If you’ve ever had to change your Wi-Fi settings, say at the local coffee shop when the connection isn’t working, chances are you’ve come across the term DNS server somewhere. But what is DNS and how does it work?
What is DNS, anyway?
Simply put, the Domain Name System (DNS) is the telephone directory of the Internet. It is the system that converts website domain names (hostnames) into numerical values (IP addresses) so that they can be found and loaded in your web browser.
This happens because machines don’t understand site names like we do. A website written as pcmag.com is a way for us as humans to remember web pages while the servers they are stored on call them numbers.
DNS works in the background, and it’s not something the average internet user will need to worry about. But without it, your browser wouldn’t know where to direct your web page request, and finding the information you need would be a much more arduous process.
How DNS Works
When you enter a web address into your search engine, such as youtube.com, your computer searches the corresponding IP address of the website to find the correct page. Popular websites like Google have multiple IP addresses that can be used simultaneously to avoid a backlog of web traffic.
According to networking software company Cloudflare, four main servers(Opens in a new window) play a role in hostname to IP address conversion, also known as DNS resolution. Cloudflare likens this process to a librarian being asked to find a book and gradually narrowing down their search:
The recursive DNS server: Usually the first stop made by your request. It receives the initial request, checks for recently cached addresses, and sends a request to servers further down the line if it cannot find the correct IP address for your website. This would be the rack of recently returned books that have not yet been put back on the shelf.
The root nameserver: Helps translate site names to IP addresses by directing your request to more specific domains. This is equivalent to a specific section of the library.
The top-level domain (TLD) name server: Reduces searching even further by hosting specific top-level domains, which are the last part of a website’s hostname like .com, .org, or .edu. A search for pcmag.com, for example, will point to the TLD name server .com. There are banks of TLD name servers located around the world to improve the speed of processing requests. It would be a specific book rack in this section.
The authoritative name server: Last step of your request, this server hosts specific IPs for domain names. Once it receives the request, it will return the corresponding DNS record so that the web page can load. If the server does not own the record, it returns an error message. This is the book with the information that the librarian first sought to find.
Once the correct IP address is found, the information is sent back to your browser and the web page loads. The recursive DNS server also stores this IP address in its cache memory for a period a few seconds to a week(Opens in a new window). This is done so that the server can quickly return the address without having to query other servers. Think of it as similar to your computer’s RAM, which stores information about recently opened apps so it can access them faster the next time they’re used.
If a request reaches the authoritative name server level and the IP address is still not found, an error message is returned to your browser. It may seem like a long process, but it happens in less time than it takes you to blink, usually a few milliseconds.
What to do when something goes wrong
DNS generally works without a hitch, but problems do occur. If the website you are trying to reach changes servers, this cached address may not load. Maybe the servers performing the check are slower than they should be. In both cases, fixes are available.
If there’s a caching issue, you can flush your DNS cache to start fresh, so your computer looks up web addresses on the DNS server again. To do this, open the Command Prompt in Windows or Terminal in macOS and run a simple command, which will tell your computer to clear its cached website stash in order to find suitable servers.
Recommended by our editors
If the problem is with the servers themselves (perhaps the DNS servers provided by your ISP are not configured correctly), you can switch servers to optimize your web searches and speed up the process. Enter your device’s network settings and manually add the IP address, such as 220.127.116.11 for Cloudflare or 18.104.22.168 for Google, to connect to the desired DNS server. You can also do this at the router level, but the exact process differs depending on which router you have.
A cybersecurity warning
How DNS cache poisoning happens (Credit: Cloudflare)
Hackers have sometimes taken advantage of lax oversight and used DNS maliciously. An example is DNS cache poisoning(Opens in a new window)in which fake data is introduced into the DNS cache that directs users to malicious websites hosting data-scanning malware.
Cyberattackers can also use DNS as a way to introduce data packets containing malware into a system, a type of attack called DNS Tunneling(Opens in a new window). This attack hides bad software behind seemingly innocent DNS traffic and is often used to establish a command and control connection with a target network. Bad DNS cache data will often remain on the server directing new queries until they expire or are manually deleted, which means many people can be misdirected(Opens in a new window) if DNS traffic is not monitored regularly.
Although most of the protective measures are beyond the everyday user, it is useful to be aware of them. For example, you can change to Google Public DNS(Opens in a new window) servers, which promise a level of protection that your ISP’s server may not provide. And for many reasons, it’s a good idea to invest in malware protection.
Do you like what you read ?
Register for Tips & Tricks newsletter for expert advice on how to get the most out of your technology.