domain name system (DNS)

The domain name system (DNS) is a naming database in which internet Domain names are located and translated into internet protocol (IP) addresses. The domain name system maps the name people use to locate a website to the IP address that a computer uses to locate a website. For example, if someone types into a web browser, a server behind the scenes will map that name to the corresponding IP address, something similar in structure to

Web browsing and most other internet activities rely on DNS to quickly provide the information necessary to connect users to remote hosts. DNS mapping is distributed throughout the internet in a hierarchy of authority. Access providers and enterprises, as well as governments, universities and other organizations, typically have their own assigned ranges of IP addresses and an assigned domain name. They also typically run DNS servers to manage the mapping of those names to those addresses. Most URLs are built around the domain name of the web server that takes client requests. 

How DNS works

DNS servers answer questions from both inside and outside their own domains. When a server receives a request from outside the domain for information about a name or address inside the domain, it provides the authoritative answer. When a server receives a request from inside its own domain for information about a name or address outside that domain, it passes the request out to another server. Usually, this server is one managed by its internet service provider (ISP). If that server does not know the answer or the authoritative source for the answer, it will reach out to the DNS servers for the top-level domain -- e.g., for all of .com or .edu. Then, it will pass the request down to the authoritative server for the specific domain -- e.g., or The answer will flow back along the same path.

DNS structure

A domain name is made of multiple parts, called labels. The domain hierarchy is read from right to left with each section denoting a subdivision. The top-level domain is what appears after the period in the domain name. A few examples of top-level domains are .com, .org and .edu, but there are many others that can be used. Some may denote a country code or geographic location such as .us for the United States or .ca for Canada.

Each label to the left denotes another subdomain to the right. So for example, “techtarget” is a subdomain of .com. and “www.” is a subdomain of There can be up to 127 levels of subdomains, and each label can have up to 63 characters. The total domain character length can have up to 253 characters. Other rules include not starting or ending labels with hyphens and not having a fully numeric top-level domain name.

The Internet Engineering Task Force (IETF) has specified rules considering domain names in RFC 1035, 1123, 2181 and 5892.

How DNS works

How does DNS increase web performance?

To promote efficiency, servers can cache the answers they receive for a set amount of time. This allows them to respond more quickly the next time a request for the same lookup comes in. For example, if everyone in an office needs to access the same training video on a particular website on the same day, the local DNS server will ordinarily only have to resolve the name once, and then it can serve all the other requests out of its cache. The length of time the record is held, or the time to live, is configurable. Longer values decrease the load on servers, shorter values ensure the most accurate responses.

DNS security

DNS does have a few vulnerabilities that have been discovered over time. DNS cache poisoning is one such vulnerability. In DNS cache poisoning, data is distributed to caching resolvers, posing as an authoritative origin server. The data can then present false information and can effect the time to live. Actual application requests can also be redirected to a malicious host network.

An individual with malicious intent can create a dangerous website with a misleading title to try and convince users that the website they are on is real, giving the individual access to the user's information. By replacing a character in a domain name with a similar looking character—such as the number one “1” and a lowercase L “l,” which may look similar depending on the font—a user could be fooled into selecting a false link. This is commonly exploited with phishing attacks.

Individuals can use DNS Security Extensions (DNSSEC) to for security, which can support cryptographically signed responses.

This was last updated in July 2019

Continue Reading About domain name system (DNS)

Dig Deeper on Network Infrastructure