What Is DNS? The Internet's Phone Book (Sort Of)

DNS (Domain Name System) is the protocol that translates human-readable domain names like google.com into machine-readable IP addresses like 142.250.80.46. Without DNS, you would need to memorize the IP address of every website you want to visit. It is often described as the internet’s phone book, although that comparison sells it short. DNS is really more like a massive, distributed, hierarchical lookup system that processes billions of queries every single day and somehow manages not to fall apart.

Why DNS Exists (And Why You Should Care)

Computers communicate using numbers. IP addresses, specifically. But humans are terrible at remembering numbers. Quick, what’s 172.217.14.206? No idea? That’s Google. What about 31.13.80.36? Facebook. See the problem?

DNS exists because someone in the early 1980s (specifically Paul Mockapetris, if you want to drop that at a dinner party) realized that the existing system of maintaining a single text file listing every hostname and IP address on the entire internet was, shall we say, not going to scale. That file was called HOSTS.TXT and it lived on a single computer at Stanford. Every time a new host was added, everyone had to download the updated file. Imagine doing that for the 350+ million domain names registered today.

So DNS replaced a single file with a distributed database spread across millions of servers worldwide. Much better plan.

How DNS Resolution Actually Works (Step by Step)

When you type whatismyip.wiki into your browser, here’s literally everything that happens behind the scenes:

Step 1: The Browser Cache

First, your browser checks its own cache. “Have I looked up this domain recently?” If yes and the cached record hasn’t expired, it uses that IP address immediately. Done. No network request needed.

Step 2: The OS Cache

If the browser cache misses, the request goes to your operating system’s DNS resolver cache. Windows, Mac, and Linux all maintain their own cache of recent DNS lookups. Same idea: if it’s there and still valid, use it and move on.

Step 3: The Router

Still no answer? The query goes to your router, which often has its own DNS cache. Many home routers cache DNS responses to speed up lookups for all devices on the network.

Step 4: The Recursive Resolver

Now things get interesting. If nobody in your local chain has the answer, the query goes to a recursive DNS resolver. This is usually run by your ISP, or by a third party like Cloudflare (1.1.1.1) or Google (8.8.8.8) if you’ve changed your DNS settings.

The recursive resolver is like a research librarian. It doesn’t know the answer itself, but it knows how to find it. And it goes through a process that can involve multiple steps:

Step 5: The Root Nameserver

The recursive resolver asks one of the 13 root nameserver clusters (named A through M) a simple question: “Who’s responsible for .wiki domains?”

And yeah, there are technically only 13 root nameserver addresses, but they’re anycast, meaning each one is actually hundreds of servers distributed globally. The root server system handles about 50 billion queries per day and has never gone completely down since its creation. Pretty solid uptime for something designed in the 1980s.

Step 6: The TLD Nameserver

The root server says “I don’t know the IP for whatismyip.wiki, but the nameservers for all .wiki domains are over at these addresses.” The recursive resolver then asks the .wiki TLD (Top Level Domain) nameserver the same question.

Step 7: The Authoritative Nameserver

The TLD nameserver responds with “The authoritative nameserver for whatismyip.wiki is at this address.” Finally, the recursive resolver asks the authoritative nameserver for the A record (the IPv4 address) of whatismyip.wiki.

Step 8: The Answer

The authoritative nameserver responds with the IP address. The recursive resolver caches this answer (so it doesn’t have to do all that work again for a while), then sends the IP back to your computer. Your browser connects to that IP address and loads the web page.

This entire process typically takes between 20 and 120 milliseconds. Impressive when you consider it might involve querying servers on three different continents.

DNS Record Types (The Important Ones)

DNS doesn’t just store IP addresses. It stores different types of records for different purposes. Here are the ones that actually matter:

Record	Purpose	Example Value
A	Maps a domain to an IPv4 address	`93.184.216.34`
AAAA	Maps a domain to an IPv6 address	`2606:2800:220:1:248:1893:25c8:1946`
CNAME	Alias pointing to another domain	`www.example.com` → `example.com`
MX	Mail server for the domain	`mail.example.com` (priority 10)
TXT	Text data (SPF, DKIM, verification)	`v=spf1 include:_spf.google.com ~all`
NS	Nameserver responsible for the domain	`ns1.cloudflare.com`
SOA	Start of Authority (zone metadata)	Serial number, refresh intervals
PTR	Reverse DNS (IP to domain)	Used for email validation
SRV	Service location records	Used by VoIP, gaming, etc.

The A record is the most common by far. When someone says “point your domain to this IP,” they mean create an A record. We’ve got a full deep dive on DNS record types if you want the complete picture.

DNS Caching: Why Changes Take Time

Every DNS response comes with a TTL (Time to Live) value, measured in seconds. This tells every server along the chain “you can cache this answer for this long before checking again.”

Common TTL values:

300 seconds (5 minutes): Frequently changing records, quick propagation
3600 seconds (1 hour): Standard for most records
86400 seconds (24 hours): Stable records that rarely change

This caching is why, when you change your domain’s DNS records, the changes don’t appear instantly everywhere. Different DNS resolvers around the world cached the old answer at different times, with different TTLs. This ripple effect is called DNS propagation, and it typically takes anywhere from minutes to 48 hours to complete globally. Most of the time, though, it’s done within a few hours.

