https://phoenixnap.

com/kb/dns-server

Home » KB » Networking » What Is a DNS Server?

What Is a DNS Server?
By Vladimir Kaplarevic Published: April 10, 2025
Topics:

When you enter a URL into a browser, DNS servers within the Domain Name System (DNS) translate the human-
readable domain name into an IP address. This process, called DNS resolution, allows the browser to locate the
correct host and request the web page.
Learn how DNS servers work, the different types of DNS servers, and find the right provider for your
organization.

What Is a DNS Server?

DNS resolution is carried out by a distributed network of specialized DNS servers designed to complete specific tasks
with low latency and high reliability. There are several types of DNS servers, each playing a distinct role in the
resolution process.
Depending on its function within the broader DNS infrastructure, a DNS server may:
• Recursively query other DNS servers on behalf of the client to resolve a domain name into its corresponding IP
address.
• Respond to iterative queries to guide resolvers to the next server in the DNS hierarchy.
• Store official DNS records to map domain names to IP addresses and define domain-related services.
• Cache DNS responses to speed up future DNS lookups.
• Forward client requests to upstream resolvers.
• Perform reverse DNS lookups using PTR records.
• Serve location-aware responses (GeoDNS) to route users to the nearest or most appropriate server.
• Filter or block queries based on preconfigured DNS security policies.
Not all DNS servers perform every task listed above. The behavior depends on their designated function within the
hierarchy. Below is a brief overview of the core DNS server types and how they work together to resolve domains
efficiently.

Types of DNS Servers

Each DNS server type has a specific role in resolving a domain name into an IP address. The following table lists DNS
server types and their functions:

DNS Server Type Function Example

A device sends a query for the
phoenixnap.com domain to a
Queries other servers in the DNS recursive server like Google DNS
hierarchy on behalf of the client until it (8.8.8.8) or Cloudflare (1.1.1.1). The
Recursive DNS Server locates the IP address for a domain server contacts root, TLD, and
name. The results are temporarily authoritative DNS servers to retrieve
cached to speed up future lookups.
the IP address for the domain and
returns it to the device.
Responds to recursive resolvers with A root server tells the recursive server
Root DNS Server a referral to the appropriate top-level that phoenixnap.com is part of the
domain (TLD) server based on the .com domain and refers it to the .com
domain suffix (e.g., .com, .org). TLD server for more information.
A .com TLD server contains
Handles queries for top-level domains information for all websites ending in
TLD (Top-Level Domain) DNS
Server and points the recursive DNS server .com. It tells the recursive server that
to an authoritative server. the authoritative server for
phoenixnap.com is ns1.example.com.
Stores and serves official DNS
records for a domain. When recursive The authoritative server for
Authoritative DNS Server servers query them, they return the IP phoenixnap.com responds to the
recursive server query with the actual
address and other requested IP address.
information.
Stores previous DNS query results to
A company configures its network to
reduce latency and traffic loads. check a local caching server for the
Caching DNS Server These servers do not perform phoenixnap.com domain-to-IP
recursion or serve authoritative
records but only return cached mapping before forwarding the query
responses when available. to an external recursive resolver.

Forwards queries to another DNS

server (usually an upstream recursive A home router receives a DNS query
Forwarding DNS Server resolver) instead of resolving them. and forwards it to Cloudflare DNS
Common in enterprise networks and (1.1.1.1) for resolution.
home routers.

 Note: The Internet Assigned Numbers Authority (IANA), part of ICANN, manages the root zone
and assigns responsibility for TLD nameservers.

How Do DNS Servers Work?

DNS systems are designed to respond quickly and conserve resources by minimizing the number of queries. If the
example address is phoenixnap.com, the resolution process goes through the following steps:
1. The user enters the domain name into a browser.

 Note: Modern browsers temporarily cache DNS records. If the record is found in the browser cache,
the IP address is used and the HTTP request is sent directly to the destination server.

2. The operating system's DNS resolver also checks its local cache. If there is no cached entry, the query is
forwarded to a configured recursive DNS resolver.

 Note: In some cases, the local DNS cache may become corrupted. When this happens, the best
solution is to flush the local DNS cache.

3. The DNS resolver checks its cache. If no entry is found, it queries a root nameserver to find the responsible TLD
server.
4. The root server responds with a referral to the relevant TLD server. Since the domain in this example is
phoenixnap.com, the TLD server is .com.
5. The resolver then queries the TLD server for phoenixnap.com.
6. The TLD server replies with the IP address of the authoritative nameserver for the domain.
7. The recursive server sends a final query to the authoritative nameserver.
8. The authoritative nameserver responds with the IP address for phoenixnap.com.
9. The recursive server caches the response and returns the IP address to the OS.
10. The OS passes the IP address to the browser, which uses it to send an HTTP(S) request to the destination web
server.
11. The web server responds with the requested webpage.

