What Is a DNS Server?

Everything you need to know about network DNS servers

Detail of orange cables in a server room.
Erik Von Weber / Getty Images

A DNS server is a computer server that contains a database of public IP addresses and their associated hostnames, and in most cases, serves to resolve, or translate, those common names to IP addresses as requested.

DNS servers run special software and communicate with each other using special protocols.

In more easy to understand terms: a DNS server on the internet is the device that translates that www.lifewire.com you type in your browser to the 151.101.129.121 IP address that it really is.

Note: Other names for a DNS server include name server, nameserver, and domain name system server.

Why Do We Have DNS Servers?

This question can be answered with another question: Is it easier to remember 151.101.129.121 or www.lifewire.com? Most of us would say it's much simpler to remember a word like lifewire instead of a string of numbers.

When you enter www.lifewire.com into a web browser, all you have to understand and remember is the URL http://www.lifewire.com. The same is true for any other website like Google.com, Amazon.com, etc.

The opposite is true too, that while we as humans can understand the words in the URL much easier than the IP address numbers, other computers and network devices understand the IP address.

Therefore, we have DNS servers because we not only want to use human-readable names to access websites, but the computers need to use IP addresses to access websites. The DNS server is that translator between the hostname and IP address.

Malware & DNS Servers

It's always important to be running an antivirus program. One reason is that malware can attack your computer in a way that changes the DNS server settings, which is definitely something you don't want to happen.

Say as an example that your computer is using Google's DNS servers 8.8.8.8 and 8.8.4.4.

Under these DNS servers, accessing your bank website with your bank's URL would load the correct website and let you login to your account.

However, if the malware changed your DNS server settings (which can happen behind the scenes without your knowledge), entering the same URL might take you to a completely different website, or more importantly, to a website that looks like your bank website but really isn't. This fake bank site might look exactly like the real one but instead of letting you login to your account, it might just record your username and password., giving the scammers all the information they need to access your bank account.

Usually, however, malware that hijacks your DNS servers generally just redirects popular websites to ones that are full of advertisements or fake virus websites that make you think you have to buy a program to clean an infected computer.

There are two things you should do to avoid becoming a victim in this way. The first is to install an antivirus program so that malicious programs are caught before they can do any damage. The second is to be aware of how a website looks. If it's slightly off of what it usually looks like or you're getting an "invalid certificate" message in your browser, it might be a sign that you're on an imitation website.

More Information on DNS Servers

In most cases, two DNS servers, a primary and a secondary server, are automatically configured on your router and/or computer when connecting to your ISP via DHCP. You can configure two DNS servers in case one of them happens to fail, after which the device will resort to using the secondary server.

While many DNS servers are operated by ISPs and intended to be used only by their customers, several public-access ones are also available. See my Free & Public DNS Servers List for an up-to-date listing and How Do I Change DNS Servers? if you need help making the change.

Some DNS servers may provide faster access times than others but it relies solely on how long it takes your device to reach the DNS server. If your ISP's DNS servers are closer than Google's, for example, then you might find that addresses are resolved quicker using the default servers from your ISP than with a third-party server.

If you're experiencing network issues where it seems as if no website will load, it's possible that there's an issue with the DNS server. If the DNS server isn't able to find the correct IP address that's associated with the hostname you enter, the website won't load. Again, this is because computers communicate via IP addresses and not hostnames - the computer doesn't know what you're trying to reach unless it can use an IP address.

The DNS server settings "closest" to the device are the ones applied to it. For example, while your ISP might use one set of DNS servers that apply to all the routers connected to it, your router could use a different set which would apply the DNS server settings to all the devices connected to the router. However, a computer connected to the router can use it's own DNS server settings to override the ones set by both the router and the ISP.

I explained above about how malicious programs can take control of your DNS server settings and override them with servers that redirect your website requests elsewhere. While this is definitely something that scammers can do, it's also a feature found in some DNS services like OpenDNS, but it's used in a good way. For example, OpenDNS can redirect adult websites, gambling websites, social media websites and more, to a "Blocked" page, but you have complete control over the redirects.

The nslookup command is used to query your DNS server. Start by opening the Command Prompt tool and then typing the following:

nslookup

...which should return something like this:

Name: lifewire.com
Addresses: 151.101.1.121
 151.101.129.121
 151.101.193.121
 151.101.65.121

In the example above, the nslookup command tells you the IP address, or several IP addresses in this case, that the lifewire.com address you enter in your browser's search bar might translate to.

DNS Root Servers

There are a number of DNS servers located within the connection of computers that we call the internet. Most important are 13 DNS root servers that store a complete database of domain names and their associated public IP addresses.

These top-tier DNS servers are named A through M for the first 13 letters of the alphabet. Ten of these servers are in the US, one in London, one in Stockholm, and one in Japan.

IANA keeps this list of DNS root servers if you're interested.