DNS Lookup
When you type google.com into your browser, your computer doesn't know where that is. It needs an IP address — like 142.250.80.46. DNS (Domain Name System) is the phone book that translates human-readable domain names into machine-readable IP addresses. Every single website visit starts with a DNS lookup, and when DNS breaks, nothing loads even though your internet connection is perfectly fine.
Quick DNS Test
If websites won't load but pinging 8.8.8.8 works, DNS is the problem. Quick fix: change your DNS server to Google (8.8.8.8) or Cloudflare (1.1.1.1) — see WiFi connected but no internet for step-by-step instructions.
nslookup — Query DNS Records
nslookup is available on Windows, Mac, and Linux. It queries DNS servers and shows you the results:
# Basic lookup — find the IP of a domain
nslookup google.com
# Query a specific DNS server
nslookup google.com 8.8.8.8
# Look up mail servers (MX records)
nslookup -type=MX gmail.com
# Look up name servers
nslookup -type=NS example.com
# Look up text records (SPF, DKIM, domain verification)
nslookup -type=TXT example.comdig — The Better Tool (Mac/Linux)
dig gives more detailed output and is preferred by sysadmins. Not available on Windows by default, but comes pre-installed on Mac and most Linux distributions:
# Basic lookup
dig google.com
# Short answer only
dig google.com +short
# Query specific record type
dig MX gmail.com
dig AAAA google.com # IPv6 address
dig CNAME www.example.com
dig TXT example.com
# Query a specific DNS server
dig @8.8.8.8 google.com
# Trace the full resolution path
dig google.com +traceDNS Record Types
| Record | Purpose | Example |
|---|---|---|
| A | Maps domain to IPv4 address | example.com → 93.184.216.34 |
| AAAA | Maps domain to IPv6 address | example.com → 2606:2800:220:1:248:1893:25c8:1946 |
| CNAME | Alias pointing to another domain | www.example.com → example.com |
| MX | Mail server for the domain | gmail.com → gmail-smtp-in.l.google.com |
| TXT | Text data — SPF, DKIM, domain verification | Used by email security, Google/Microsoft verification |
| NS | Name servers for the domain | example.com → ns1.example.com |
| SOA | Start of Authority — domain metadata | Serial number, refresh timers, admin contact |
How DNS Resolution Works
When you visit a website, the lookup follows a chain:
- Browser cache — checks if it recently looked up this domain
- OS cache — checks the operating system's DNS cache
- Hosts file — checks the local hosts file for manual overrides
- Resolver — asks your configured DNS server (usually your ISP's, or 8.8.8.8 if you changed it)
- Root servers → TLD servers (.com, .org) → Authoritative server — if the resolver doesn't have it cached, it walks the hierarchy
This entire process typically takes 20-120 milliseconds. The result is cached at multiple levels, so subsequent visits are nearly instant.
Flush DNS Cache
If a website recently changed its IP address (migrated servers, changed hosting), your device might still cache the old address. Flushing the DNS cache forces a fresh lookup:
# Windows
ipconfig /flushdns
# Mac
sudo dscacheutil -flushcache
sudo killall -HUP mDNSResponder
# Linux (systemd-resolved)
sudo systemd-resolve --flush-caches
# Chrome browser (internal cache)
# Navigate to: chrome://net-internals/#dns → Clear host cachePopular DNS Servers
| Provider | Primary | Secondary | Notes |
|---|---|---|---|
| Cloudflare | 1.1.1.1 | 1.0.0.1 | Fastest, privacy-focused |
| 8.8.8.8 | 8.8.4.4 | Reliable, widely used | |
| OpenDNS | 208.67.222.222 | 208.67.220.220 | Offers content filtering options |
| Quad9 | 9.9.9.9 | 149.112.112.112 | Blocks known malicious domains |
You can change DNS on individual devices (in network adapter settings) or for your entire network by setting the DNS servers in your router's admin panel.