DNS—short for Domain Name System—can feel intimidating. More so if you’re not from an IT or technical background. However, it’s something you must reacquaint yourself with if you’re a website owner.
DNS is a system that lets you connect to websites by matching human-readable domain names (like crazyegg.com) with the unique ID of the hosting server that can be read by machines, called the IP address (like 18.104.22.168).
The whole point of having DNS is to solve the dilemma that computers work best with numbers, but people work best with words. Think of it as the internet’s phonebook. Whenever you enter a domain into your browser, the DNS converts it into an IP, informing the computer which website you want to visit.
Why DNS is So Important
Without DNS, you would have to learn and recall sporadic strings of numbers to visit different websites—even Google. With DNS, you can use easy-to-remember domain names instead of numbers.
Think about it: What’s easier for you to remember? Google.com or 22.214.171.124?
Anyone involved in websites, website hosting, email, or even business owners should take the time out to learn and understand DNS. It’s because they’ll find themselves frequently accessing or updating DNS records to ensure their websites and emails continue to run without errors.
Of course, you can find website agencies and IT companies to maintain and update your DNS on your behalf, but knowing DNS will allow you to have control of everything centrally if you ever want to change suppliers.
Let me explain how it works.
Suppose you type www.crazyegg.com into your web browser. You’ll be automatically directed to this website.
When you type in the website name, it’s called a “user request” to view or access a site. Once you submit a request, the computer will first search for the website’s IP address on the local DNS cache memory.
It’ll display the website immediately if the search is successful. If not, the search query will go to the recursive server maintained by the Internet Service Provider or ISP in a bid to try and fix the IP address. If the IP address is located correctly, you’ll see the website.
Although the chances of locating the requested website are high since the ISP maintains a cache of IP addresses frequently accessed by their customers, if the IP address still can’t be located, the recursive server will direct the query to the root nameserver.
If the IP address is not there, the user query will go to the TLD nameserver, followed by the authoritative server, with the latter being the query’s final destination.
The query will definitely be retrieved in the authoritative server, after which you’ll be able to see the website.
The recursive server will then cache the IP address by extracting it from the authoritative server, making it accessible to you the next time you request it.
As you can see, this is a whole process, with four levels that the user query goes through. Luckily, a DNS does all the hard work for you—very quickly at that—enabling you to see your displayed pages in just a few clicks.
Still with us? Great.
Quick Tips to Improve DNS Today
DNS has its fair share of problems. The website may not load as quickly as you want, or the changes you make to your site’s DNS may reflect right away.
Below, we’ll discuss a few ways in which you can improve your DNS quickly. Let’s take a quick look.
Choose a Fast DNS Provider
Similar to web host providers, DNS providers aren’t equal. Some are fast, some are slow.
Generally, domain registrars like GoDaddy and Namecheap offer a free DNS, but if you want faster service, you should opt for DNS providers like Amazon, Dyn, and Cloudflare that have multiple points-of-presence (POPs) around the globe.
You can use tools like KeyCDN’s performance tool and SolveDNS speed test to test speeds and compare premium DNS providers. Additionally, keep in mind that some of the providers are faster in certain regions, so you need to take into account global as well as regional speeds.
Reduce the Number of Domains
DNS lookup is responsible for the total time taken from the moment you hit the enter key to search a query and the displayed result. Obviously, everybody wants faster results, which is why you have to think of ways to reduce DNS lookups.
A great way to do this is to get rid of requests that query different hostnames. You see, with DNS lookups, it’s the number of different domains that are more important instead of the number of requests. You can run your WP site through a tool like being Pingdom to weed out unnecessary requests.
You may be wondering that as DNS is a mapping of a hostname to an IP, why can’t you simply point to an IP. Well, that’s because an IP address changes frequently, whereas hostnames don’t.
Utilize DNS Prefetching
You can use DNS Prefetching to speed up DNS. All you have to do is add some lines of code to the header of your WordPress site, which will then allow the browser to perform DNS lookups on a page in the background.
Here are a few examples below:
<!– Prefetch DNS for external assets –>
<link rel=”dns-prefetch” href=”//fonts.googleapis.com”>
<link rel=”dns-prefetch” href=”//www.google-analytics.com”>
<link rel=”dns-prefetch” href=”//cdn.domain.com”>
Moreover, DNS prefetching is also supported by some of the biggest browsers like Opera Mini, iOS Safari, and Android Browser. Users of WordPress version 4.64 or newer can use resource hints to add custom domains and URLs for dns-prefetch, preconnect, prerender, or prefetch.
