How DNS Works Cheatsheet
Comprehensive guide to DNS resolution covering the complete process from browser DNS cache, recursive DNS servers, root nameservers, TLD servers, authoritative nameservers, and how domain names are translated to IP addresses.
Free account required
What is DNS?
DNS (Domain Name System) is like the internet's phone book. It translates human-readable domain names (like midteknologi.com) into IP addresses (like 192.0.2.1) that computers use to identify each other on the network. Without DNS, we'd have to remember numerical IP addresses for every website we want to visit! Want to check how DNS resolves for your domain? Try our free DNS lookup tool to see real-time resolution data.
Table of Contents
DNS Resolution Process (10 Steps)
The Complete Journey: From URL to Website
When you type midteknologi.com in your browser,
here's the fascinating journey that happens in milliseconds:
You enter midteknologi.com
in your browser's address bar. The browser needs to find the IP address to connect to the website.
First, the browser checks its own DNS cache. If you've visited this site recently, the IP might already be stored. The operating system also checks its local DNS cache.
# View DNS cache (Windows)
ipconfig /displaydns
# View DNS cache (Linux/Mac)
sudo killall -INFO mDNSResponderIf not in cache, the request goes to your ISP's recursive DNS server (also called DNS resolver). This server will do the heavy lifting of finding the IP address for you.
The ISP's recursive DNS server checks its own cache. If found, it returns the IP address immediately. If not found, it queries the root nameservers.
The ISP DNS server queries one of the 13 root nameservers. The root server doesn't know the IP,
but it knows which TLD (Top-Level Domain) nameserver to ask for .com domains.
The root nameserver responds: "I don't know midteknologi.com, but the .com TLD nameservers do. Ask them at this address."
The ISP DNS server now queries the .com TLD nameserver. The TLD server maintains information about all domains under .com extension.
The .com TLD nameserver responds: "I don't have the IP, but I know which authoritative nameserver is responsible for midteknologi.com domain. Here's the address."
The ISP DNS server queries the authoritative nameserver for midteknologi.com. This server has the definitive DNS records for the domain.
The authoritative nameserver returns the actual IP address (e.g., 192.0.2.1). The ISP DNS server caches this information and returns it to your browser. Your browser can now connect to the website!
# Example DNS A Record Response
midteknologi.com. 300 IN A 192.0.2.1How Fast Is This?
This entire process typically takes 20-120 milliseconds without caching, and less than 10ms with caching. That's why you don't notice the delay when browsing!
DNS Server Hierarchy
1 Root Name Servers (.)
The top of the DNS hierarchy. There are 13 logical root servers (A-M) operated by different organizations, distributed worldwide using Anycast for redundancy.
# Query root server
dig @a.root-servers.net com. NS2 TLD (Top-Level Domain) Name Servers
Manage all domains under specific TLD extensions. Different organizations manage different TLDs.
# Query TLD nameserver
dig @a.gtld-servers.net midteknologi.com NS3 Authoritative Name Servers
The final authority for a specific domain. These servers contain the actual DNS records (A, AAAA, MX, CNAME, TXT, etc.) for the domain and can definitively answer queries about it.
# Find authoritative nameservers
dig midteknologi.com NS
# Query authoritative nameserver directly
dig @ns1.cloudflare.com midteknologi.com A0 Recursive DNS Resolvers (ISP/Public DNS)
Not part of the DNS hierarchy, but act as intermediaries. They query the hierarchy on your behalf, cache results, and handle the recursive lookup process. When choosing a VPS provider, consider their DNS infrastructure for reliable and fast name resolution.
DNS Caching Mechanism
DNS caching happens at multiple levels to improve performance and reduce load on DNS servers. Each cache has a TTL (Time To Live) that determines how long records are stored.
1 Browser DNS Cache
Modern browsers maintain their own DNS cache for recently visited websites. Typically cached for 1 minute.
# Chrome: View DNS cache
chrome://net-internals/#dns
# Firefox: View DNS cache
about:networking#dns
# Clear browser DNS cache
chrome://net-internals/#dns → "Clear host cache"2 Operating System DNS Cache
Your OS caches DNS records to avoid repeated lookups. Cache duration varies by OS.
# Windows: View DNS cache
ipconfig /displaydns
# Windows: Clear DNS cache
ipconfig /flushdns
# Linux: Clear DNS cache (systemd-resolved)
sudo systemd-resolve --flush-caches
# macOS: Clear DNS cache
sudo dscacheutil -flushcache
sudo killall -HUP mDNSResponder3 Recursive Resolver Cache (ISP/Public DNS)
ISP and public DNS servers cache responses for the TTL period specified in DNS records. This is the most important cache layer.
midteknologi.com. 3600 IN A 192.0.2.1
↑
TTL (3600 seconds = 1 hour)Common TTL values: 300s (5 min), 3600s (1 hour), 86400s (24 hours)
4 Router DNS Cache
Some routers cache DNS queries for devices on the local network. Less common but can add another caching layer.
# Restart router to clear cache
# Or access router admin panel to flush DNS cacheWhy Caching Matters
- Performance: Reduces DNS lookup time from 20-120ms to <10ms - see how different hosting providers perform
- Reduced Load: Fewer queries to upstream DNS servers
- Reliability: Provides fallback if authoritative servers are temporarily unavailable
- Bandwidth: Saves network bandwidth by avoiding repeated queries - monitor with our performance dashboard
DNS Query Types
1. Recursive Query
The client (browser) asks the DNS resolver to find the answer and expects a complete response. The resolver does all the work of querying multiple servers.
