128-bit number. DNS (Domain Name System) is the infrastructure that bridges this gap, translating names into addresses automatically so that neither users nor applications need to know or remember IP addresses.
Before DNS, the entire internet used a single text file called HOSTS.TXT, maintained centrally and distributed to every host. As the internet grew in the early 1980s, this approach became unworkable — the file was updated too infrequently, downloading it consumed significant bandwidth, and the flat namespace could not scale. DNS replaced it with a distributed, hierarchical, delegated system that can scale to billions of domain names with no central bottleneck.
DNS operates primarily over UDP port 53 for queries that fit in a single packet, and falls back to TCP port 53 for larger responses and zone transfers. A typical DNS lookup takes 20–120 milliseconds on an uncached query, and under 1 millisecond when served from cache.
The Four Actors in a DNS Lookup
A full DNS resolution involves four distinct components, each with a specific role:
The DNS client (stub resolver): A small library built into your operating system. When an application calls getaddrinfo("example.com"), the stub resolver checks the local OS cache and, if needed, forwards the query to the recursive resolver. It does not do the full traversal itself.
The recursive resolver: Also called the recursive nameserver or full-service resolver. This is typically your ISP's DNS server, or a public resolver like Cloudflare's 1.1.1.1 or Google's 8.8.8.8. The recursive resolver does the actual work of traversing the DNS hierarchy. It queries root servers, TLD servers, and authoritative servers on your behalf, then returns the final answer. It also caches results to speed up future queries.
Root nameservers: There are 13 logical root nameserver addresses (lettered A through M), operated by 12 different organizations, with hundreds of physical instances distributed worldwide via anycast. Root servers do not know the IP address of example.com — they only know which nameservers are responsible for each top-level domain (like .com, .org, .net).
Authoritative nameservers: These hold the actual DNS records for a domain. When you register a domain and configure DNS records — A records, MX records, CNAME records — those records live on your authoritative nameserver. Authoritative servers give definitive answers for their zones; they do not query anyone else.
The Resolution Process Step by Step
When you type www.example.com into your browser for the first time (with no cached result), the following happens:
- Local cache check: The OS stub resolver checks its local DNS cache. If a recent lookup for
www.example.comis cached and the TTL has not expired, the cached IP address is returned immediately — no network query needed. - Query to recursive resolver: If no cache hit, the stub resolver sends a DNS query to the configured recursive resolver (e.g.,
1.1.1.1) asking for the IP address ofwww.example.com. - Recursive resolver queries root: The resolver asks a root nameserver: "Who handles
.com?" The root server responds with a referral to the.comTLD nameservers operated by Verisign. - Recursive resolver queries TLD: The resolver asks a
.comTLD nameserver: "Who handlesexample.com?" The TLD server responds with a referral to the authoritative nameservers forexample.com. - Recursive resolver queries authoritative server: The resolver asks
example.com's authoritative nameserver: "What is the IP address ofwww.example.com?" The authoritative server responds with the A record:93.184.216.34. - Answer returned and cached: The recursive resolver returns the IP address to your device and caches the result for the duration specified by the record's TTL. Your OS caches it too. Your browser can now open a TCP connection to that IP address.
The entire process — steps 2 through 6 — typically takes 20–120 milliseconds. For popular domains, the recursive resolver likely already has the answer cached, making the effective lookup time under a millisecond.
DNS Caching: Why Lookups Are Usually Fast
Caching is what makes DNS practically fast despite the multi-step hierarchy. Every DNS record has a TTL (Time To Live) value, measured in seconds, that specifies how long it can be cached. A record with TTL 3600 can be cached for one hour; a record with TTL 60 expires after one minute.
Caching happens at multiple layers. Your browser maintains its own DNS cache for the duration of a session. Your operating system maintains a system-wide DNS cache (visible with ipconfig /displaydns on Windows). Your recursive resolver caches results for all clients — so if 10,000 users behind the same ISP resolver visit example.com, only the first triggers a full traversal; the rest get the cached answer instantly.
TTL is a trade-off between freshness and performance. A very short TTL (60 seconds) means changes propagate quickly but every resolver must re-query frequently. A long TTL (86,400 seconds — one day) means heavy caching and fast lookups, but DNS changes take up to that long to propagate everywhere. Operators typically lower TTLs before planned migrations and raise them again afterward.
DNS Record Types at a Glance
| Record | What It Stores |
|---|---|
A | IPv4 address for a hostname |
AAAA | IPv6 address for a hostname |
CNAME | Alias pointing one hostname to another hostname |
MX | Mail server hostname(s) for a domain, with priority values |
TXT | Arbitrary text — used for SPF, DKIM, domain verification, and more |
NS | The authoritative nameservers for a domain |
SOA | Start of Authority — zone metadata including primary nameserver, admin email, and serial number |
What Happens When DNS Fails
When DNS resolution fails, your browser cannot determine which IP address to connect to, so the connection never starts. The error typically appears as "This site can't be reached" or "Server DNS address could not be found" — not a connection timeout, but an immediate failure before any TCP connection is attempted.
Common causes include: your configured DNS resolver is down or unreachable, the domain does not exist (NXDOMAIN response), the authoritative nameserver for the domain is misconfigured or offline, or a firewall is blocking DNS traffic on port 53. You can diagnose DNS failures using nslookup example.com or dig example.com in your terminal, which show exactly what response (or lack of response) your resolver returned.
Switching your DNS resolver to a public option like 1.1.1.1 or 8.8.8.8 in your network settings can resolve ISP resolver failures immediately and often improves lookup speed as a side benefit.
Frequently Asked Questions
What does DNS stand for?
DNS stands for Domain Name System. It is the internet's distributed naming system that translates human-readable domain names like example.com into IP addresses. DNS was designed by Paul Mockapetris and introduced in RFC 882 and 883 in 1983, replacing a single centrally maintained HOSTS.TXT file that could no longer scale.
How long does a DNS lookup take?
A cached DNS lookup takes under 1 millisecond. An uncached lookup that must query root, TLD, and authoritative servers typically takes 20–120 milliseconds depending on the geographic distance to those servers and network conditions. DNS adds this latency only to the first connection to a domain — subsequent connections within the TTL window use cached results instantly.
What is a DNS resolver?
A DNS resolver (recursive resolver) is the server that traverses the DNS hierarchy on your behalf. When your device needs to resolve a domain, it sends a query to its configured resolver — typically your ISP's resolver, or a public resolver like 8.8.8.8 (Google) or 1.1.1.1 (Cloudflare). The resolver queries root, TLD, and authoritative servers, then returns the final answer.
What is DNS caching?
DNS caching stores the results of DNS lookups for a period defined by each record's TTL (Time To Live) value. Caching happens at the browser, OS, and recursive resolver level. It dramatically reduces DNS lookup latency for popular domains and reduces load on authoritative servers — only the first requester within a TTL window triggers a full traversal.
Can DNS affect my internet speed?
Yes, for the initial connection to any new domain. Every new hostname requires a DNS lookup before a TCP connection can open. A slow or overloaded DNS resolver adds that delay to every page load. Switching to a fast public resolver like 1.1.1.1 or 8.8.8.8 can noticeably improve perceived page load speed, particularly when the ISP's resolver is slow.
What is the difference between a recursive and authoritative nameserver?
A recursive nameserver does the work of looking up an answer by querying other servers on behalf of the client — it traverses the hierarchy and returns whatever it finds, caching results along the way. An authoritative nameserver holds the actual DNS records for a domain and answers queries for its zones with definitive answers. When you configure DNS records for your domain, you do so on your authoritative nameserver.