*Domain Name System (DNS)

September 15, 2025

What is DNS?

DNS translates human‑readable names (example.com) into IP addresses. It’s the phone book of the internet, with caches everywhere for speed.

Resolution flow

  1. Client asks a recursive resolver (usually ISP or public).
  2. Resolver queries root → TLD → authoritative nameserver.
  3. Answers are cached with TTL to speed up next lookups.

Concepts

  • Hierarchy: root → TLD → authoritative.
  • Recursive resolvers, caches, TTL.

Record types

A/AAAA, CNAME, NS, MX, TXT, SRV, CAA.

Performance and reliability

  • Appropriate TTLs, geo‑DNS, anycast.
  • DNSSEC for integrity; avoid abusive wildcards.

Code: zone file snippet (BIND)

# language-ini
$TTL 300
@   IN  SOA ns1.example.com. hostmaster.example.com. (
        2025091501 ; serial
        3600       ; refresh
        900        ; retry
        604800     ; expire
        300 )      ; minimum

    IN  NS  ns1.example.com.
    IN  NS  ns2.example.com.
@   IN  A   203.0.113.10
www IN  CNAME @
api IN  A   203.0.113.20

Code: DNS over HTTPS (curl)

# language-bash
curl -s 'https://cloudflare-dns.com/dns-query?name=example.com&type=A' \
  -H 'accept: application/dns-json' | jq

Analogy

DNS is like asking a chain of librarians where a book is shelved. Once you learn it, you keep a sticky note (cache) so you don’t have to ask again soon.

FAQ

  • Why does a change take time? Caches honor old TTLs until they expire.
  • Can I CNAME the root? Not in plain DNS; use ALIAS/ANAME from your provider.

Try it

Lower TTL 24h before a migration. After cutover, raise TTL back for stability.