DNS8 min read

How DNS Works: Step-by-Step Explained

A complete walkthrough of the DNS query lifecycle — from the moment you press Enter to the IP address landing in your browser.

Every web request starts with a DNS lookup, yet most people never think about it. In the fraction of a second between typing a URL and seeing a webpage, your device initiates a precise chain of queries across a global network of servers. Understanding how DNS works gives you a powerful mental model for diagnosing problems, optimising performance, and securing your infrastructure.

The Four Actors in a DNS Query

A typical DNS resolution involves four distinct server types, each with a specific role:

  • DNS Recursive Resolver — the first stop for your query. It does the legwork of navigating the DNS hierarchy on your behalf.
  • Root Nameservers — the top of the DNS hierarchy. There are 13 logical root server addresses (operated by multiple physical servers worldwide), labelled A through M.
  • TLD Nameservers — authoritative for a specific top-level domain, such as .com, .net, or .org.
  • Authoritative Nameserver — holds the actual DNS records for a specific domain. This is the final, definitive answer to your query.

Step-by-Step: The DNS Query Lifecycle

Let's trace exactly what happens when you type showdns.net into your browser and press Enter.

Step 1 — Browser and OS Cache Check

Before any network request is made, your browser checks its own DNS cache. If it has recently resolved showdns.net and the cached record has not expired (based on its TTL), it uses that cached IP directly. If not, it passes the request to the operating system's stub resolver, which checks the OS-level DNS cache and the local hosts file.

Step 2 — Query the Recursive Resolver

If no cached answer exists, the stub resolver sends a query to the recursive resolver (also called a full-service resolver or recursive nameserver). This is usually configured by your network — either your ISP's resolver, or a public resolver like Google (8.8.8.8), Cloudflare (1.1.1.1), or OpenDNS (208.67.222.222). The recursive resolver is responsible for finding the answer, even if it has to ask multiple servers.

What Makes a Resolver "Recursive"?A recursive resolver performs the full lookup on behalf of the client. It follows referrals from server to server until it gets a definitive answer, then returns that answer to the client. This is in contrast to an iterative lookup, where each server only tells the client where to look next.

Step 3 — Query the Root Nameservers

If the recursive resolver does not have a cached answer, it queries one of the 13 root nameserver addresses. The root server does not know the IP of showdns.net, but it knows who is authoritative for .net. It responds with a referral: a list of nameservers responsible for the .net TLD.

text
; Root server response (simplified) ;; AUTHORITY SECTION: net. 172800 IN NS a.gtld-servers.net. net. 172800 IN NS b.gtld-servers.net. net. 172800 IN NS c.gtld-servers.net.

Step 4 — Query the TLD Nameserver

The recursive resolver now queries one of the .net TLD nameservers. Again, the TLD server does not have the final answer — but it knows which nameservers are authoritative for showdns.net. It responds with another referral pointing to those nameservers.

Step 5 — Query the Authoritative Nameserver

The recursive resolver queries the authoritative nameserver for showdns.net. This server holds the actual DNS zone file for the domain. It returns the requested record — for example, an A record containing the IP address 93.184.216.34. This is the definitive answer.

text
; Authoritative nameserver response (simplified) ;; ANSWER SECTION: showdns.net. 300 IN A 93.184.216.34

Step 6 — Response Returned and Cached

The recursive resolver returns the IP address to your browser. Along the way, it caches the result for the duration specified by the record's TTL (Time to Live). Your OS and browser also cache the answer. Future lookups for the same domain are answered from cache, skipping the entire chain above.

Visualising the Full Lookup

text
Browser └─► OS Stub Resolver └─► Recursive Resolver (e.g. 1.1.1.1) ├─► Root Nameserver (.) │ └─ Refers to .net TLD servers ├─► .net TLD Nameserver │ └─ Refers to showdns.net nameservers └─► Authoritative Nameserver (showdns.net) └─ Returns A record → 93.184.216.34

The Role of Caching in DNS Performance

DNS caching is what makes the internet feel fast. Without it, every single page load would trigger a full recursive lookup chain — adding latency to every request. With caching, the full lookup chain is only triggered when a record is new or its TTL has expired.

Caching happens at multiple levels:

  • Browser cache — Chrome, Firefox, and other browsers maintain their own DNS caches.
  • OS cache — the operating system maintains a system-wide DNS cache (e.g., nscd on Linux, the DNS Client service on Windows).
  • Recursive resolver cache — your ISP's or public resolver's cache, shared across all its users.
Cache Can Delay DNS ChangesWhen you update a DNS record, the old value may remain cached at various points in the chain until each cache's TTL expires. Use the DNS Propagation Checker to monitor how quickly your changes spread across global resolvers.

Root Nameservers: The Foundation of DNS

There are 13 root nameserver logical addresses (A through M), but each is backed by hundreds of physical servers distributed globally using anycast routing. Anycast means that when a resolver queries a.root-servers.net, it automatically reaches the nearest physical instance of that server. This redundancy makes the root DNS infrastructure highly resilient.

The root zone is maintained by IANA (Internet Assigned Numbers Authority), a function of ICANN. Any change to TLD delegations at the root level must go through IANA.

How Nameserver Delegation Works

DNS uses a delegation model. When you register a domain, your registrar records your chosen nameservers in the TLD zone (a glue record if the nameserver is within the same domain). From that point, the authoritative nameserver you designate controls all DNS records for your domain.

You can verify a domain's nameservers at any time using the ShowDNS DNS Lookup tool by querying for NS records.

Frequently Asked Questions

How long does a DNS lookup take?

A full recursive DNS lookup with no caching typically takes between 20 and 120 milliseconds, depending on network latency and server locations. Cached responses are returned in under 1 millisecond from the OS or browser cache.

What happens if a DNS server is unreachable?

If the recursive resolver cannot reach a server, it will retry and may try alternative servers in the root or TLD lists. If the authoritative nameserver is unreachable and the resolver has no cached answer, the query fails and the browser displays a DNS error. This is why domains should have multiple nameservers for redundancy.

Can I use a different recursive resolver?

Yes. You can change the DNS resolver your device uses in your network settings. Popular public resolvers include Cloudflare (1.1.1.1), Google (8.8.8.8), and Quad9 (9.9.9.9). Some offer privacy features, malware blocking, or faster response times compared to your ISP's default resolver.

What is a DNS zone file?

A zone file is a text file stored on an authoritative nameserver that contains all the DNS records for a domain. It lists every A, CNAME, MX, TXT, and other record the domain uses. Zone files follow the format defined in RFC 1035 and are managed by DNS hosting providers or directly by system administrators.

Does DNS work differently for private networks?

Private networks often run their own internal DNS servers that handle resolution for internal hostnames that do not exist on the public internet. These internal resolvers may forward queries for public domains to a public resolver. Split-horizon DNS is a technique where the same domain resolves to different addresses depending on whether the query comes from inside or outside the network.

Related Articles