IP Address & Network

DNS (Domain Name System)

About 5 min read

Last updated: 2026-03-15

What Is DNS

DNS (Domain Name System) is a system that translates human-readable domain names (e.g., example.com) into IP addresses (e.g., 93.184.216.34) that computers use for communication. Often compared to the internet's "phone book," a DNS query takes place behind the scenes every time you enter a URL in your web browser.

Without DNS, you would need to type in an IP address directly every time you wanted to visit a website. DNS is a foundational technology that underpins the usability of the internet, and its failure can affect the entire internet.

The Name Resolution Process

When you access www.example.com in your browser, DNS name resolution proceeds in the following order.

  1. Browser cache: If a record from a previous visit exists in the browser, it is used.
  2. OS cache: If not found in the browser, the OS resolver cache is checked.
  3. Full resolver (caching DNS server): A query is sent to the ISP or a public DNS server (e.g., 8.8.8.8). If a cached record exists, the response is returned here.
  4. Root DNS server: If no cache exists, the root server is queried for the authority over .com.
  5. TLD server: The TLD server managing .com is queried for the authoritative server for example.com.
  6. Authoritative DNS server: The authoritative server for example.com returns the final IP address.

This entire process typically completes in a few tens of milliseconds. When caching is effective, a response can be returned in under 1 millisecond.

Public DNS Options

Using a public DNS instead of your ISP's default DNS server can sometimes improve response speed and privacy.

Google Public DNS (8.8.8.8)
One of the world's largest DNS services. Fast and reliable, but note that query logs are recorded by Google.
Cloudflare DNS (1.1.1.1)
Emphasizes privacy, deleting query logs after 24 hours. Also among the fastest DNS services globally.
Quad9 (9.9.9.9)
Security-focused. Includes automatic blocking of access to known malware domains.

To switch to a public DNS, change the DNS server address in your router's DHCP settings, or configure it individually in each device's network settings.

DNS Security Risks and Countermeasures

Traditional DNS communication is unencrypted, posing several serious risks.

  • DNS spoofing (cache poisoning): An attack that injects forged DNS responses to redirect users to phishing sites. DNSSEC (DNS Security Extensions) can verify the authenticity of responses, but adoption remains low.
  • DNS leak: A problem where DNS queries leak outside the VPN tunnel, revealing your browsing destinations to your ISP.
  • Eavesdropping: Plaintext DNS queries can be intercepted by anyone on the network, exposing which sites you are visiting.

To counter these risks, encryption via DNS over HTTPS (DoH) or DNS over TLS (DoT) is recommended. Major browsers now offer DoH as a default or optional feature.

To learn more about this topic, see What Is a DNS Leak? Risks and Prevention When Using a VPN.

Common Misconceptions

Changing your DNS makes the internet faster
Changing DNS only improves name resolution response time. It does not affect download speeds or video buffering. However, if your ISP's DNS is slow, web pages may feel like they start loading faster.
DNS is only used for web browsing
DNS is used in all communications involving domain names, including email delivery (MX records), VPN connections, online gaming, and IoT device communication. If DNS goes down, virtually all communication except direct IP address access is affected.
Share

Related Terms

DNS Leak A phenomenon where DNS queries bypass the encrypted VPN tunnel and are sent dire… DNS over HTTPS (DoH) A technology that encrypts DNS queries using the HTTPS protocol, preventing ISPs… IP Address A unique identifier assigned to every device connected to the internet. There ar… GeoIP A technology that estimates approximate geographic location (country, region, ci… DHCP (Dynamic Host Configuration Protocol) A protocol that automatically assigns configuration details such as IP address, … CDN (Content Delivery Network) A globally distributed network of edge servers that caches and delivers web cont…

Related Articles

What Is a DNS Leak? Risks and Prevention When Using a VPN Understand how DNS leaks occur, the risks of DNS query exposure when using a VPN, detection methods,… What Is DNS over HTTPS (DoH)? How It Works and How to Set It Up Learn how DNS over HTTPS encrypts your DNS queries, how to enable it in major browsers, and how it d… When DNS Breaks, the Internet Stops - The Phone Book's Vulnerabilities and Defenses Learn from the 2016 Dyn DDoS attack that took down Twitter and Netflix, DNS cache poisoning, the pro…
← Glossary