What Is DNS? How to Check DNS Records for Any Domain

By FreeToolBox Team Β· Β·
dnsnetworkingdeveloperlookupdomainsecurity

Every time you type a domain name into your browser, a complex lookup happens in the background before a single byte of the website reaches you. That lookup β€” performed by the Domain Name System β€” is one of the most fundamental pieces of infrastructure on the internet, yet most people never think about it until something breaks.

Understanding DNS is useful whether you are a developer deploying a new site, a sysadmin troubleshooting an email delivery problem, or just someone who wants to understand how the web works under the hood.

What Is DNS?

DNS stands for Domain Name System. Its core job is simple: translate human-readable domain names like freetoolbox.org into machine-readable IP addresses like 104.21.48.1. Without DNS, you would need to memorise the numeric IP address of every website you visit.

Think of it as the internet’s phone book. You look up a name, get a number, and your device uses that number to make the actual connection.

DNS is a distributed, hierarchical system. No single server holds all the records for every domain on earth. Instead, lookups travel through a chain of servers β€” from your local resolver, up to root servers, then to top-level domain servers (for .org, .com, etc.), and finally to the authoritative nameserver for the specific domain you queried.

How a DNS Lookup Works

When you navigate to a website, the following happens in milliseconds:

  1. Your device checks its local cache. If it has seen this domain recently, it returns the stored answer immediately.
  2. If not cached, it asks your recursive resolver β€” typically provided by your ISP or a public DNS service like Google (8.8.8.8) or Cloudflare (1.1.1.1).
  3. The resolver queries a root nameserver, which points it to the correct top-level domain server.
  4. The TLD server points to the authoritative nameserver for the domain.
  5. The authoritative nameserver returns the actual DNS record.
  6. Your device receives the IP address and opens a connection to the server.

The entire chain usually completes in under 50 milliseconds.

DNS Record Types Explained

DNS is not just about A records mapping names to IPs. There is a whole family of record types, each serving a different purpose:

A record β€” Maps a domain to an IPv4 address. The most common record type. freetoolbox.org β†’ 104.21.48.1

AAAA record β€” Maps a domain to an IPv6 address. IPv6 is 128-bit, written in hex notation. Increasingly important as IPv4 space runs out.

CNAME record β€” Canonical Name. An alias that points one domain to another domain name rather than an IP. Used heavily for subdomains: www.example.com β†’ example.com.

MX record β€” Mail Exchanger. Specifies which server handles email for the domain. Has a priority value β€” lower numbers have higher priority. Essential for diagnosing email delivery problems.

TXT record β€” Free-form text attached to a domain. Used for SPF (email authentication), DKIM keys, domain ownership verification (Google Search Console, etc.), and DMARC policies.

NS record β€” Nameserver. Lists the authoritative nameservers responsible for the domain. Changing these is how you delegate DNS management to a different provider.

SOA record β€” Start of Authority. Contains administrative information: primary nameserver, contact email, serial number, and refresh/retry timers. Usually only relevant for DNS administrators.

CAA record β€” Certification Authority Authorization. Specifies which certificate authorities are allowed to issue SSL/TLS certificates for the domain. A security measure against misissued certificates.

Why Check DNS Records?

There are several practical reasons you might need to query DNS records directly:

Troubleshooting website issues β€” If a site is unreachable, checking the A or AAAA records tells you whether DNS is pointing at the right server.

Diagnosing email problems β€” Missing or misconfigured MX, SPF, or DKIM records are the most common causes of email ending up in spam. Checking TXT and MX records is the first step.

Verifying a domain migration β€” After moving a site to a new host or CDN, checking DNS propagation confirms whether the new records have spread across resolvers worldwide.

Security auditing β€” CAA records tell you whether a domain is protected against certificate misissuance. Missing SPF/DMARC records are a sign a domain could be spoofed in phishing attacks.

Domain research β€” NS records reveal who manages a domain’s DNS. MX records reveal which email provider a company uses.

Our DNS Lookup Tool lets you query any of these record types for any domain, instantly, directly from your browser. Results come from Google’s public DNS API β€” no software to install, nothing stored on a server. You can also use our IP Address Lookup tool to get geolocation and network details for any IP address returned by a DNS query.

DNS Propagation: Why Changes Take Time

When you update a DNS record, the change does not take effect everywhere immediately. Each DNS record has a TTL (Time to Live) value β€” the number of seconds a resolver is allowed to cache the answer before re-querying. A TTL of 3600 means resolvers may serve the old record for up to one hour after you make a change.

During a migration, setting your TTL low (300 seconds) a few days before the change means the old record expires quickly across the internet. Afterwards, you can raise the TTL again for performance.

Frequently Asked Questions

Is DNS lookup information public?

Yes. DNS is a public, open system by design. Any record you publish in DNS is visible to anyone who queries it. This is intentional β€” clients need to be able to find your servers. The only exception is DNSSEC validation data, which adds cryptographic signatures but does not make records private.

Can DNS be used for tracking?

DNS resolvers do see every domain you visit β€” that is how they answer your queries. Using a privacy-focused resolver like Cloudflare (1.1.1.1) or enabling DNS-over-HTTPS in your browser encrypts queries so your ISP cannot monitor them. Our DNS Lookup tool queries via the browser, using Google’s DNS-over-HTTPS API, so no third party sees your lookup from our end.

What is the difference between DNS and WHOIS?

DNS records tell you where a domain’s servers are located (IPs, mail servers, etc.). WHOIS tells you who registered the domain, when, and through which registrar. They are separate systems and serve different informational purposes.

DNS is one of those technologies that works so reliably, so silently, that you only notice it when something goes wrong. When it does, knowing exactly which records to check β€” and having a tool that fetches them in seconds β€” makes all the difference. Try our DNS Lookup Tool the next time you need to debug a domain.