In simple terms, a Domain Name System (DNS) is a collection of databases that translate hostnames to IP addresses.
DNS is often referred to as the internet’s phone book because it converts easy-to-remember hostnames like www.google.com, to IP addresses like 216.58.217.46. This takes place behind the scenes after you type a URL into a web browser’s address bar.
Without DNS (and especially search engines like Google), navigating the internet wouldn’t be easy since we’d have to enter the IP address of each website we want to visit.
How Does DNS Work?
If it still isn’t clear, the basic concept for how DNS does its job is rather simple: each website address entered into a web browser (like Chrome or Firefox) is sent to a DNS server, which understands how to map that name to its proper IP address.
It’s the IP address that devices use to communicate with one another since they can’t and don’t relay information using a name like www.google.com, www.youtube.com, etc. We get to simply enter the simple name to these websites while DNS does all the lookups for us, giving us near-instant access to the proper IP addresses needed to open the pages we want.
Again, www.microsoft.com, www.lifewire.com, www.amazon.com, and every other website name is only used for our convenience because it’s much easier to remember those names than to remember their IP addresses.
Computers called root servers are responsible for storing the IP addresses for every top-level domain. When a website is requested, it’s the root server that processes that information first in order to identify the next step in the lookup process. Then, the domain name is forwarded to a Domain Name Resolver (DNR), which is located within an ISP, to determine the correct IP address. Finally, this information is sent back to the device you requested it from.
How to Flush DNS
Operating systems like Windows and others will store IP addresses and other information about hostnames locally so that they can be accessed quicker than having to always reach out to a DNS server. When the computer understands that a certain hostname is synonymous with a certain IP address, that information is allowed to be stored, or cached on the device.
While remembering DNS information is helpful, it can sometimes become corrupted or outdated. Normally the operating system removes this data after a certain period of time, but if you’re having troubles accessing a website, and you suspect it’s due to a DNS issue, the first step is to force-delete this information to make room for new, updated DNS records.
You should be able to simply reboot your computer if you’re having troubles with DNS because the DNS cache isn’t retained through a reboot. However, flushing out the cache manually in place of a reboot is much quicker.
You can flush the DNS in Windows through Command Prompt with the ipconfig /flushdns command. The website What’s My DNS? has instructions on doing this on macOS and Linux.
It’s important to remember that, depending on how your specific router is set up, DNS records might be stored there, too. If flushing the DNS cache on your computer doesn’t fix your DNS problem, you should definitely try restarting your router to flush that DNS cache.
Malware Can Affect DNS Entries
Given that DNS is responsible for directing hostnames to certain IP addresses, it should be obvious that it’s a prime target for malicious activity. Hackers can redirect your request for a normal functioning resource to one that’s a trap for collecting passwords or serving malware.
Entries in the hosts file aren’t removed when the DNS cache is wiped clean. You must edit the hosts file to eliminate hostnames and IP addresses that are stored there.
DNS poisoning and DNS spoofing are terms used to describe an attack on a DNS resolver’s cache for the purpose of redirecting a hostname to a different IP address than what is truthfully assigned to that hostname, effectively redirecting where you intended to go. This is normally done in an effort to take you to a website that’s full of malicious files or to perform a phishing attack for tricking you into accessing a similar-looking website in order to steal your login credentials.
Most DNS services provide protection against these types of attacks.
Another way for attackers to affect DNS entries is to use the hosts file. This is a locally stored file that was used in place of DNS before DNS actually become a widespread tool for resolving hostnames, but the file still exists in popular operating systems. Entries stored in that file override DNS server settings, so it’s a common target for malware.
A simple way to protect the hosts file from being edited is to mark it as a read-only file. In Windows, just navigate to the folder that has the hosts file (below), right-click it or tap-and-hold, choose Properties, and then place a check in the box next to the Read-only attribute.
%Systemdrive%\Windows\System32\drivers\etc\
More Information on DNS
The ISP that’s currently serving you internet access has assigned DNS servers for your devices to use (if you’re connected with DHCP), but you aren’t forced to stick with those servers. See this list of Free and Public DNS Servers for some examples of alternative DNS servers.
Other servers might provide logging features to track visited websites, advertisement blockers, adult website filters, and other features. You might even have luck increasing your internet speed by changing your DNS servers.
Whether a computer is using DHCP to get an IP address or if it’s using a static IP address, you can still define custom DNS servers. However, if it’s not set up with DHCP, you must specify the DNS servers it should use.
Explicit DNS server settings take precedence over implicit, top-down settings. In other words, it’s the DNS settings closest to a device that the device uses. For example, if you change the DNS server settings on your router to something specific, then all devices connected to said router will also use those DNS servers. However, if you then change the DNS server settings on a PC to something different, that computer will be using different DNS servers than all the other devices connected to the same router.
This is the reason that a corrupted DNS cache on your computer can prevent websites from loading even if the same ones open normally on a different computer on the same network.
Most internet connected devices give you the freedom to not only view DNS settings, but also change them. Learn How to Change DNS on Android or How to Change Your Mac’s DNS Settings for more on that.
Putting it All Together
Although the URLs we normally enter into our web browsers are the easy-to-remember names like www.lifewire.com, you can instead use the IP address that the hostname points to, like https://151.101.1.121) to access the same website. This is because you’re still accessing the same server either way—one method (using the name) is just easier to remember.
On that note, if there’s ever some sort of issue with your device contacting a DNS server, you could bypass it by entering the IP address into the address bar instead of the hostname. Most people don’t keep a local list of IP addresses that correspond to hostnames, though, because after all, that’s the entire purpose of using a DNS server in the first place.
The “phone book” lookup that determines the IP address based on the hostname is called a forward DNS lookup. The opposite, a reverse DNS lookup, is something else that can be done with DNS servers. This is when a hostname is identified by its IP address. This type of lookup relies on the idea that the IP address associated with that particular hostname is a static IP address.
This doesn’t work with every website and IP address since some web servers have shared hosting set up, which means that accessing the server’s IP address through a web browser doesn’t describe which page, specifically, should open.
DNS databases store lots of things in addition to IP addresses and hostnames. If you’ve ever set up email on a website or transferred a domain name, you may run into terms like domain name aliases (CNAME) and SMTP mail exchangers (MX).
- How do you change DNS servers?
- To change DNS servers in Windows, you can use the Command Prompt or go through Windows Settings. Using Settings is preferable if you aren’t comfortable using a command line.
- How do you find DNS servers?
- There are many different DNS servers out there, so you can look through lists of DNS servers until you find one you like. Lifewire has a list with recommendations for the best free DNS servers out there.
- What is dynamic DNS?
- Unlike DNS, which only works with static IP addresses, dynamic DNS (or DDNS) also supports dynamic IP addresses. As a result, you can use a DDNS service to host your website from your home or remotely manage your home network.
To change DNS servers in Windows, you can use the Command Prompt or go through Windows Settings. Using Settings is preferable if you aren’t comfortable using a command line.
There are many different DNS servers out there, so you can look through lists of DNS servers until you find one you like. Lifewire has a list with recommendations for the best free DNS servers out there.
Unlike DNS, which only works with static IP addresses, dynamic DNS (or DDNS) also supports dynamic IP addresses. As a result, you can use a DDNS service to host your website from your home or remotely manage your home network.
Get the Latest Tech News Delivered Every Day