COMPARE NOW
Christian M. 6 min read

A simple guide to DNS

The Domain Name System (DNS) is essential for UK businesses, yet most owners overlook its importance.

Choosing the right DNS hosting improves website performance, enhances user experience, and helps boost Google Search rankings. Meanwhile, a reliable DNS resolver speeds up internet connections, ensuring websites, emails, and apps load faster.

This guide provides a comprehensive look at DNS for businesses. From understanding how it works to best practices for effective implementation in your organisation.

Contents

What is DNS?

DNS, or Domain Name System, is a core technology of the internet that translates human-readable domain names (i.e. URLs like www.google.com) into numerical IP addresses (e.g., 191.155.1.38) where online services like websites, VoIP and e-mail are hosted.

You can think of it as the internet’s directory. When a device requests a URL, DNS quickly finds the corresponding IP address, ensuring seamless access to the requested service.

Without DNS, the internet would be far slower, as devices would struggle to resolve dynamic IP addresses across over 360 million public domains. It would be like searching for a needle in a haystack.

DNS ensures businesses’ online services are easily accessible through DNS records and caching. For users, it allows browsers and applications to swiftly and securely connect to services via DNS resolution.

However, not all DNS setups are the same. Good and bad DNS providers, misconfigurations, and unsafe DNS practices impact internet performance and security.

How does DNS work?

Matching domain names with IP addresses may seem simple but involves multiple layers and interconnected processes. Each of the following DNS components plays a crucial role in ensuring fast, reliable, and secure internet connections:

  1. DNS resolution: The process of matching a domain name (URL) to its corresponding IP address.
  2. Advanced DNS resolution: Handling complex use cases such as APIs, cloud services, and Content Delivery Networks (CDNs).
  3. DNS records: Storing IP addresses and other key information for efficient domain management.
  4. DNS security: Protecting DNS from cyber threats, including spoofing, hijacking, and DDoS attacks.

DNS Resolution

DNS Resolution
The full DNS resolution process.

When a user or application connects to an online service, DNS is responsible for finding the requested domain’s corresponding IP address (and other important information).

This process is known as DNS resolution and follows a structured lookup process, starting with local caches and nearby DNS recursive resolvers and, if necessary, progressing through global DNS servers to retrieve the correct IP address.

1. Sending a DNS request

When employees enter a website URL in their browser, when your email app fetches new messages, or when internal devices like mobile VoIP phones connect to network services, a DNS request is sent. Business applications, cloud services, and even cybersecurity tools frequently trigger DNS lookups to locate the necessary servers (IP addresses).

2. Local cache lookup

Before querying external servers, DNS checks for the requested IP address in locally stored caches to speed up resolution. Web browsers (e.g., Google Chrome, Safari) and operating systems (Windows, macOS, Linux) store recently resolved domain names, reducing lookup times.

3. Recursive DNS resolvers

The request is forwarded to a recursive DNS resolver if the IP address isn’t found in the local cache. These servers also have their own caches to speed up lookups and add a layer of DNS security. If no IP address is found, resolvers forward the query to the global network of DNS servers to begin the resolution process.

Small businesses typically use public DNS resolvers, while larger businesses rely on dedicated resolvers with higher capacity. Some even deploy internal DNS resolvers to support internal applications and handle large volumes of device requests.

4. Root name servers

The global DNS resolution process starts at root name servers. DNS queries from UK businesses typically go to the nearest and most responsive root name servers, determined by factors like network proximity, routing efficiency, and Anycast technology. The K, I, F, J, and L-root servers have a presence in the UK for quick resolution.

5. Top-level domain (TLD) servers

TLD servers manage domain extensions (e.g., .com, .org, .net, .uk) and direct queries to the next server in the hierarchy, the Authoritative Name Server, which holds the actual DNS records.

6. Authoritative name servers

The final destination in the lookup process. These servers store and provide the official IP address for a domain (e.g., www.google.com). They are typically managed by domain registrars (GoDaddy, Namecheap, Google Domains) or web hosting/CDN providers (Cloudflare, AWS Route 53, DigitalOcean).

