The Domain Name System (DNS) translates domain names like “newrelic.com” into numeric IP addresses that computers use to identify each other on the internet. Think of it like a digital phone book, pairing the human-readable domains you use to access websites with their machine-readable numeric addresses. When you type a website address into your browser, DNS finds the corresponding IP address through a distributed database system that maps domain names to their assigned IP addresses.
DNS operates as a hierarchical, globally distributed database that eliminates the need to maintain centralized records of all domain names. This distributed architecture ensures scalability and fault tolerance across the billions of requests processed daily.
What is a DNS server?
A DNS server maintains databases containing IP addresses and their corresponding domain names. When you enter a domain name in your browser, the DNS server finds the matching IP address so your device can connect to the right destination. DNS servers form the backbone of internet navigation, directing traffic to the correct locations across the global network. Different types of DNS servers handle specific roles in the resolution process:
- Recursive resolvers search for the right IP address by communicating with other DNS servers.
- Root nameservers maintain information about top-level domains and direct queries toward the appropriate TLD servers.
- Top-level domain nameservers (TLD) manage domains like .com, .org, and .net, pointing queries to the authoritative servers.
- Authoritative nameservers store the actual DNS records for specific domains and provide the final IP address answers.
The difference between authoritative DNS and recursive DNS
Authoritative DNS
Authoritative DNS servers are the definitive source of information for the domains they manage. They maintain the actual DNS records and respond with the correct IP addresses for their domains. When you register a domain, your domain registrar configures these authoritative nameservers to hold your domain’s information. These servers don’t perform searches—they simply answer queries about domains they’re responsible for. They’re the final source of truth in the DNS chain.
Recursive DNS
Recursive DNS resolvers act as intermediaries between users and authoritative servers. When you try to access a website, your request first goes to a recursive resolver—typically operated by your internet service provider or a public DNS server. The recursive resolver either retrieves the information from its cache—if it has recently processed a similar request—or methodically queries other DNS servers until it finds the authoritative server with the correct IP address. Once found, it returns this information to your browser and caches it for future requests.
How does DNS work?
DNS transforms domain names into IP addresses through a series of steps that involves multiple servers working together, yet typically takes place in a matter of milliseconds.
Local cache check
Your device first checks its local DNS cache to see if it already knows the IP address from previous visits.
DNS resolver query
If not found locally, your request goes to a recursive DNS resolver, often provided by your ISP.
Root server lookup
The resolver queries a root server which directs it to the appropriate TLD server.
TLD server lookup
The TLD server—such as .com or .org—points to the authoritative nameserver for the specific domain.
Authoritative server lookup
The authoritative server, which holds the actual DNS records, provides the IP address.
IP address retrieval
The resolver receives the IP address from the authoritative server.
Response to user
The DNS resolver sends the IP address back to your device.
Browser access
Your browser uses the IP address to establish a connection and load the website.
Types of DNS queries
A DNS query is the request your system makes to find an IP address for a domain name. These queries vary based on how the DNS resolver interacts with other servers.
- Recursive query: Your device asks the resolver to find the answer completely. The resolver must return either the requested information or an error, handling all the necessary steps.
- Iterative query: The DNS resolver asks each server in the chain for the best information they have, even if it’s just directions to another server.
- Non-recursive query: The resolver checks for information it already has in its cache or that it’s directly responsible for.
How to perform a DNS lookup
A DNS lookup reveals the IP addresses and records associated with a domain. This process is useful for troubleshooting connection issues or verifying DNS configurations. To perform a lookup on a Windows device, run one of the following commands in Command Prompt:
- Basic DNS lookup: Use
nslookup domain_nameto find a domain’s IP address (replacedomain_namewith the domain to look up). - Nameserver lookup: Use
nslookup -type=ns domain_nameto find a domain’s authoritativenameservers. - Mail server lookup: Use
nslookup -type=mx domain_nameto identify mail servers for a domain. (You can also replace mx with any other valid record type.) - Comprehensive record lookup: Use
nslookup -type=any domain_nameto view all available DNS records for a domain. - Reverse lookup: Use
ping -a ip_addressto find the domain name associated with an IP address.
Common DNS issues and troubleshooting
DNS problems can prevent website access and cause connection errors. Identifying and fixing these issues requires understanding common DNS failures.
DNS server not responding
This error occurs when your device can’t communicate with DNS servers. It may result from network connectivity problems, router issues, or DNS server outages. To resolve it, you can try restarting your networking equipment, temporarily disabling firewalls, or using alternative DNS servers.
DNS caching and its impact
Your device and browsers store DNS information to speed up browsing, but outdated cache entries can cause connection problems if a website changes its IP address. You can often resolve these issues by clearing your DNS cache.
Best DNS practices and security measures
DNS security is critical since attacks can redirect users to malicious sites or disrupt services. DNS spoofing and hijacking involve intercepting DNS queries to redirect traffic to fake websites designed to steal information.
How to secure your DNS
You can protect your DNS by implementing Domain Name System Security Extensions (DNSSEC) to add authentication and prevent tampering with DNS records. Use reputable DNS providers with built-in security features. Consider DNS filtering to block access to known malicious domains. For businesses, implement DNS monitoring to detect unusual patterns that might indicate an attack.
다음 단계
DNS monitoring alerts you to suspicious activities like spoofing attempts or unexpected resolution changes. New Relic’s Network Monitoring provides real-time visibility into your DNS infrastructure to help you identify security threats before they impact your services. By tracking response times, query patterns, and error rates, you can visualize DNS performance across your entire infrastructure and quickly troubleshoot problems.
Start protecting your digital assets with complete DNS visibility. Watch an on-demand demo to learn how New Relic’s DNS monitoring can strengthen your security and improve user experience.
이 블로그에 표현된 견해는 저자의 견해이며 반드시 New Relic의 견해를 반영하는 것은 아닙니다. 저자가 제공하는 모든 솔루션은 환경에 따라 다르며 New Relic에서 제공하는 상용 솔루션이나 지원의 일부가 아닙니다. 이 블로그 게시물과 관련된 질문 및 지원이 필요한 경우 Explorers Hub(discuss.newrelic.com)에서만 참여하십시오. 이 블로그에는 타사 사이트의 콘텐츠에 대한 링크가 포함될 수 있습니다. 이러한 링크를 제공함으로써 New Relic은 해당 사이트에서 사용할 수 있는 정보, 보기 또는 제품을 채택, 보증, 승인 또는 보증하지 않습니다.