Popular DNS Resolvers Compared

Not all DNS resolvers are created equal. Here’s how the major players stack up:

Provider	Primary	Secondary	Speed	Privacy	Extras
Cloudflare	1.1.1.1	1.0.0.1	Fastest globally	No logging	WARP VPN option
Google	8.8.8.8	8.8.4.4	Very fast	Logs queries	Most widely used
Quad9	9.9.9.9	149.112.112.112	Fast	No IP logging	Malware blocking
OpenDNS	208.67.222.222	208.67.220.220	Fast	Logs some data	Content filtering
AdGuard	94.140.14.14	94.140.15.15	Decent	No logging claimed	Ad/tracker blocking

Cloudflare consistently wins speed tests in most regions. They also committed to never logging DNS queries or selling data, and they hired an independent auditor (KPMG) to verify that claim annually. Google’s DNS is reliable and fast, but Google does log query data (they say it’s anonymized after 24 to 48 hours).

Common DNS Problems and How to Fix Them

“DNS Server Not Responding”

The most common DNS error. Usually means your configured DNS server is either down, unreachable, or your network connection has a problem. Quick fixes:

Try a different DNS server (switch to 1.1.1.1 or 8.8.8.8)
Restart your router
Flush your local DNS cache

Windows: ipconfig /flushdns Mac: sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder Linux: sudo systemd-resolve --flush-caches

DNS Leak

If you’re using a VPN but your DNS queries still go through your ISP’s resolver, that’s a DNS leak. Your ISP can see every domain you visit even though your traffic is encrypted. Most good VPN apps run their own DNS resolver to prevent this, but it’s worth checking. You can test at whatismyip.technology.

DNS Cache Poisoning

An attacker manages to insert fake DNS records into a resolver’s cache, redirecting users to malicious websites even though they typed the correct domain name. This is why DNSSEC (DNS Security Extensions) was invented; it adds cryptographic signatures to DNS records so resolvers can verify they haven’t been tampered with.

Slow DNS

If websites take a long time to start loading but are fast once they begin, slow DNS is often the culprit. Switching to a faster resolver can make a noticeable difference, especially if your ISP’s DNS is sluggish.

DNS Security: The Honest Picture

Standard DNS has a fundamental problem: everything is sent in plain text. Your DNS queries (which reveal every domain you visit) travel unencrypted across the network. Anyone between you and your DNS resolver can see them. Your ISP definitely can.

Several technologies are working to fix this:

DNS over HTTPS (DoH) encrypts DNS queries inside regular HTTPS traffic on port 443. It’s supported by Firefox (default), Chrome, Edge, Safari, and most modern browsers. Your queries look like normal web traffic to observers.

DNS over TLS (DoT) encrypts DNS queries using TLS on a dedicated port (853). It’s more “proper” from a networking perspective but easier to identify and block since it uses its own port.

DNSSEC doesn’t encrypt queries but adds digital signatures so you can verify that the response you received actually came from the legitimate authoritative server and wasn’t tampered with.

The realistic state of DNS security in 2026: DoH is widely deployed in browsers, DNSSEC adoption is slowly growing (about 30% of top domains sign their zones), and most people still use their ISP’s unencrypted DNS without thinking about it.

The Scale of DNS (Some Wild Numbers)

If you want to appreciate how critical DNS is, consider these stats:

Cloudflare’s 1.1.1.1 handles over 1 trillion DNS queries per month
There are over 350 million registered domain names worldwide
The root DNS server system processes around 50 billion queries daily
A single recursive resolver might cache millions of DNS records simultaneously
The entire DNS database, if printed, would fill several warehouses worth of paper (not that anyone has tried)

And despite all of this, DNS was originally designed in 1983 and the core protocol hasn’t changed all that much. Sure, extensions like DNSSEC, DoH, and DANE have been bolted on, but the fundamental query-response mechanism is essentially the same design Paul Mockapetris sketched out over 40 years ago. It’s one of the most successful protocol designs in computing history, even if it didn’t anticipate every modern security concern.

Test It Yourself

DNS Lookup Tool

Query any domain's DNS records. See A, AAAA, MX, TXT, NS, and more. Free, instant.

Open Tool →

Frequently Asked Questions

Popular choices include Google (8.8.8.8), Cloudflare (1.1.1.1), and Quad9 (9.9.9.9). Cloudflare tends to be fastest, Quad9 adds malware blocking, and Google is the most widely used. Your ISP's default DNS works fine too, but third-party options can be faster and more private.

Yes, if you're using standard DNS (port 53). Your queries are sent in plain text. To prevent this, use DNS over HTTPS (DoH) or DNS over TLS (DoT), which encrypt your queries. Most modern browsers support DoH natively.

Common causes include using a slow DNS provider, a full DNS cache on your device, network congestion, or your router acting up. Try flushing your DNS cache (ipconfig /flushdns on Windows) or switching to a faster DNS provider like Cloudflare 1.1.1.1.

If your DNS server goes down, you can't resolve domain names to IP addresses. Websites will appear unreachable even though the actual servers are fine. You could still access sites by typing their IP addresses directly, but good luck remembering those. Major DNS outages (like the Dyn attack in 2016) can make large portions of the internet seem broken.