The Domain Name System (DNS) is a decentralized, hierarchical naming system for services, computers, or other resources connected to the Internet or a private network. It works like an Internet phone book, in which names (domain names) are associated with numbers (IP address).
Mainly, it translates domain names, which are easier to memorize, into the numeric IP addresses that are required to identify and locate computerized services and devices.
The process consists of transforming a domain name into an IP address compatible with the device used (computer, telephone, tablet, etc.). Every device connected to the Internet is given an IP address, which is necessary to locate it, similar to when a street address is used to locate a particular house.
Every time a user wants to load a site or web page, there has to be a translation between what the user typed in their web browser and the machine-compatible address needed to locate the web page.
How does it work:
The information for assigning domain names to IP addresses is stored in name servers. These servers store DNS records in which it is indicated which domains are assigned to certain IP addresses. These records are stored and distributed throughout the world on name servers called root name servers, which hold the locations of top-level domains (TLDs).
In general, users do not communicate directly with the DNS server; name determination is done transparently by client applications. When a request is made that requires a DNS lookup, the request is sent to the operating system's local DNS server. Before establishing any communication, the operating system checks if the response is in the cache. If not found, the request will be sent to one or more DNS servers.
The DNS servers that the request reaches, initially look to see if the response is in the cache. If yes, they provide the answer; in the opposite case, a search is started recursively. When the answer is found, the DNS server caches the result for future use and returns the result.
Many times, DNS lookup information will be cached on the querying computer or remotely in the DNS infrastructure. There are several main steps in a DNS location. In cases where DNS information is cached, the steps in the DNS lookup process are skipped, speeding up the process.
The following example shows the 8 main steps in a DNS lookup (when nothing is cached)
There are 4 compromised DNS servers when a web page loads: