Code Safari

Chapter 103·Beginner·10 min read

How DNS Works: The Internet's Phonebook, Explained

How does DNS turn a domain name into an IP address? A plain-English walkthrough of the Domain Name System — resolvers, root, TLD and authoritative servers, the role of caching and TTL, and why DNS is both essential infrastructure and a single point of failure.

August 1, 2026

The last chapter established the internet's uncomfortable truth: it runs on numbers, not names. But you don't type 93.184.216.34 — you type example.com. Something has to bridge the two, translating every human-friendly name into the numeric address the network can actually route to. That something is DNS, the Domain Name System, and it is one of the most quietly heroic systems ever built.

It's often called the internet's phonebook, which is close — but a phonebook is one static book. DNS is a live, distributed, globally-replicated directory that answers trillions of queries a day, and it does so through an elegant relay you're about to trace.

The problem DNS solves

Names are for humans; addresses are for machines; and neither is going away. Names need to be memorable and stable (example.com forever). Addresses need to be routable and are allowed to change (the site might move servers next year). DNS is the indirection layer that lets each be good at its own job — the names-vs-numbers split from earlier, made into infrastructure.

Naively, you might imagine one giant table mapping every name to every address. That's impossible: there are hundreds of millions of domains, changing constantly, queried billions of times a second from everywhere on Earth. No single machine could hold it, serve it, or keep it current. So DNS does something cleverer — it distributes the directory into a hierarchy.

The lookup: a four-hop relay

When your browser needs the address for example.com, it doesn't ask one server — it triggers a chain. The workhorse is your resolver (usually run by your ISP or a public service like 1.1.1.1 or 8.8.8.8), which does the legwork on your behalf:

Resolver: who knows .com?
Root server: ask the .com servers
.com server: ask example.com’s servers
example.com server: here’s the IP
A DNS resolution, read right to left as a name: com → example → (host).

Read the domain right to left, because that's the order DNS resolves it:

  1. Root servers — the top of the tree. They don't know example.com's address, but they know who's responsible for every top-level domain. Asked about .com, they say: "talk to the .com servers."
  2. TLD servers — the servers for the top-level domain .com. They don't know the final address either, but they know which servers are authoritative for example.com. They reply: "talk to example.com's nameservers."
  3. Authoritative servers — the servers that actually hold example.com's records, run by (or for) whoever owns the domain. They give the definitive answer: "example.com is 93.184.216.34."

Four hops — resolver → root → TLD → authoritative — and your resolver hands the address back to your browser. It sounds like a lot of round-trips, and it would be, if it happened every time. It almost never does.

Caching: why DNS is fast

The four-hop relay is the worst case. In practice, the overwhelming majority of lookups are answered from a cache long before reaching an authoritative server.

Every level caches answers: your browser, your operating system, and especially your resolver all remember recent lookups. Since millions of people request example.com, your resolver has almost certainly looked it up already and can answer in under a millisecond without touching root, TLD, or authoritative servers at all.

This layered caching is what makes DNS both massively scalable and fast. The hierarchy means no server holds too much; the caching means most queries never travel far.

What lives in DNS besides addresses

DNS stores several kinds of records, not just name-to-IPv4 mappings. A few you'll meet:

RecordMaps a name to…Used for
AAn IPv4 addressThe classic name → address lookup
AAAAAn IPv6 addressThe IPv6 equivalent
CNAMEAnother nameAliasing (www.example.comexample.com)
MXA mail serverRouting email for the domain
NSThe authoritative nameserversDelegating who answers for the domain

So DNS is more than a phonebook — it's the domain's public directory of how to reach it for web, email, and more.

The keystone problem

DNS's distributed, cached design makes it remarkably robust. But it has an unavoidable property: if a site's DNS can't be resolved, the site is unreachable — even though the site itself is running perfectly.

This is why "DNS is down" and "the internet is down" feel identical to users. The web server is up, healthy, serving pages to anyone who reaches it — but nobody can find its address, so to the world it's gone. Some of the largest internet outages in history were DNS failures: the servers were fine; the phonebook broke. It's the price of the indirection that makes everything else flexible — a single, quiet keystone that the entire experience of the web rests on.

Recap

  • DNS translates names into IP addresses — the bridge between human-friendly example.com and the numbers the network routes on.
  • It's a distributed hierarchy, not one table: a lookup relays through root → TLD → authoritative servers, each knowing only who to ask next.
  • Your resolver does this legwork, but caching at every level (governed by each record's TTL) means most lookups are answered instantly without the full journey.
  • DNS holds several record types (A, AAAA, CNAME, MX, NS) — it's the domain's whole public directory, not just its address.
  • DNS is a single point of failure: when it breaks, healthy sites become unreachable — which is why DNS outages take down huge swaths of the web.

You've got an address and you know how names become one. Now the deeper question: how is your data actually moved to that address? Continue to Packet switching, explained.

How DNS Works: The Internet's Phonebook, Explained | Code Safari