Once the IP address is resolved, it is cached at multiple levels (browser, OS, recursive resolver) to speed up future requests. The Time-to-Live (TTL) value, set by the domain host, determines how long an IP address remains stored before requiring a new lookup.

Advanced features of DNS

The standard DNS resolution process efficiently retrieves IP addresses, but modern internet demands require more advanced capabilities. Businesses need DNS to handle high traffic volumes, dynamic cloud services, continuous connections, and global performance optimisation.

Here are the key advanced DNS features that ensure this:

Content Delivery Networks (CDNs)

CDNs are networks of distributed servers that cache website content (images, videos, scripts) in multiple locations worldwide, ensuring users access data from the nearest and fastest server.

While not a core DNS function, CDNs reduce DNS lookup times by caching DNS records and serving static content closer to users, significantly improving website performance.

Popular CDNs include Cloudflare, Akamai, Fastly, and Amazon CloudFront.

DNS for cloud applications

Cloud applications scale up and down dynamically (a feature that makes them so popular!), constantly migrating services across different servers based on demand. This means their IP addresses change frequently, requiring DNS to keep up.

To support cloud agility, businesses use specialised DNS tools for business networks. These include internal DNS resolvers that update in real time and alias records pointing to the latest server instance.

DNS load balancing and failover

Just like regular business networks have to balance your organisation’s traffic using load balancing and broadband failover, DNS servers must do the same to manage large volumes of simultaneous DNS requests.

Instead of relying on SD-WAN, routers and switches, DNS relies on:

  • Cloud-based DNS load balancers: Route traffic to the nearest, fastest, or least congested server.
  • Failover DNS: Automatically redirects traffic if a primary server fails.
  • Geo-DNS: Sends users to the closest data centre for optimal performance.
  • Anycast DNS: Allows multiple servers to share the same IP, reducing latency and improving reliability.

DNS caching

Caching speeds up DNS resolution by storing previous query results, reducing unnecessary lookups. This improves efficiency and lowers the load on DNS servers. Caching happens at multiple levels:

  • Client-side caching: Browsers and operating systems store DNS responses for frequently visited sites.
  • Server-side caching: Recursive resolvers (e.g., Google Public DNS, Cloudflare DNS) store lookups for multiple users.
  • Provider-level caching: ISPs cache DNS records to speed up customer queries.
  • Edge & CDN caching: Large-scale platforms cache records at intermediary servers, optimising speed and reliability.

TTL (Time-To-Live)

TTL determines how long DNS records remain cached before expiring. Optimising TTL is crucial for improving performance and reliability:

  • Low TTL (e.g., 300 seconds): Forces frequent updates, ideal for cloud applications with dynamic IPs.
  • High TTL (e.g., 86400 seconds): Reduces lookup queries, suitable for static IP address websites.

💡 At Business Broadband Hub, we use high TTL to ensure our informative guides and business broadband comparison service remain fast and highly available, as we don’t rely on real-time applications.

DNS Zones

DNS zones organise DNS records into “master” copies, which can be safely stored and configured, and “read-only” copies, which can be used for redundancy, backup and improved performance. Here is how it works:

  • Primary DNS Zone: The master record storage, where all changes are made and propagated. Hosted on authoritative DNS servers.
  • Secondary DNS Zone: A read-only copy stored on another authoritative server, ensuring redundancy, faster query responses, and backup availability in case of failure.

DNS records

DNS records store a domain’s IP address and key characteristics, including aliases, email routing, security certificates, and metadata. These records provide essential instructions for devices on how to resolve domain names.

Each DNS record consists of:

  • Type: Defines the record’s function (e.g., A, MX, CNAME).
  • Value: The corresponding IP address, hostname, or configuration.
  • TTL: Determines how long the record is cached before requiring an update.
  • ZoneDetermines whether the record is a “master” copy or a “read-only” copy for redundancy.

Key DNS records

Here are the three key elements of DNS records.

