Every time we type something like google.com into a browser, the browser has no idea what that means. Computers only understand IP addresses — numbers like 142.250.190.14. So something needs to translate that human-friendly name into an IP address. That something is DNS — the Domain Name System.
Think of DNS as the phonebook of the internet. We know a person’s name, but we need their phone number to call them. DNS does exactly that — we give it a domain name, it gives us back an IP address.
The DNS Resolution Flow
When we hit example.com in the browser, here’s what actually happens behind the scenes:
The resolver walks down this chain, and once it gets the answer, it caches it so future lookups are instant.
DNS Record Types
DNS doesn’t just store IP addresses. There are several record types, each serving a different purpose:
- A — Maps a domain to an IPv4 address (
example.com → 93.184.216.34) - AAAA — Maps a domain to an IPv6 address (
example.com → 2606:2800:220:1:...) - CNAME — Alias for another domain (
www.example.com → example.com). It’s like a redirect at the DNS level. - MX — Mail exchange. Points to the mail server for a domain (
example.com → mail.example.com). This is how email knows where to go. - TXT — Text records used for verification, SPF (email spam prevention), and domain ownership proof.
- NS — Nameserver records. Tells us which DNS servers are authoritative for a domain.
TTL and DNS Caching
Every DNS record comes with a TTL (Time to Live) — a number in seconds that tells resolvers how long to cache the record. A TTL of 3600 means “cache this for 1 hour.”
This is why DNS changes don’t take effect immediately. When we update a record, old cached copies stick around until their TTL expires. This is called DNS propagation and it can take anywhere from minutes to 48 hours depending on the TTL values involved.
# Check the TTL of a domain's A record
dig example.com A
# Output includes something like:
# example.com. 3600 IN A 93.184.216.34
# ^^^^
# TTL in seconds (1 hour)Practical Commands
Two essential tools for debugging DNS: dig and nslookup.
# dig — the go-to DNS debugging tool
dig pman47.cc # look up A record
dig pman47.cc MX # look up mail records
dig pman47.cc +short # just show the IP, no extra info
dig @8.8.8.8 pman47.cc # query Google's DNS specifically
# nslookup — simpler, works on all platforms
nslookup pman47.cc # basic lookup
nslookup -type=MX pman47.cc # look up mail recordsdig gives us way more detail (TTL, authoritative server, query time), while nslookup is quicker for a fast check. On macOS and Linux, dig is usually pre-installed. On Windows, nslookup is the default.
Why DNS Matters for Deployments
When we deploy a new site or change hosting providers, we need to update DNS records to point to the new server. A few things to keep in mind:
- Lower the TTL first. Before a migration, drop the TTL to something like 60 seconds a day in advance. That way, when we flip the DNS record, the old IP won’t be cached for hours.
- DNS propagation delays mean not everyone sees the change at the same time. Some ISPs are faster than others.
- Always verify with
digafter making changes to confirm the records have propagated.
# After updating DNS, check propagation
dig pman47.cc +short
# Should show the new IP address
# Check from a specific DNS resolver to compare
dig @1.1.1.1 pman47.cc +short # Cloudflare's resolver
dig @8.8.8.8 pman47.cc +short # Google's resolverIn simple language, DNS translates domain names into IP addresses by walking a chain of servers — and caching makes it fast, but also means changes take time to propagate.