Use Caching and Time-to-Live (TTL) for Faster Loading and Fewer Queries
Caching lets a web browser and the recursive DNS name server store a specific DNS lookup for future use. Repeated visits to a website will bypass the DNS lookup server, which, in turn, will speed up the time to load a page.
TTL is the total amount of time a DNS response takes to cache before expiring. A longer TTL means lookups are stored on resolving servers and operating systems for longer, which, in turn, results in fewer queries and faster load times.
That said, you must ensure the TTL setting balances the resolution screen with your availability when configuring your domains.
The TTL values can be changed with your domain registrar provider or third-party DNS provider as well to improve your DNS cache times. Even ISPs cache DNS.
Practice DNS Filtering to Block Malicious Domains
DNS filtering prevents users from viewing a website or accessing a domain. If a domain is known to be malicious, the name resolution for a domain will end up getting blocked. It’s due to this that whenever a client sends a query for a blocked website, the DNS server stops any communication from taking place.
The other advantage of DNS filtering is that it considerably reduces the chances of viruses and malware reaching your network.
Whenever a client cannot reach a malicious page, the potential threats that could crawl inside your DNS infrastructure also reduces. Therefore, your IT staff won’t have to worry about cleaning up the viruses.
In addition to security, you can also block a domain for productivity reasons or due to a business policy. You can block social media, pornography, gambling, and video streaming pages—whatever you see fit for your organization’s betterment.
Long-Term Strategies for DNS
Now that we’ve discussed quick tips, let’s also cover a few long-term strategies that’ll give you better results. Keep in mind these steps require careful planning and good design to build a resilient and solid DNS infrastructure.
Choose the Right DNS Server
You may have wondered whether you should opt for an external or internal DNS server. Well, the answer to this question depends on your internal setup.
To allow devices on a particular domain to talk to each other, you have to point them to an internal DNS server. It’s mainly because external servers can’t resolve the hostnames of internal devices.
When a computer COMPUTER1, for instance, sends a DNS query for an office-printer or a server hr-1, only an internal DNS can provide a resource recorder. You won’t be able to use internal resources if you set up a device to use an external DNS (like a Google 126.96.36.199).
What’s more, you have to set up both the primary and secondary DNS to an internal name server in internal environments. You won’t face any connectivity issues because of this arrangement even when the primary DNS server fails as the secondary DNS will become your backup.
You can also set up a local DNS server closest to your office. This will reduce the response time for DNS requests. So even if you put up a query that travels across WAN to a remote nameserver, you won’t have to deal with longer load times.
Handle the Active Directory With Care
Active Directory works well only when workstations in a domain use the same server for the name server as well as the name resolution.
You have to maintain a strict separation between Active Directory DNS and domains to deal with them efficiently. Any names stored in Active Directory should only be maintained in the world of Active Directory DNS, and not in other DNS names—whether public or private.
In other words, your workstation names and pointers to domain controllers should be kept separate from your external web server or internal web and SharePoint servers.
Let’s explain this further with the help of an example.
Suppose your organization‘s main domain is yourdomain.com. Your job here is to ensure all Active Directory servers are in a subdomain, such as ad.yourdomain.com or yourdomain.lcl. This will make sure it’s never seen outside of the trusted local network.
We also recommend avoiding using the .lcl domain for local domains as they don’t operate on the general internet. Users inside a network may need to use different names than when they are at home or outside the office, so it’s best to maintain consistency to reduce confusion.
Separate DNS Service from DNS Resolution
Your DNS service defines name-to-address mappings and advertises them to the internet or locally. On the other hand, DNS resolution navigates the internet’s tree of names servers to search those mappings.
As you can see, they’re not the same, which is why it’s important to understand the difference between DNS service and DNS resolution—and keep them separate.
The best way to provide DNS resolution is with a pair of small, dedicated virtual machines that run a DNS resolver configuration.
If you want to lower the cost of server maintenance, you should try to get minimal configurations and customization, and avoid tweaking the configuration other than network addressing and routing as the servers get deployed.
Flush Your DNS Cache
Your website can underperform even after modifying DNS files and completing DNS propagation. The culprit? Issues with your DNS cache.
We’ve already discussed how your website’s DNS cache stores information about your site. You may start experiencing issues with your website when the cache becomes corrupted, or the stored data becomes outdated.
In this case, you’ll have to flush your DNS cache, which basically means emptying it. This way, you‘ll be able to resolve most issues when managing your website.
Keep in mind, the process of flushing the DNS cache is different for every operating system— Windows, macOS, Linux, and Chrome. But no matter your OS, you see the correct version of your site, along with improved loading times once you clear out your DNS cache.