What is DNS? The Internet's Phone Book

The Domain Name System (DNS) is the infrastructure that translates human-readable domain names like google.com into the numeric IP addresses that computers use to find each other on the network. Without DNS, you would have to memorize addresses like 142.250.80.46 to visit any website.

How DNS Resolution Works

When you type a URL into your browser, a multi-step lookup process begins:

1. Browser cache — Your browser checks if it already knows the IP for this domain from a recent lookup.
2. OS resolver — If not cached, the operating system's stub resolver is queried. It may have a cached answer too.
3. Recursive resolver — The query goes to a recursive DNS resolver (often run by your ISP, or a public resolver like Google's 8.8.8.8 or Cloudflare's 1.1.1.1). This server does the heavy lifting.
4. Root servers — The recursive resolver asks one of the 13 root server clusters for the authoritative servers for the top-level domain (.com, .org, etc.).
5. TLD servers — The TLD nameserver points to the authoritative nameservers for the specific domain.
6. Authoritative server — Finally, the domain's own nameserver returns the IP address.

This entire process typically completes in under 100 milliseconds, and the result is cached at multiple levels so subsequent lookups are near-instant.

DNS Record Types

DNS stores more than just IP addresses. The most common record types are:

• A — Maps a domain to an IPv4 address
• AAAA — Maps a domain to an IPv6 address
• CNAME — An alias pointing one domain to another
• MX — Specifies the mail server(s) for a domain
• NS — Identifies the authoritative nameservers for a domain
• TXT — Arbitrary text, commonly used for email authentication (SPF, DKIM, DMARC) and domain verification
• SOA — Start of Authority, containing administrative information about the zone
• PTR — Reverse DNS, mapping an IP address back to a hostname
• CAA — Certificate Authority Authorization, specifying which CAs can issue SSL certificates for the domain

When you look up a domain in the looking glass, the DNS Records panel shows all of these record types for that domain.

DNS Security

The original DNS protocol sends queries in plaintext over UDP, which makes it vulnerable to eavesdropping and manipulation. Several technologies address this:

• DNSSEC — Adds cryptographic signatures to DNS records, allowing resolvers to verify that responses haven't been tampered with.
• DNS over HTTPS (DoH) — Encrypts DNS queries inside HTTPS connections, preventing network observers from seeing which domains you look up.
• DNS over TLS (DoT) — Similar to DoH but uses a dedicated TLS connection on port 853.

DNS and BGP

DNS and BGP work together to make the internet function. DNS tells your computer which IP address to connect to, and BGP tells the network how to route packets to that IP address. When you look up a domain like github.com, the looking glass first resolves it via DNS, then shows you the BGP routing information for the resolved IP.

Try It

Look up any domain to see its DNS records and BGP routing information:

• google.com
• cloudflare.com
• github.com