A records

An “A record” maps a domain name to an IPv4 address, allowing devices to find and connect to the correct web server. It is the most essential DNS record type used to direct website traffic.

AAAA records

Similar to A records, AAAA records map domain names to IPv6 addresses. As the internet transitions to IPv6 for increased address availability, these records are becoming increasingly important.

CNAME records

A CNAME record allows a domain alias to point to another domain instead of an IP address. This is commonly used for subdomains and cloud services, helping manage traffic efficiently.

Other DNS records

Here are other DNS records that are sometimes present, depending on the nature of the service being offered:

  • MX Record (Mail Exchange Record): Directs emails to the correct mail server for a domain.
  • TXT Record (Text Record): Used for various verification purposes (SPF, DKIM, Google Site Verification, etc.).
  • NS Record (Name Server Record): Specifies which authoritative name servers handle DNS queries for a domain.
  • PTR Record (Pointer Record): Used in reverse DNS lookup, mapping an IP address to a domain name.
  • SRV Record (Service Record): Specifies services like remote VoIP.
  • SOA Record (Start of Authority Record): Contains domain administrative information, including serial numbers and refresh intervals.

DNS security

DNS is a prime target for cybercriminals as tampering with DNS records or the resolution process can redirect users to fraudulent websites, steal data, or disrupt online services.

These threats affect businesses (domain owners) and users (resolvers), making DNS security essential for online trust and reliability. Over the years, various security features have been introduced to protect DNS from exploitation.

Below is an overview of key defences and the common threats they mitigate.

Key DNS security features

Modern DNS security measures are implemented across browsers, devices, DNS servers, and domain hosting platforms to protect against cyber threats:

  • DNSSEC (Domain Name System Security Extensions): Protects against DNS spoofing by verifying DNS responses.
  • DNS filtering & monitoring: Blocks malicious domains and detects suspicious DNS activity.
  • Domain locking & registrar security: Prevents unauthorised changes to domain settings.
  • DDoS protection for DNS servers – Shields against massive traffic floods that can take DNS services offline.

DNS cybersecurity threats

Here is a summary of the main DNS threats and how security features protect against them:

DNS hijacking

  • Threat: Attackers compromise a DNS server, router, or user device to redirect traffic to fraudulent websites.
  • Protection: DNS Filtering helps detect and block connections to known malicious sites, reducing the risk of hijacking.

Cache poisoning (DNS Spoofing)

  • Threat: Fake DNS responses are injected into a resolver’s cache, leading users to fake or malicious sites.
  • Protection: DNSSEC ensures that DNS responses come from a trusted source by using cryptographic verification.

Man-in-the-Middle attacks on DNS

  • Threat: Cybercriminals intercept and alter DNS queries between users and DNS servers, rerouting traffic or stealing data.
  • Protection: DNSSEC prevents these attacks by validating DNS responses, while encrypted DNS secures queries in transit.

Domain hijacking

  • Threat: Attackers steal control of a domain by exploiting weak security at the domain registrar.
  • Protection: Domain locking & registrar security (e.g., two-factor authentication, registry lock) prevent unauthorised domain transfers.

DDoS Attacks on DNS Servers

  • Threat: Attackers flood DNS servers with massive amounts of traffic, making websites unreachable.
  • Protection: DDoS protection for DNS servers (e.g., rate limiting, traffic filtering, and Anycast routing) helps absorb and mitigate attacks.

DNS and business performance

DNS affects business performance. It can impact the quality of customer-facing services and internal operations, including your business websites, key VoIP features like UCaaS, streaming services, etc.

Yet, many businesses overlook their DNS setup, assuming it works by default. Poor configurations, slow DNS providers, and outdated infrastructure are common culprits behind slow load times and downtime, even for businesses equipped with superfast leased line business broadband or dark fibre.

Below are common DNS mistakes that negatively impact business performance, along with solutions to mitigate them:

Using slow DNS providers

  • Effect: Slow websites, poor user experience, and frustrated customers.
  • Solution: Use high-performance DNS resolving and hosting providers like Google DNS, Cloudflare, or a premium managed DNS service.

