How DNS Works: From Domain Names to IP Addresses Explained

What is DNS and Its Structure

In the Internet, IP addresses identify servers, but because they are hard to remember, they are replaced by human‑readable domain names (e.g., www.51cto.com). The Domain Name System (DNS) maps these domain names to IP addresses using a distributed database.

DNS consists of three hierarchical layers:

Root DNS servers store the addresses of top‑level domain (TLD) servers.

TLD servers handle three categories of domains: gTLD (generic, e.g., .com, .net), ccTLD (country code, e.g., .cn, .jp), and New gTLD (e.g., .xyz, .top).

Local DNS servers (often operated by ISPs) act as proxies for user queries.

Below is a typical three‑level DNS hierarchy: root servers, TLD servers, and local DNS servers.

DNS Resolution Process

The resolution of a domain name to an IP address involves nine steps, illustrated in the diagram below.

The user enters a URL in the browser. The browser first checks its cache for a matching IP address.

If not cached, the system checks the local hosts file (e.g., C:\Windows\System32\drivers\etc\hosts on Windows or /etc/hosts on Linux) for a static mapping.

The query is sent to the Local DNS server, which often satisfies the request from its cache (about 80% of queries).

If the Local DNS server lacks the answer, it queries a Root DNS server to obtain the address of the appropriate TLD server.

The Local DNS server then contacts the relevant TLD server (gTLD, ccTLD, or New gTLD) to get the authoritative Name Server for the domain.

The Name Server returns the domain's A record (address) or CNAME record and sets a TTL (Time To Live).

If an A record is returned, the client can directly access the IP. Often, large sites return a CNAME that points to a Global Traffic Manager (GTM).

The GTM directs the request to the nearest CDN cache node, delivering static resources such as HTML, CSS, JS, and images.

For dynamic content not cached, the request passes through a load balancer to the application server.

Summary

DNS translates URLs to IP addresses through a three‑layer architecture: Root DNS servers, TLD servers, and Local DNS servers. Domain registrars provide authoritative Name Servers. Accessing a website typically follows nine steps—from browser cache and hosts file checks, through Local, Root, and TLD servers, to Name Server, GTM, CDN, and finally the application server.