🌐 What is DNS? (Domain Name System)
DNS (Domain Name System) is like the internet’s phonebook.
It translates human-readable domain names (like google.com) into machine-readable IP addresses (like 142.250.192.46), so browsers can load websites.
🔁 Why DNS Exists
Humans remember names, computers use IP addresses.
DNS maps names to IPs so you don’t have to type http://142.250.192.46 every time.
⚙️ How DNS Works (Step-by-step)
When you type example.com in your browser:
- Browser Cache Check
First, it checks if it already knows the IP (cached). - OS Cache Check
Your computer checks if it has the DNS result stored locally. - DNS Resolver (ISP)
If not cached, it asks your configured DNS server (usually from your ISP). - Recursive Lookup Starts
Resolver queries DNS hierarchy:- Root Server → Tells where
.comservers are. - TLD Server (
.com) → Tells whereexample.com’s nameserver is. - Authoritative Nameserver → Tells actual IP of
example.com.
- Root Server → Tells where
- Response Back
IP address is sent back through the resolver to your browser. - Browser Connects to IP
Now it can connect and load the website.
🗂️ DNS Hierarchy
. (root)
└── .com (TLD)
└── example.com (domain)
└── www.example.com (subdomain)
📄 Types of DNS Records
| Record Type | Purpose | Example |
|---|---|---|
A | Maps domain to IPv4 address | example.com → 93.184.216.34 |
AAAA | Maps domain to IPv6 address | |
CNAME | Alias to another domain | www.example.com → example.com |
MX | Mail server info | For emails |
TXT | Text data (e.g., SPF, verification) | SEO, domain ownership |
NS | Points to name servers | Who handles your domain |
🔐 Advanced: DNS + Security
- DNSSEC: Protects against spoofing by signing DNS data.
- DNS over HTTPS (DoH) or DNS over TLS (DoT): Encrypts DNS traffic for privacy.