DNS — Domain Name System

What is DNS

DNS (Domain Name System) is the «phone book» of the Internet. When you type example.com in your browser, your computer does not know which IP address to connect to. It asks DNS, gets the answer (e.g. 93.184.216.34), and then makes the HTTP connection there.

DNS is a hierarchical, distributed system. There is no single server that knows everything — there are millions of servers, each knowing a piece of the puzzle.

How a DNS lookup works

1. Your browser asks the recursive resolver of your ISP (or Google 8.8.8.8, Cloudflare 1.1.1.1).
2. If it does not have the answer cached, it asks one of the 13 root servers.
3. The root says: «check the nameservers for the .com TLD».
4. The TLD nameserver says: «example.com has nameservers ns1.example.com and ns2.example.com».
5. The domain's authoritative nameserver returns the IP.
6. The resolver caches the answer for as long as the TTL specifies.

Record types

The most common DNS records:

• A — hostname → IPv4
• AAAA — hostname → IPv6
• CNAME — hostname → another hostname (alias)
• MX — mail servers for the domain
• TXT — free-form text (SPF, verification, etc.)
• NS — authoritative nameservers
• SOA — basic parameters of the zone
• PTR — reverse lookup (IP → hostname)
• CAA — which CAs are allowed to issue SSL certificates
• SRV — service discovery (XMPP, SIP, autodiscovery)

Caching & propagation

Every record has a TTL in seconds. When you make a change, resolvers around the world will keep serving the old value until the TTL expires. That is why we say «DNS was changed but propagation takes time».

Before making a change, lower the TTL to 300 (5 minutes) a few hours in advance so that propagation happens quickly when you make the actual change.