 Note: This is a general overview of the DNS resolution process. Specific steps may vary depending
on caching behavior, query type, and DNS record type.

Public vs. Private DNS Server

Anyone with an internet connection can use public DNS servers to translate domain names into IP addresses. These
services are usually provided by internet providers or third-party companies like Google or Cloudflare. Besides DNS
resolution, public DNS services often provide additional features such as traffic filtering, parental control, and phishing
and malware protection.
Due to the nature of their operations, enterprise networks, data centers, and hybrid cloud environments combine
public with private DNS servers. This is often necessary when internal DNS data must remain confidential and cannot
be cached or exposed through public infrastructure. Private DNS servers allow organizations to implement robust
network security policies.
Even though private DNS servers provide more security and flexibility regarding network design and customization,
they also require dedicated staff, such as system or network administrators, and introduce additional costs related to
setup and ongoing maintenance.

Note: Find out how to fix the DNS_PROBE_FINISHED_NXDOMAIN error in this step-by-step
 guide. This common issue occurs when the DNS system cannot resolve a provided URL into an IP
address.

Choosing a DNS Server

While speed is essential, it is not the only consideration when selecting a DNS server, especially in a business
environment.
When choosing a DNS service, consider the following:
• Use Case. You can use a public recursive DNS server like Cloudflare or Google to configure internet access for
home devices or small office networks. However, if you own and manage a domain, you also need an authoritative
DNS service to host and serve your domain's official DNS records.
• Need for private DNS. Most individuals and even small businesses can rely entirely on public DNS services.
Organizations that handle sensitive DNS data, internal services, or private infrastructure should implement private
DNS servers. This allows them to protect data from external exposure and gain more control over DNS policies.
• Performance and Reliability. Ideally, a DNS provider should deliver high uptime, low latency, and a global,
distributed infrastructure. If you do not need private DNS servers, large public resolvers are highly optimized for
speed and availability.
• Security Features. Both home users and companies should look for DNS services that offer Domain Name System
Security Extensions (DNSSEC) to verify the authenticity of DNS responses, protocols for encrypting DNS traffic via
HTTPS and TLS, and malware and phishing protection. Customizable logging policies are also essential if working in
a privacy-oriented industry.
• Automation and Control. If you own and manage a domain, select a DNS service that allows you to customize DNS
records, adjust TTL settings, and integrate with APIs to automate DNS management through deployment workflows
or scripts.
DNS Providers
A DNS provider is an organization that offers DNS resolution services, such as public recursive resolvers, authoritative
DNS hosting, or both.
The table below lists common DNS providers and compares them based on key features and capabilities:

DNS Privacy DNSSEC Encrypted Security Content API /

Type DNS (DoH Automatio Free/Paid
Provider Policy Support / DoT) Features Filtering n
https://phoenixnap.com/kb/dns-server

Encrypted Security API /

DNS Privacy DNSSEC Content
Provider Type Policy Support DNS (DoH Features Filtering Automatio Free/Paid
/ DoT) n

Cloudflare Public No logging DDoS Free

(1.1.1.1 / resolver / (logs DoH and protection, Resolver
Yes bot No Full API
Cloudflare Authoritativ anonymize DoT manageme and Paid
DNS) e DNS d after 24h) Hosting
nt
Google Logs Basic
Public Public temporarily Partial DoH and query No None Free
DNS resolver (for DoT validation
(8.8.8.8) analysis) only

Quad9 Public No DoH and Malware +

(9.9.9.9) resolver personal Yes DoT phishing Yes None Free
data stored blocking

Public Customiza Malware Free

OpenDNS resolver / ble logging No public blocking, Full API (basic) and
policies Limited Yes
(Cisco) Enterprise (enterprise DoT parental (enterprise) Paid
solutions solution) control (enterprise)

Public Fully Real-time Free

NextDNS resolver private, Yes DoH and threat Yes Full API (basic) and
(customiza user- DoT protection Paid Plans
ble) controlled

Authoritativ AWS Health

AWS shared Not checks,
Route 53 e DNS responsibili Yes Applicable failover No Full API Paid
hosting ty model routing

Google Authoritativ Google

Cloud e DNS Cloud Yes Not Scalable No Full API Paid
privacy Applicable routing
DNS hosting terms
Authoritativ Azure Not Native
Azure DNS e DNS privacy Yes Applicable integration No Full API Paid
hosting model with Azure
Authoritativ Standard Traffic
DNS Made e DNS industry Yes Not manageme No Full API Paid
Easy hosting practices Applicable nt, failover

Conclusion
DNS is a foundational technology that keeps the internet running. By implementing a well-balanced DNS strategy, one
that combines public and private servers, you can enhance performance, improve reliability, and ensure your online
presence reaches its audience quickly.
DNS errors are common due to the number of different DNS providers, server types, and configurations. Even
experienced network admins need a refresher and practical tips on troubleshooting DNS issues.