Mindmap capturing deep dive learning about DNS

I Decided to Deep Learn DNS — Here’s What I Learned

Leave a Comment / Uncategorized / By

As a developer, I use DNS every single day — but until recently, I never truly understood how it works beneath the surface. So I made a decision: to deeply learn DNS, not just skim it.

This article is the result of that deep dive. Whether you’re a frontend engineer, backend developer, or simply someone curious about how the internet works, I’ve broken it down from first principles — in plain English.

Level 0: What Is DNS in Simple Terms?

DNS (Domain Name System) is like the internet’s giant phone book. It helps your browser find the real address (IP) of the website you type in.

Imagine asking your browser (your helpful assistant) to fetch a webpage. It checks a massive internet directory to find the exact address of that site — then loads it.

This lookup process usually takes one of two paths:

  • Quick cache check— If you’ve visited the site recently, the browser retrieves the IP from cache, making the page load almost instantly.
  • Full DNS lookup — If there’s no cached data, the browser asks a DNS resolver to find the IP address by querying DNS servers across the web.

Level 1: How DNS Resolution Works — The Full Flow

If the browser finds the IP address in cache (either in the browser or OS), it uses that immediately.

Otherwise, it reaches out to a DNS resolver (like Google DNS or your ISP’s DNS) to do the lookup:

  1. The resolver contacts a root server. For example, for www.example.com, the root server points it to the .com server.
  2. The .com TLD server tells the resolver which authoritative server knows about example.com.
  3. The resolver queries that authoritative server, which returns the final IP address.
  4. The resolver sends this IP back to the browser, which then fetches the website.

Level 2: Beyond the Basics — Key DNS Concepts You Should Know

Now that you understand how DNS resolves domains, let’s explore some deeper concepts that help you configure, secure, and debug DNS in real-world scenarios.

DNS Records Explained

Each domain is backed by DNS records, stored on authoritative servers. These records control how a domain functions.

Common record types:

  • A — Maps a domain to an IPv4 address
  • AAAA— Maps to an IPv6 address
  • CNAME — Points a domain to another domain (alias)
  • MX — Mail server information for email delivery
  • NS — Points to the domain’s authoritative name servers
  • TXT — Used for domain verification, SPF, etc.
  • SOA — Administrative info about the DNS zone
  • CAA — Specifies which CAs can issue SSL certificates
  • PTR — Enables reverse DNS (IP → domain)
  • SRV, NAPTR— Used for VoIP and advanced service routing
TTL — Time to Live

TTL (Time to Live) defines how long a DNS record can be cached before it must be refreshed.

For example, if I update an A record when pointing my domain to a new host, I’ll set a low TTL (like `300 seconds`) temporarily so changes propagate quickly.

Zones and Zone Files

When you buy a domain (e.g., from GoDaddy), a zone file is created. This file contains all the DNS records associated with your domain.

When you update records from your domain dashboard (like editing an A or CNAME record), you’re modifying this file. Changes take effect once the TTL expires and new queries are made.

Reverse DNS (rDNS)

Reverse DNS (rDNS) maps IP addresses back to domain names (the opposite of normal DNS).

Why is rDNS important?

  • Email spam filtering — Validates that a mail server’s IP maps to a trusted domain.
  • Log readability — Server logs show domain names instead of raw IPs.
  • Diagnostics & trust — Helps identify the source of traffic and build trust with third-party services.
Types of DNS Resolvers

To efficiently perform lookups, DNS resolution is divided across different types of resolvers:

  1. Stub Resolver
  • Lives in your device (browser or OS)
  • Forwards queries to a full resolver

2. Recursive Resolver

  • Does the full DNS resolution by querying multiple upstream servers
  • Examples: Google DNS (8.8.8.8), Cloudflare (1.1.1.1), ISP resolvers

3. Iterative Resolver

  • Used between DNS servers
  • Responds with: “I don’t know, but try this server instead”

4. Caching Resolver

  • Stores previously resolved records
  • Reduces repeated lookups and improves speed
  • Honors the TTL value of each record

5. Authoritative Resolver

  • The final source of truth
  • Hosts and serves actual DNS records for a domain
Encrypted DNS: DoH and DoT

DNS queries are unencrypted by default, which makes them vulnerable to:

  • Snooping— ISPs or governments monitoring your traffic
  • Hijacking— Attackers redirecting you to malicious sites

To solve this, we have two secure DNS protocols:

DNS over HTTPS (DoH)

  • Encrypts DNS queries using standard HTTPS (port 443)
  • Harder to block or intercept
  • Used by browsers like Chrome and Firefox
  • Supported by Cloudflare and Google DNS

DNS over TLS (DoT)

  • Encrypts DNS queries over TLS (port 853)
  • Works at OS or router level
  • Supported by Android 9+, Linux distros, and privacy DNS providers

Both improve privacy and integrity of DNS communications.

Final Thoughts

That was a deep dive — but if you made it this far, you now understand how DNS works not just on the surface, but at a level where you can configure, debug, and optimize it confidently.

If this helped you understand DNS better, consider sharing this with a colleague or dev friend who’s curious about the internet’s plumbing.

Leave a Comment

Your email address will not be published. Required fields are marked *