You type www.google.com into your browser and hit Enter. The page loads in under a second.
But stop and think about what just happened. Your browser didn't know where Google lives on the internet. It had to ask. And in that fraction of a second, a surprisingly elegant chain of lookups took place behind the scenes.
That system is called DNS — the Domain Name System. Think of it as the internet's phonebook: it translates human-friendly names like www.google.com into machine-friendly IP addresses like 142.250.80.46. Without it, you'd have to memorise numbers to visit any website.
Let's walk through exactly what happens, step by step.
Step 1: You Type a URL — But What Does It Mean?
When you type www.bing.com, you're entering a domain name. Domain names have a structure — and reading them right-to-left tells you a lot:
www . bing . com
│ │ │
│ │ └── Top-Level Domain (TLD): category or country
│ └──────── Second-Level Domain (SLD): the brand/org name
└─────────────── Subdomain: a section of the site (optional)
Some real examples:
| Domain | TLD | SLD | Subdomain |
|---|---|---|---|
www.bing.com |
.com |
bing |
www |
news.bbc.co.uk |
.uk |
bbc |
news |
docs.github.com |
.com |
github |
docs |
TLDs indicate the type or origin of a site — .com for commercial, .edu for education, .in for India, and so on.
Step 2: Your Browser Checks Locally First
Before going anywhere on the internet, your browser does a quick local check — two of them, actually.
1. Browser cache
Modern browsers cache DNS results from previous lookups. If you visited bing.com five minutes ago, the browser already knows its IP and skips the entire lookup process.
2. The hosts file
Your operating system has a plain text file that maps domain names to IPs manually. On most systems it lives at:
-
Windows:
C:\Windows\System32\drivers\etc\hosts -
Mac/Linux:
/etc/hosts
It looks like this:
127.0.0.1 localhost
192.168.1.10 mydevserver.local
Developers use this all the time for local testing — mapping a production domain name to a local IP to test before going live.
If neither cache nor hosts has an answer, the real DNS lookup begins.
Step 3: Your OS Asks a Recursive Resolver
Your OS passes the query to a Recursive Resolver (sometimes called a Recursive DNS server). This is typically provided by your ISP, but you can override it with public ones:
| Provider | DNS Address |
|---|---|
8.8.8.8 |
|
| Cloudflare | 1.1.1.1 |
| OpenDNS | 208.67.222.222 |
Pro tip: Switching to
1.1.1.1(Cloudflare) or8.8.8.8(Google) can noticeably speed up DNS resolution and improve privacy over your ISP's default resolver.
The Recursive Resolver is the workhorse. It does all the legwork of finding the answer so your device doesn't have to.
Step 4: The Resolver Walks the DNS Hierarchy
If the Recursive Resolver doesn't have the answer cached, it begins a top-down walk through the DNS hierarchy. There are three layers:
Layer 1 — Root Servers
The resolver first contacts one of the 13 root server clusters distributed worldwide (operated by IANA, Verisign, NASA, and others). These servers don't know the final answer — they just know who to ask next.
The root server responds: "For .com domains, go talk to this TLD server."
Layer 2 — TLD Servers
The resolver contacts the TLD server for .com. Again, it doesn't have the final IP — but it knows which authoritative name server is responsible for bing.com.
Layer 3 — Authoritative Name Server
Finally, the resolver reaches the Authoritative Name Server for bing.com. This server holds the actual DNS records for the domain — and it returns the IP address.
The full journey looks like this:
Your Browser
│
▼
Recursive Resolver ──── checks cache ──► found? return it
│ (cache miss)
▼
Root Server ──────────────────────────► "ask the .com TLD server"
│
▼
TLD Server (.com) ────────────────────► "ask bing.com's name server"
│
▼
Authoritative Name Server (bing.com) ─► "the IP is 204.79.197.200"
│
▼
Recursive Resolver caches the result
│
▼
Your Browser connects to 204.79.197.200
Step 5: Caching Saves Everyone Time
Every response in that chain comes with a TTL (Time To Live) — a number in seconds that tells resolvers how long to cache the answer.
bing.com. 300 IN A 204.79.197.200
│
└── TTL: cache this for 300 seconds (5 minutes)
Once the answer is cached at the Recursive Resolver level, subsequent queries from anyone using that resolver skip the entire walk. This is why DNS is fast at scale even though the hierarchy seems deep.
When a site's IP changes (e.g. migrating servers), admins lower the TTL beforehand so the old IP expires quickly everywhere.
Bonus: Common DNS Record Types
DNS isn't just about IP addresses. A domain can have multiple record types:
| Record | Purpose | Example |
|---|---|---|
A |
Domain → IPv4 address | bing.com → 204.79.197.200 |
AAAA |
Domain → IPv6 address | bing.com → 2620:1ec:c11::200 |
CNAME |
Alias to another domain | www.bing.com → bing.com |
MX |
Mail server for a domain | bing.com → mail.bing.com |
TXT |
Arbitrary text (SPF, DMARC, verification) | "v=spf1 include:..." |
NS |
Name servers for the domain | bing.com → ns1.msft.net |
As a developer, you'll interact with all of these — especially A, CNAME, MX, and TXT — whenever you deploy an app, configure email, or verify domain ownership.
A Word on Modern DNS: DoH and DoT
Traditional DNS queries travel in plain text — anyone on the network (your ISP, a coffee shop router) can see every domain you resolve. Two modern protocols address this:
- DNS over HTTPS (DoH): Wraps DNS queries in HTTPS, making them indistinguishable from regular web traffic
- DNS over TLS (DoT): Encrypts DNS on port 853
Both Chrome and Firefox support DoH natively. Cloudflare's 1.1.1.1 and Google's 8.8.8.8 support both. Worth enabling if privacy matters to your users or your app.
The Full Picture
Here's the complete DNS resolution flow in one view:
1. User types www.bing.com
2. Browser cache? → Hit: done. Miss: continue.
3. OS hosts file? → Hit: done. Miss: continue.
4. Recursive Resolver cache? → Hit: done. Miss: continue.
5. Root Server → points to .com TLD Server
6. TLD Server → points to bing.com Authoritative Server
7. Authoritative Server → returns 204.79.197.200
8. Resolver caches result (TTL)
9. Browser connects to 204.79.197.200
10. Page loads
All of this typically completes in 20–120 milliseconds.
Wrapping Up
DNS is one of those invisible foundations that the entire web sits on. As a developer you'll hit it constantly — debugging propagation delays after a deploy, setting up custom domains, configuring email records, or hardening your app's privacy with DoH.
Understanding the hierarchy (Root → TLD → Authoritative) and the role of caching and TTLs takes a lot of the mystery out of those moments when "the DNS hasn't propagated yet."
Next time you type a URL, you'll know exactly what's happening in those milliseconds.
By Jino R Krishnan — Full Stack Developer
Top comments (0)