DNS translates a human-friendly name such as example.com into the IP address that the network needs to route packets to the right server. It is the Internet's phone book, and it does this lookup through a distributed hierarchy of servers with heavy caching so it scales to the entire Internet.

Why is DNS distributed instead of one big server?

A single server could not handle the volume of queries, would be a single point of failure, and could not be administered by all the world's organizations. DNS instead delegates authority over parts of the name space to many servers and caches results widely, so the load and control are spread out and the system is resilient.

Domain Name System

The Domain Name System is the Internet's distributed directory, translating human-readable domain names into the IP addresses that the network needs, through a hierarchy of delegated authoritative servers and pervasive caching.

Definition

The Domain Name System is a hierarchical, distributed naming service that maps domain names to IP addresses and other records, implemented by a network of delegated authoritative name servers and caching resolvers.

Scope

This topic covers the DNS: its hierarchical name space and zones; the roles of root, top-level-domain, and authoritative name servers; recursive and iterative resolution; resource records (such as A, AAAA, NS, MX, and CNAME); caching and time-to-live values that make the system scale; and DNS's reliance on UDP for most queries. It also notes DNS's role beyond simple lookup, such as in load distribution and CDN redirection. It excludes the application protocols and content-delivery systems that depend on it.

Core questions

Why does the Internet need a naming system separate from IP addresses?
How is the DNS name space organized hierarchically into zones and delegations?
How do recursive and iterative queries resolve a name to an address?
How do caching and time-to-live values make DNS scalable and fast?
What resource record types does DNS use, and what does each represent?

Key concepts

domain name hierarchy
zones and delegation
root, TLD, and authoritative servers
recursive and iterative resolution
resource records (A, AAAA, NS, MX, CNAME)
caching and time-to-live (TTL)
DNS over UDP
DNS-based load distribution

Key theories

Hierarchical, delegated naming: DNS partitions the name space into a tree of domains and delegates authority for subtrees to different organizations' name servers, so no single entity must know all names and administration is distributed.
Resolution and caching: A resolver answers a query by following the hierarchy from root to authoritative servers, then caches the result for its time-to-live; aggressive caching means most lookups never reach the authoritative servers, which is essential to DNS's scalability.

Clinical relevance

DNS is a critical dependency of almost every online interaction: web browsing, email, and application connections begin with a name lookup, so DNS performance and availability shape user experience, and DNS outages cascade across services. DNS is also used to steer users to nearby servers for content delivery and load balancing, and its security (via DNSSEC and encrypted DNS) is an active concern.

History

Before DNS, host names were mapped to addresses by a single shared file that did not scale. Paul Mockapetris designed the Domain Name System in the mid-1980s (RFCs 1034 and 1035, 1987) as a distributed, hierarchical alternative. DNS has since grown enormously, adding record types, internationalized names, security extensions (DNSSEC), and encrypted transport, while remaining architecturally faithful to its original design.

Debates

Encrypted DNS versus operational visibility: Encrypting DNS queries (DNS over HTTPS/TLS) protects user privacy from on-path observers, but it also reduces network operators' visibility used for filtering and troubleshooting and can centralize resolution in a few large providers; the trade-off between privacy and control is debated.

Key figures

Paul Mockapetris
James F. Kurose
Keith W. Ross

Seminal works

rfc1034
rfc1035
kurose2021

Frequently asked questions

What does DNS do?: DNS translates a human-friendly name such as example.com into the IP address that the network needs to route packets to the right server. It is the Internet's phone book, and it does this lookup through a distributed hierarchy of servers with heavy caching so it scales to the entire Internet.
Why is DNS distributed instead of one big server?: A single server could not handle the volume of queries, would be a single point of failure, and could not be administered by all the world's organizations. DNS instead delegates authority over parts of the name space to many servers and caches results widely, so the load and control are spread out and the system is resilient.