DNS (domain name system) assigns an IP address to a domain name, and is a fundamental building block of online communications. DNS effectively acts like an address book for the internet. Here’s how the domain name system works.
The domain name system translates web addresses into IP addresses. Every server or device has an IP address (internet protocol address) associated with it. When you open a website in your browser, information travels between your device and the website’s server, and the IP addresses of both are used to make sure the relevant data reaches the intended recipients.
Of course, if you want to access a website, you don’t type an IP address into the browser’s address bar. Instead, you input a URL address, which will probably look like this: https://www.example.com. The domain name system takes that URL address and translates it into an IP address, which is the main identifier used to find the site you’re looking for.
DNS is useful because it allows the end users to rely on short, convenient URLs, instead of having to find the specific IP addresses for every website they visit — IP addresses that may change over time.
DNS relies on DNS servers, which fall into two categories.
A recursive domain name server, or DNS resolver, is created to react and respond to DNS queries and is able to track down the records needed to find the correct root nameserver. Sometimes, if the root server isn’t found right away, recursive DNS servers will need to create multiple requests until the nameserver is found. A recursive server will only be able to respond to queries by finding the results from other DNS servers.
An authoritative DNS server, or authoritative nameserver, is always the final data point in the internet protocol address retrieval process — it’s the last segment of the DNS server chain. When an authoritative DNS server receives a DNS request, it doesn’t need to communicate with any other servers. The authoritative server already has the data needed to answer the DNS query. A recursive query, on the other hand, will always rely on other servers for the desired data.
DNS works by sending DNS lookup requests to servers. This process starts when you type a URL into the address bar on your browser.
Here is a step-by-step breakdown of the DNS lookup process and how DNS resolution is reached:
While it sounds like working through four different servers would be time-consuming, DNS lookup happens instantly.
DNS and IP addresses work together to find the websites you’re looking for. Domain name systems match URL addresses to IP addresses, so both have a role to play.
Just think of DNS records as your online address book. You already have the (domain) name of the person (website) you want to talk to – now you just need the phone number (IP address) to start communication.
DNS servers help pair domain names with IP addresses. While most domain names will have a unique IP address, there are some domains that have multiple addresses. Giant corporations like Apple or Amazon will have potentially thousands of servers around the world, each with a specific IP address. DNS data ensures that the domain name will always connect to the best local DNS server, though you can change the DNS server you’re connected to if necessary.
You will almost never have to change your DNS server manually, but it can sometimes be useful to improve your gaming experience. Read our guide to find out how to change DNS server on PS or Xbox .
DNS caching is a process in which IP addresses are saved in a DNS server, along with matching URLs. This speeds up DNS lookup and saves on processing power.
A cache is a small store of data that is used to keep loading times to a minimum. The DNS lookup process can be shortened via DNS caching. When it comes to caching for a DNS server, the recursor server stores the cached information.
If a browser has a DNS cache, instead of having to communicate with DNS servers to retrieve an IP address, the cache can directly find the correct identifying records. Loading speeds can be kept as short as possible by retrieving the necessary data from a local cache. A cache of data isn’t limited by operating system or browser, with a user’s internet service provider often providing its own recursive resolver cache to keep bandwidth at reasonable levels.
NordVPN DNS servers can be automatically configured to your devices, as a means to prevent any potential DNS leaks. Beware, however, of DNS cache poisoning. This is where a hacker will feed incorrect cache data into a DNS cache. DNS cache poisoning can lead you to a malware-ridden website, or to a site that will harvest private information.
DNS matches domain names to internet protocol addresses, while VPNs allow you to change the IP address that you use to browse the internet. They are fundamentally different systems.
However, NordVPN offers a feature called SmartDNS, which changes your DNS information to make it appear as though you’re accessing websites from a different location than your own. While this is similar to the way in which a VPN changes your IP address, SmartDNS offers none of the security or convenience of a VPN. SmartDNS also works with only a select group of services, while a VPN routes all the traffic on your device through a VPN server.
VPNs encrypt your web traffic, so you can browse in private, and completely mask your IP address from the wider internet. This means that internet service providers can’t monitor your activity. With NordVPN, you also get access to useful features like Threat Protection, which can block ads and scan downloads for malware.
Changing to a secure DNS server can improve your online security and connection speed. It can also help you access restricted content. If your ISP’s servers are underperforming, you can opt for a third-party DNS server for better browsing results and more privacy. But first, you should know which DNS service providers you can trust. You will find all you need to know about choosing a secure server and selecting it in our article on how to change DNS servers.