DNS Resolver → Client: "It's 192.0.2.1" (or "Not found")
2. Iterative Query
The DNS resolver makes multiple queries to different servers. Each server returns the best answer it has, which might be a referral to another server.
3. Non-Recursive Query
Query to a DNS server for a record it already has cached or is authoritative for. No additional queries needed.
# Query authoritative nameserver directly (non-recursive)
dig @ns1.cloudflare.com midteknologi.com A +norecurse| Query Type | Who Uses It | Response |
|---|---|---|
| Recursive | Client → DNS Resolver | Definitive answer or error |
| Iterative | DNS Resolver → DNS Servers | Best answer or referral |
| Non-Recursive | Any → Authoritative/Cached | Direct answer from cache/authority |
DNS Troubleshooting Tools
dig (Domain Information Groper)
Most powerful DNS lookup tool for detailed queries
# Basic A record lookup
dig midteknologi.com
# Query specific record type
dig midteknologi.com MX
dig midteknologi.com AAAA
# Query specific DNS server
dig @8.8.8.8 midteknologi.com
# Trace full DNS resolution path
dig +trace midteknologi.com
# Short answer only
dig +short midteknologi.com
# Reverse DNS lookup
dig -x 192.0.2.1
# Query all DNS records
dig midteknologi.com ANYnslookup (Name Server Lookup)
Simple DNS lookup tool available on all platforms
# Basic lookup
nslookup midteknologi.com
# Query specific DNS server
nslookup midteknologi.com 8.8.8.8
# Query specific record type
nslookup -type=MX midteknologi.com
nslookup -type=NS midteknologi.com
# Interactive mode
nslookup
> set type=A
> midteknologi.com
> exithost (DNS Lookup Utility)
Simple and fast DNS lookup tool
# Basic lookup
host midteknologi.com
# Query specific DNS server
host midteknologi.com 8.8.8.8
# Verbose output
host -v midteknologi.com
# Query all records
host -a midteknologi.com
# Reverse DNS lookup
host 192.0.2.1Online DNS Tools
Need a quick DNS lookup? Use our free DNS Lookup Tool for instant results. Or check out these other popular DNS diagnostic services:
Common DNS Issues
Domain doesn't resolve to any IP address
# Check if DNS servers are responding
dig @8.8.8.8 midteknologi.com
dig @1.1.1.1 midteknologi.comChanged DNS records but not updated everywhere (TTL issue)
# Check TTL value
dig midteknologi.com | grep -A1 "ANSWER SECTION"
# Wait for TTL to expire, then flush local cacheResolves to incorrect IP (cached or misconfigured)
# Flush DNS cache
ipconfig /flushdns # Windows
sudo systemd-resolve --flush-caches # LinuxBest Practices & Optimization
DNS Configuration Best Practices
- Use Multiple Nameservers: Configure at least 2 authoritative nameservers for redundancy
- Set Appropriate TTL: Balance between caching benefits (high TTL) and change flexibility (low TTL)
- Lower TTL Before Changes: Reduce TTL to 300s (5 min) 24-48 hours before planned DNS changes
- Use Public DNS for Better Performance: Consider Cloudflare (1.1.1.1) or Google (8.8.8.8) for faster resolution
- Implement DNSSEC: Add DNS Security Extensions for authentication and integrity
- Monitor DNS Performance: Track resolution time and availability using monitoring tools or our performance dashboard
- Use CDN with DNS: Combine DNS with CDN for optimal global performance - compare providers with CDN support
- Avoid Single Point of Failure: Distribute nameservers across different networks and geographic locations
Recommended TTL Values
| Scenario | TTL | Reason |
|---|---|---|
| Production (Stable) | 3600-86400s (1-24h) | Reduce DNS queries, better caching |
| Before Changes | 300-600s (5-10min) | Quick propagation of upcoming changes |
| During Migration | 60-300s (1-5min) | Fast rollback if issues occur |
| Testing/Development | 60-300s (1-5min) | Frequent changes, quick testing |
| Load Balancing/CDN | 30-300s (0.5-5min) | Dynamic traffic distribution |
DNS Security Tips
- Enable DNSSEC to prevent DNS spoofing and cache poisoning
- Use DNS over HTTPS (DoH) or DNS over TLS (DoT) for privacy
- Implement rate limiting on authoritative nameservers
- Monitor for DNS amplification attacks
- Keep DNS software updated to latest security patches
- Use separate nameservers for internal and external DNS
Related Cheatsheets
Expand your networking knowledge with these related guides:
DNS Record Types
Learn about A, AAAA, MX, CNAME, TXT records and more
Linux Networking
Essential commands for network configuration and troubleshooting
DHCP Guide
Understanding Dynamic Host Configuration Protocol
IP Command Cheatsheet
Modern Linux network configuration with ip command
curl Cheatsheet
HTTP requests and API testing with curl
TCP Handshake
Deep dive into TCP three-way handshake process
Need Fast DNS Resolution for Your Applications?
DNS resolution speed directly impacts your website's performance. Check our VPS benchmarks to find providers with the best network connectivity and DNS resolution times, or use our DNS lookup tool to test your current setup.