CS Fundamentals
Understand how DNS works — the system that translates human-readable domain names into IP addresses, making the internet usable.
Introduction
Imagine if instead of typing "google.com" you had to type "142.250.180.14" every time you wanted to search something. And instead of "youtube.com," you needed "142.250.82.206." And every website had a different number that changed periodically. The internet would be virtually unusable for humans. This is the problem that DNS solves.
DNS — the Domain Name System — is the internet's phone book. It translates human-friendly domain names (like google.com, wikipedia.org, or your-university.edu) into the numeric IP addresses that computers use to identify each other on the network. Every time you visit a website, send an email, or use any internet service, DNS is working behind the scenes to make the connection possible. It is one of the most critical (and most invisible) systems that keep the internet functioning.
Why DNS Exists
Computers identify each other using IP addresses — numbers like 192.168.1.1 (IPv4) or 2001:db8::1 (IPv6). These numbers are efficient for machines but terrible for humans. We are much better at remembering meaningful names than arbitrary numbers. You can remember "amazon.com" but probably cannot remember "52.94.236.248."
DNS was created in 1983 by Paul Mockapetris to solve this problem. Before DNS, there was a single text file (hosts.txt) maintained by Stanford Research Institute that listed every hostname and its IP address. As the internet grew, this approach became impossible — you cannot manually maintain a file for billions of addresses. DNS provides a distributed, automated, and scalable system for name-to-address translation.
How DNS Resolution Works
When you type "www.example.com" in your browser, a process called DNS resolution finds the corresponding IP address. Let us trace this step by step.
Step 1: Your browser first checks its own cache — has it looked up this domain recently? If so, it already knows the IP address and skips the rest. If not, it asks the operating system, which checks its own DNS cache.
Step 2: If not cached locally, your computer sends a query to a Recursive DNS Resolver — typically operated by your ISP (Internet Service Provider) or a public service like Google DNS (8.8.8.8) or Cloudflare DNS (1.1.1.1). This resolver does the heavy lifting of finding the answer.
Step 3: The recursive resolver contacts a Root Name Server. There are 13 root server clusters worldwide (labeled A through M), operated by various organizations. The root server does not know the IP for www.example.com, but it knows which servers handle the ".com" top-level domain and directs the resolver there.
Step 4: The resolver contacts the TLD (Top-Level Domain) Name Server for ".com" — operated by Verisign. The TLD server does not know the specific IP either, but it knows which Name Server is authoritative for "example.com" and provides that address.
Step 5: Finally, the resolver contacts the Authoritative Name Server for example.com. This server has the actual DNS records for the domain and responds with the IP address (like 93.184.216.34).
Step 6: The recursive resolver caches the result (for the TTL — Time To Live — duration specified in the record) and returns the IP address to your computer. Your browser can now connect to the web server at that IP address.
This entire process — querying multiple servers across potentially multiple continents — typically completes in under 100 milliseconds. And because of aggressive caching at every level, most lookups are resolved from cache without needing the full resolution chain.
DNS Record Types
DNS does not just store IP addresses — it stores various types of records for different purposes.
A Record (Address Record) maps a domain name to an IPv4 address. This is the most common record type — "example.com → 93.184.216.34."
AAAA Record maps a domain name to an IPv6 address — the same as A records but for the newer address format.
CNAME Record (Canonical Name) creates an alias — one domain pointing to another. For example, "www.example.com" might have a CNAME pointing to "example.com," meaning both addresses reach the same server.
MX Record (Mail Exchange) specifies which server handles email for a domain. When you send email to user@example.com, the sending server looks up the MX record for example.com to find where to deliver the message.
NS Record (Name Server) identifies the authoritative DNS servers for a domain — the servers that have the definitive records.
TXT Record stores arbitrary text, commonly used for email authentication (SPF, DKIM), domain ownership verification, and other metadata.
DNS Caching and TTL
Caching is crucial to DNS performance. Without caching, every website visit would require multiple round trips to servers worldwide. Caching happens at multiple levels: your browser, your operating system, your router, your ISP's resolver, and intermediate DNS servers all store recent lookups.
Each DNS record includes a TTL (Time To Live) value — a timer specifying how long the record can be cached before a fresh lookup is required. Short TTLs (like 60 seconds) mean frequent lookups but fast propagation when changes are made. Long TTLs (like 86400 seconds / 24 hours) reduce DNS traffic but mean changes take longer to propagate globally.
DNS Security Concerns
DNS was designed in a more trusting era and has security vulnerabilities. DNS spoofing/poisoning involves an attacker providing fake DNS responses, redirecting you to malicious servers while you think you are visiting legitimate websites. DNS hijacking means an attacker modifies your DNS settings (on your router or computer) to redirect all your traffic through their servers.
DNSSEC (DNS Security Extensions) adds cryptographic signatures to DNS records, allowing resolvers to verify that responses have not been tampered with. DNS over HTTPS (DoH) and DNS over TLS (DoT) encrypt DNS queries to prevent eavesdropping on which websites you visit.
Key Takeaways
- DNS translates human-readable domain names into machine-readable IP addresses
- Resolution involves recursive resolvers, root servers, TLD servers, and authoritative name servers
- Caching at multiple levels makes DNS fast — most lookups never need the full resolution chain
- Different record types serve different purposes: A (IPv4), AAAA (IPv6), MX (email), CNAME (aliases)
- TTL controls how long cached records are valid before requiring a fresh lookup
- DNS security measures (DNSSEC, DoH, DoT) protect against spoofing and eavesdropping
- DNS is one of the most critical internet infrastructure systems — without it, the internet would be unusable
- Understanding DNS helps troubleshoot connectivity issues and understand how internet services work
Exam Focus
Revise definitions, diagrams, examples, and short-answer points for DNS (Domain Name System).
Interview Use
Prepare one clear explanation, one practical example, and one common mistake for this Computer Fundamentals topic.
Search Terms
computer-fundamentals, computer fundamentals, computer, fundamentals, networking, basics, dns, dns (domain name system)
Related Computer Fundamentals Topics