DigiCert KnowledgeBase - Technical Support-hero

Knowledge Base

How DNS Works

Solution ID : SO269
Last Modified : 10/21/2023

What is DNS?

Before we get into how you can use DNS, we need to understand how the system works. We already know that it maps IP addresses to domain names, but where is this information stored? On nameservers!

Name servers store DNS records which are the actual file that says “this domain” maps to “this IP address”. So is there a room somewhere that has all the nameservers and DNS records for every site on the Internet? No… that would be ridiculous. They are actually distributed all around the world. These nameservers are called the root nameservers and instead of storing every domain ever, they store the locations of the TLD (top level domains).

TLD’s are the two or three character strings like .com that end a domain name. Each TLD has their own set of nameservers that store the information that says who is authoritative for storing the DNS records for that domain. The authoritative nameserver is typically the DNS provider or the DNS registrar (like GoDaddy that offers both DNS registration and hosting). And here we can find the DNS record that maps example.com to the IP address

What is TTL’s and Caches

Let’s put that all together. When you query a domain name your first step won’t actually be at the root name servers. Instead, your browser will ask your local resolving name server if they have the DNS records for that domain cached.

The resolving name server is typically your ISP (Internet Service Provider), and if it’s a popular website like youtube.com they will likely have the record in their cache. In this case, you would skip the rest of the DNS lookup process. However, these records are only stored for a short period of time. Whenever you create a record, you have the option to set a TTL (Time to Live). TTL’s tell resolving name servers how long they can store the record information. TTL’s can range anywhere from 30 seconds to a week.

What if the record we are looking for isn’t cached? Then the resolving name server will ask the root name servers for the TLD for that domain, which will point you to the provider authoritative for hosting the records.  

Okay, that was a lot of steps to go through just to find the IP address. Oh, and by the way, this process happens in just a couple milliseconds. A little perspective, you blink your eye in roughly 50 milliseconds. You can resolve most DNS queries in under 30.