Infrastructure

DNS Servers Explained

The global DNS is built on a hierarchy of specialized server types working together to translate domain names into addresses in milliseconds.

Server Types

The Four Types of DNS Servers

Each plays a distinct role in the resolution process

The "librarian" of DNS. When your device needs an IP address, the recursive resolver does the work — querying other servers on your behalf until it has the answer.

Recursive resolvers cache responses per their TTL to reduce latency for subsequent queries. They are sometimes called "full-service resolvers."

Examples:

Google Public DNS (8.8.8.8)
Cloudflare (1.1.1.1)
Your ISP resolver

Learn More →

The starting point of every DNS query. There are 13 root server addresses (A through M) operated by 12 independent organizations, hosted on hundreds of anycast nodes worldwide.

Root servers don't know the final answer — they direct resolvers to the appropriate TLD nameserver (e.g., the .com nameserver).

Examples:

a.root-servers.net
b.root-servers.net
…m.root-servers.net

Learn More →

Manages the second level of delegation. Each TLD (.com, .net, .org, .guru) has its own set of nameservers that know which authoritative servers are responsible for each domain within that TLD.

When you register a domain, the registrar notifies the TLD nameservers of your authoritative nameservers.

Examples:

Verisign operates .com/.net
PIR operates .org
ICANN coordinates

Learn More →

The final authority for a domain's DNS records. When you configure DNS at your registrar or hosting provider, you are editing records stored on authoritative nameservers.

Only the authoritative nameserver can answer definitively for a zone. Recursive resolvers cache the answer but always eventually trace back to here.

Examples:

ns1.yourhostingprovider.com
ns2.yourhostingprovider.com

Learn More →

How Resolution Works

The DNS Lookup Journey

A step-by-step walkthrough of what happens when you type a URL

Local Cache Check

Your OS checks its DNS cache and the hosts file. If a recent answer exists within its TTL, it returns immediately.

ipconfig /displaydns    (Windows)
nss-lookup             (Linux)
scutil --dns           (macOS)

Recursive Resolver Query

If the cache misses, your OS queries the configured recursive resolver (e.g., 8.8.8.8). The resolver checks its own cache first.

Root Server Referral

If the resolver doesn't know the answer, it queries a root nameserver. The root responds: "I don't know, but here are the .guru TLD nameservers."

TLD Server Referral

The resolver queries the .guru TLD nameservers. They respond: "I don't know the IP, but here are the authoritative nameservers for thedns.guru."

Authoritative Answer

The resolver queries the authoritative nameserver. It responds with the actual A or AAAA record containing the IP address.

Cache & Return

The resolver caches the answer for the record's TTL duration, then returns it to your device. Your browser connects.

Zone Files

Anatomy of a DNS Zone File

A zone file is the database of DNS records stored on an authoritative nameserver. It defines every record for a domain in a standardized text format specified in RFC 1035.

SOAStart of Authority — zone metadata & serial

NSNameserver records for delegation

A/AAAAAddress records (IPv4 / IPv6)

CNAMECanonical name alias

MXMail exchanger with priority

TXTText records for SPF, DKIM, verification

$ORIGIN thedns.guru.
$TTL 3600

; SOA — Start of Authority
@    IN  SOA   ns1.example.com. admin.thedns.guru. (
              2024041201  ; serial
              3600        ; refresh
              900         ; retry
              604800      ; expire
              300 )       ; minimum TTL

; Nameservers
@    IN  NS    ns1.example.com.
@    IN  NS    ns2.example.com.

; Address records
@    IN  A     203.0.113.42
www  IN  CNAME thedns.guru.
mail IN  A     203.0.113.50

; Mail
@    IN  MX  10  mail.thedns.guru.

; Verification / Email Auth
@    IN  TXT   "v=spf1 ip4:203.0.113.0/24 ~all"

Caching

Understanding TTL

Time-to-Live controls how long DNS responses are cached

Short TTL (60–300s)

Use before planned DNS changes. Lower TTL means faster propagation when you update records, but increases resolver load.

Common use: Pre-migration, load balancing, failover

Medium TTL (1h–4h)

Balanced approach for most production records. Sufficient caching while allowing changes to propagate within hours.

Common use: MX records, A records for web servers

Long TTL (24h+)

Maximum caching benefit. Significantly reduces DNS query volume. Only use when records are stable and rarely change.

Common use: NS records, SOA, stable infrastructure IPs