DNS Filtering Terms & Cybersecurity Glossary | DNSFilter

What Is DNS? Understanding the Domain Name System | DNSFilter

Written by DNSFilter Team | Apr 30, 2025 3:32:41 PM

The Domain Name System (DNS) is a core Internet protocol that connects users to websites, applications, and services by translating domain names into IP addresses. Without DNS, the web would be far less navigable. Users would need to enter numerical IP addresses like 192.0.2.1 instead of recognizable names like example.com.

DNS functions as the Internet’s address book, providing the essential lookup service that makes online communication possible.

For a deeper guide to DNS concepts, visit our DNS Overview in the DNSFilter Help Center.

How DNS Works

When you type a website into your browser, DNS resolves that domain into the necessary IP address that the device needs to initiate a connection. This process is called DNS resolution, and it follows a structured path:

  1. Recursive Resolver: The query starts at a recursive resolver, typically operated by your ISP or a third-party DNS service like DNSFilter.

  2. Root Server: If the resolver doesn't have the answer cached, it queries a root server, which directs it to the appropriate Top-Level Domain (TLD) server (like .com or .org).

  3. TLD Server: The TLD server points the resolver to the domain’s authoritative name server.

  4. Authoritative Name Server: This server holds the actual record for the domain and returns the corresponding IP address.

  5. Response to User: The resolver delivers the IP address back to your device, allowing the connection to the desired website.

It’s important to note that DNS resolves addresses but does not route traffic between them. Routing occurs after the correct IP address has been identified.

Want a visual explanation? Watch our DNS 101 webinar for a deeper dive into how DNS functions within a secure network.

Types of DNS Records

DNS relies on a variety of record types to perform different functions beyond just resolving domain names. Each record type serves a specific purpose in directing traffic, enabling services, and supporting security protocols.

Record Type Purpose Example Use Case
A Record

Maps a domain name to an IPv4 address (e.g., 93.184.216.34).

Connecting example.com to its web server’s IPv4 address.
AAAA

Maps a domain name to an IPv6 address, supporting newer Internet protocols.

Connecting domains to servers that use IPv6 addresses.
CNAME Record

Creates an alias by pointing one domain to another domain name.

Redirecting blog.example.com to exampleblog.hostingplatform.com.
MX Record

Specifies the mail servers responsible for accepting email on behalf of the domain.

Routing emails sent to @example.com to the correct mail server.
NS Record

Identifies the authoritative name servers for the domain.

Ensuring that queries for example.com are sent to the correct DNS servers that manage the domain's records.
TXT Record

Stores text information, often used for domain verification or security settings.

Implementing SPF, DKIM, or DMARC records to prevent email spoofing.
PTR Record

Provides a reverse lookup, mapping an IP address back to a domain name.

Verifying the domain name associated with an IP address in email validation processes.


Each record type plays a specific role in supporting web traffic, email, security, and network operations.

Why DNS is Important

DNS is fundamental to Internet communication. Every time a user opens a website, sends an email, or accesses a cloud service, DNS is working in the background to translate domain names into actionable network addresses. 

Because DNS is so essential, it has also become a frequent target for cyberattacks, as detailed in our blog on the hidden risks of DNS in business networks. Threats like DNS spoofing, cache poisoning, and DNS tunneling exploit vulnerabilities in DNS to redirect users, exfiltrate data, or enable malware communication.

What Happens When DNS Isn't Used?

In the rare event DNS is unavailable or fails, the entire Internet experience breaks down. Common consequences include:

  • No domain resolution: Websites, cloud services, and apps cannot be reached because IP addresses can’t be retrieved.

  • Internal tool failures: Many enterprise systems rely on internal DNS for service discovery and communication between systems.

  • Security measures break down:
    • DNSSEC cannot validate responses if there are no queries to resolve.

    • DNS filtering services cannot monitor or block malicious queries.

    • DNS encryption protocols like DoH and DoT become moot without active DNS resolution.

  • Operational chaos: Without DNS, users would need to know direct IP addresses, which is impractical on any scale.

This is why the phrase "It's always DNS" has become a common refrain among IT and security professionals whenever there’s a service outage. DNS is so integral that when things break, it's often the first place experts look.

DNS, DNSSEC, and DNS Filtering: How They Work Together

At its core, DNS enables connectivity by resolving domain names into IP addresses. However, the original DNS protocol was not built with security in mind. That’s where complementary technologies like DNSSEC and DNS Filtering come in, each enhancing DNS in a different way:

  • DNS: The foundational system that maps domain names to their corresponding IP addresses, enabling devices to communicate across the Internet.

  • DNSSEC: Adds a layer of integrity checking to DNS by using cryptographic signatures to verify that responses are legitimate and haven’t been tampered with.

  • DNS Filtering: Provides active protection by blocking access to domains known to host malware, phishing schemes, or content that violates company policies.

Together, these technologies form a comprehensive DNS security stack:

  1. DNS resolves the address.
  2. DNSSEC ensures the response is authentic.
  3. DNS Filtering blocks connections to risky destinations.

While each serves a distinct purpose, combining them strengthens overall network security and resilience against DNS-based threats.

Examples of DNS

Real World Examples

  • Accessing a website: Typing www.dnsfilter.com triggers DNS to resolve the domain to its IP address so the browser can load the site.

  • Email routing: When sending an email, the sending server queries DNS for the recipient domain’s MX records to route the message correctly.

  • Enterprise security platforms: Many security tools leverage DNS to monitor for suspicious queries and prevent access to malicious domains.

Related Terms

  • DNSSEC: Adds cryptographic authentication to DNS responses to prevent forgery.

  • DNS Filtering: Blocks access to malicious or unauthorized domains based on DNS requests.

  • PDNS (Protective DNS): Uses DNS queries combined with threat intelligence to prevent and respond to threats.

  • DoT (DNS over TLS): Encrypts DNS traffic using the TLS protocol for privacy and security.

  • DoH (DNS over HTTPS): Encrypts DNS queries within HTTPS traffic to obscure DNS activity from network observers.

  • DNS Poisoning: An attack that inserts false information into DNS caches to redirect users to malicious sites.

Your network is only as strong as its DNS security. See how DNSFilter protects every DNS query with AI-driven threat detection, filtering, and secure resolution. Start your free trial today.
View full post