What Is DNS?

When you view a website, you open a page from search results, social media links, bookmarks, links inside apps, and similar places.

At that point, the URL shown on the screen or in the address bar includes a domain name such as example.com.

For example, in the following URL,

https[:]//example.com/article/page

the example.com part is the domain name.

People often see websites not as IP addresses, but as URLs that include domain names like this.

However, when computers actually communicate with each other, a domain name alone is not enough to deliver data to the destination. An IP address is needed to identify where the communication should go.

DNS is the mechanism that maps domain names to IP addresses.

Why Domain Names Alone Cannot Be Used for Communication

People recognize websites by URLs and domain names.

For example, suppose you see a URL like this.

https[:]//example.com/news

The example.com part in this URL is the domain name.

For people, a name such as example.com is easier to understand and handle than an IP address, which is a sequence of numbers.

However, when communicating over a network, computers are not communicating directly by looking only at domain names.

In actual communication, the IP address of the destination is needed.

In other words, when viewing a website, the following kind of mapping is needed behind the scenes.

example.com -> IP address

The mechanism that performs this mapping is DNS.

What DNS Is

DNS stands for Domain Name System.

DNS is a mechanism for mapping domain names to IP addresses.

For example, suppose you try to open the following URL in a browser.

https[:]//example.com

At that point, the browser or OS uses DNS as needed to look up the IP address corresponding to example.com.

Once the IP address is known, communication can begin toward that IP address.

In other words, DNS connects human-friendly domain names with the IP addresses that computers use for communication.

DNS has mechanisms for handling various kinds of information, but this article focuses on its role in mapping domain names to IP addresses as a basic part of web access.

Mapping Domain Names and IP Addresses

A domain name is a name that makes it easier for people to identify a website.

An IP address, on the other hand, is information computers use to identify a communication destination.

When you access a website, the flow broadly looks like this.

First, you open a web page from a search result or link.

Next, the browser looks at the domain name in the URL as the connection destination.

After that, it uses DNS as needed to look up the IP address corresponding to that domain name.

Once the IP address is known, communication begins toward that IP address.

Then, the browser receives the web page data from the server.

The important point here is that DNS is not the mechanism that obtains the web page itself.

DNS is only a mechanism for finding the communication destination.

The web page data is obtained by later communication such as HTTP or HTTPS.

What a DNS Query Is

A DNS query is, simply put, a check like this.

Please tell me the IP address for example.com

As the result of this query, the corresponding IP address is returned.

This is the IP address corresponding to example.com

Looking up an IP address from a domain name by using DNS is called name resolution.

However, this does not mean an external DNS server is always queried every time.

If the device, browser, OS, router, or similar component has temporarily stored the result, communication may use information it already knows.

Even so, as a basic understanding, it is enough to know that before connecting to a website, there may be a point where DNS is used to look up an IP address from a domain name.

Who Is Being Asked Through DNS

DNS queries are sent to the configured DNS server.

So whose DNS server is that?

This changes depending on your environment and settings.

If you are using your home internet connection as-is, your ISP's DNS may be used.

An ISP is the company that provides internet connectivity.

Also, if the router has DNS settings, the DNS specified by the router may be used.

If DNS has been changed on the device side, the DNS configured on the device may be used.

In addition, if the browser is using a specific DNS feature, the DNS specified on the browser side may be used separately from the OS or router.

In other words, DNS queries are not always sent to "the party you consciously chose."

The query destination changes depending on settings in the device, OS, browser, router, network environment, and similar places.

The Relationship Between DNS and Anonymity

DNS is important when thinking about anonymity.

That is because a DNS query includes the domain name you tried to view.

For example, suppose you try to open the following URL.

https[:]//example.com/article

At that point, the DNS query target is basically the following part.

example.com

In other words, a party that can see DNS queries may be able to know at least "which domain you tried to view."

However, DNS alone does not necessarily reveal the full URL.

For example, if there is a URL like this,

https[:]//example.com/private/page

the main target handled by the DNS query is example.com.

The path part such as /private/page is not DNS's role.

Even so, a domain name alone can reveal a lot of information in some cases.

For example, DNS queries may allow someone to infer that you tried to access a particular news site, social media site, political organization, investigative reporting site, whistleblowing support site, medical site, and similar destinations.

For that reason, DNS is not just an auxiliary communication function. It is also important when thinking about anonymity and privacy.

Understanding how DNS queries are visible also makes it easier to understand DNS leaks and communication methods that improve anonymity.

Information That DNS Providers or ISPs May Be Able to See

With ordinary DNS queries, the destination DNS server may know the queried domain name.

For example, if you try to access example.com, the DNS query destination may be able to see that you tried to look up example.com.

The DNS server side may also be able to know the source IP address of the query and the time when the query was made.

For that reason, who you send DNS queries to is related to privacy and anonymity.

Even if the communication content itself is encrypted with HTTPS, if DNS queries are visible to another party, that party may be able to know "which domain you tried to view."

However, DNS queries alone do not reveal the web page body, passwords you entered, form contents, or detailed URL paths.

What DNS mainly reveals is the domain name you tried to connect to.

Even so, a domain name alone may allow someone to infer which service, organization, media outlet, or information source you tried to connect to.

Summary

DNS is a mechanism for mapping domain names to IP addresses.

People often see websites as URLs or domain names, not IP addresses.

However, when computers communicate, IP addresses are needed.

For that reason, before opening a website, DNS may be used to look up the IP address corresponding to the domain name.

Looking up an IP address from a domain name by using DNS is called name resolution.

DNS queries handle information about "which domain you tried to view."

For that reason, who you send DNS queries to is related to anonymity and privacy.

DNS is not just an auxiliary communication function. It is also an important mechanism for understanding anonymity.

Related tools

Related articles