How does a DNS work?

CloudDNS | October 24, 2022 | 3 min read

DNS resolution is the first step taken to form an internet connection. This includes when any device is being used to access a website or any type of internet-enabled application, such as e-commerce, CRM, or food delivery. These applications are connected to the internet via IP-backbone, which is typically controlled by a protocol named BGP (Border Gateway Protocol). Each application has a unique numbering schema on the internet, referred to as IP address.

Users accessing these applications are not required to know the IP address. What’s more, it is practically impossible to remember the IP address of each application being used. Here, DNS plays a vital role by giving each application a naming conversion that is human-readable and easy to remember. All users have to do is simply enter the human-readable website name on their browser, then the browser automatically makes a DNS lookup to convert the website name to an IP address, and traffic is routed to the intended destination on the internet via IP-Backbone.

There are multiple sequences of steps and multiple types of DNS services involved whenever a DNS lookup happens on the internet. This blog will help you to understand the DNS lookup process and the types of services being used.

DNS services

Authoritative DNS: An authoritative DNS is the one that holds the DNS records of a domain. Records include domain name to IP address mapping, Mail Exchange records, Reverse DNS records, and more. These records are managed and updated when required by the domain administrators or network admins or developers who maintain the website. Authoritative Name servers respond to DNS queries by translating domain names to the IP address. Typically, it is not the users directly sending DNS queries to Authoritative DNS, DNS Resolver (Recursive DNS servers) are the ones that send DNS queries to the Authoritative DNS on behalf of users. For example, ManageEngine CloudDNS is an Authoritative DNS service provider.

Recursive DNS: Also called DNS Resolver. Users are typically sending DNS queries to the DNS resolver, and in turn these DNS resolvers are maintained by ISPs, public DNS providers, or some large companies that have their own DNS resolver. DNS resolver details are automatically updated on the user’s computer and gadgets when they connect to ISP or LAN network. Users can also change the DNS resolver settings to use their preferred DNS provider on their computers and gadgets. DNS resolvers are responsible for translating the domain names to the IP address on behalf of users.

Decoding DNS lookups

The diagram given below explains how the users, DNS resolver, and Authoritative DNS are involved in the process of routing the website accessible on the internet.

  1. The user types on the browser and hits enter.

  2. The browser queries the DNS resolver to translate to an IP address. Generally, the DNS resolver caches the DNS records of queries that have been already translated to an IP address via the same resolver as before. The duration of this caching totally depends on the TTL (Time-to-live) configured on the DNS records. The DNS resolver returns the IP address if it has it in the cache, otherwise it will forward the query to the root server.

  3. The root servers are maintained by ICANN (Internet Corporation for Assigned Names and Numbers). The root servers hold the nameservers details of the top-level domain (TLD), like .com, .eu, .org, etc. belongs to .com TLD, and the root server responds to DNS resolver with the nameservers of the .com domain.

  4. The TLD servers are maintained by IANA (Internet Assigned Number Authority). The TLD server responds to the DNS resolver with details of authoritative nameservers for

  5. The DNS resolver forwards to the authoritative nameserver holding the DNS records of The authoritative nameserver responds with the IP address of to the DNS resolver.

  6. The DNS resolver forwards the final answer to the user and holds the record in the cache till TTL expires.

ManageEngine CloudDNS 

ManageEngine CloudDNS is an Authoritative DNS service with advanced features. With ManageEngine CloudDNS, empower your business to prioritize optimal domain performance by shedding the overwhelming weight of hosting your own DNS server to manage your digital assets. Sign up for a 30-day, free trial of ManageEngine CloudDNS and get introduced to easy DNS infrastructure management.

  1. locki

    very good website