What Is DNS and Why Should You Care?
DNS — the Domain Name System — is often called the "phone book of the internet." When you type example.com into a browser, something has to translate that human-readable name into an IP address that computers can route to. That something is DNS, and understanding how it works will make you dramatically better at diagnosing connectivity issues, configuring servers, and managing domains.
The Hierarchy of DNS
DNS is a distributed, hierarchical system. No single server knows every domain — instead, responsibility is delegated across a tree structure:
- Root Name Servers: The top of the hierarchy. There are 13 root server clusters (labeled A–M) that know which servers are authoritative for each top-level domain (TLD).
- TLD Name Servers: Authoritative for top-level domains like
.com,.org,.net. They point to authoritative name servers for individual domains. - Authoritative Name Servers: Hold the actual DNS records for a specific domain (e.g.,
example.com). This is where your A records, MX records, and CNAMEs live. - Recursive Resolvers: Your ISP or a public resolver (like 8.8.8.8) that does the legwork of walking the hierarchy on your behalf.
The DNS Resolution Process, Step by Step
- You type example.com. Your OS checks its local cache first — if it has a recent answer, it uses it immediately.
- Local cache miss. The query goes to your configured recursive resolver (your ISP's or a public one).
- Resolver checks its cache. If it has a recent answer, it returns it. If not, it starts the lookup process.
- Resolver queries a root server. "Who handles .com?" The root server responds with the address of the .com TLD servers.
- Resolver queries the .com TLD server. "Who handles example.com?" It responds with the authoritative name servers for that domain.
- Resolver queries the authoritative server. "What is the IP for example.com?" The authoritative server returns the A record: e.g., 93.184.216.34.
- The IP is returned to your browser, which initiates a TCP connection to the web server. The resolver caches the result for the duration of the TTL.
Common DNS Record Types
| Record Type | Purpose | Example |
|---|---|---|
| A | Maps domain to IPv4 address | example.com → 93.184.216.34 |
| AAAA | Maps domain to IPv6 address | example.com → 2606:2800::1 |
| CNAME | Alias pointing to another domain | www → example.com |
| MX | Mail server routing | mail.example.com priority 10 |
| TXT | Arbitrary text (SPF, DKIM, etc.) | "v=spf1 include:..." |
| NS | Defines authoritative name servers | ns1.nameserver.com |
TTL: Why DNS Changes Take Time
Every DNS record has a TTL (Time To Live) value measured in seconds. This tells resolvers and clients how long to cache the record. A TTL of 3600 means the answer is cached for one hour. When you change a DNS record, you must wait for existing caches to expire — which is why "DNS propagation" can take minutes to 48 hours depending on TTL values and resolver behavior.
Pro tip: Before migrating a domain, lower your TTL to 300 (5 minutes) a day in advance. This minimizes propagation delay during the actual cutover.
Useful DNS Debugging Commands
dig example.com A— query an A recorddig example.com MX— query mail recordsnslookup example.com 8.8.8.8— query using Google's resolver specificallydig +trace example.com— walk the full resolution chain from root
Wrapping Up
DNS is foundational infrastructure. A solid grasp of how resolution works, what record types do, and how TTLs affect propagation will save you hours of debugging and make domain management feel intuitive rather than mysterious.