Many businesses stick with the default DNS for resolution of their business broadband provider, which is often slow and lacks redundancy. If the DNS service experiences congestion or downtime, website and service performance suffer, leading to longer load times and lost customers.

TTL (Time-To-Live) misconfiguration

  • Effect: Delayed website updates, higher costs, and increased risk of disruptions.
  • Solution: Configure TTL values strategically based on your business needs. For example, using shorter TTLs for frequently updated content and longer TTLs for stable records.

Lack of DNS provider redundancy

  • Effect: Unnecessary downtime, lost sales, and disrupted services during DNS failures.
  • Solution: Set up a secondary public DNS provider as a failover option to maintain uptime during outages.

Most businesses use a single DNS provider, creating a single point of failure. If that DNS provider experiences downtime and lacks a backup for redundancy, customers lose access to your business’s online services.

Email DNS misconfiguration

  • Effect: Lost emails, security risks, and communication failures.
  • Solution: Ensure your MX records are correctly set up and configure SPF, DKIM, and DMARC to improve email deliverability and prevent domain spoofing.

Email misconfigurations are a common issue for small businesses, particularly during migrations. Incorrect MX records can cause important emails to be undelivered or flagged as spam.

Outdated DNS infrastructure

  • Effect: Slow resolution times, scalability limitations, and increased security risks.
  • Solution: Migrate to cloud-based DNS providers for better performance, reliability, and security.

Some businesses still use old on-premise DNS servers, which are slow, difficult to scale, and lack modern security features. Cloud-based DNS solutions offer better performance, reliability, and security, making them a more efficient choice.

DNS configuration for business networks

Business networks are often busy, transmitting large volumes of internet traffic from their operations. Hundreds of employees often work across multiple branches, utilising local and cloud computation while communicating in real time with business VoIP phone systems.

This heavy traffic relies on DNS to find its destination, and generic DNS infrastructure can easily get overwhelmed, slowing down the performance of all your business services.

To handle this, businesses implement additional DNS infrastructure:

Internal DNS servers

Many businesses have internal platforms (e.g., “portal.company.com”, “fileserver.local”) offering services exclusive to their employees. These are normally hosted and resolved in dedicated internal DNS servers that can only be accessed from within your business network for security and performance. Only employees within the office LAN, connecting remotely with a VPN or through ZTNA will have permission.

Additionally, internal DNS servers act as network switches for DNS queries, easily redirecting requests to the desired resolvers for better performance.  

DNS-as-a-Service

Public recursive resolvers and generic DNS hosting are normally insufficient to handle the large volumes of DNS requests generated and received by businesses, so they must opt for enterprise DNS solutions.

DNS providers offer premium hosting solutions to ensure your websites (e.g., e-commerce) don’t lose performance during busy periods. At the same time, they offer dedicated DNS resolvers with uncontested capacity to handle high volumes of external DNS requests generated from your network (e.g., employees using Microsoft 365, sending e-mails, video conferencing, etc).

Dynamic DNS (DDNS)

In large organisations, thousands of devices (laptops, tablets, VoIP phones, servers) constantly connect and disconnect from the network. Each device uses DNS to receive and send internal and external communications, so managing them manually would be impossible.

Companies use DDNS to automatically update internal DNS records when a device or service IP address changes to solve this internal struggle. This ensures that portable devices and remote workers always work. The underlying technology supporting this is DHCP (Dynamic Host Configuration Protocol).

Split-Horizon DNS

Businesses often run internal and external versions of the same service. Employees inside the network need faster, direct access to internal systems, while customers and external users must access the public-facing versions, which have extra security layers and commercial features.

By using Split-Horizon DNS, businesses can maintain separate DNS records for each, controlling how a domain resolves depending on where the request originates.

For example, an employee within your business WAN can access “company.co.uk” and resolve to an internal IP (10.0.0.5) to see the internal version of the service, which has extra features and performance better.

In contrast, customers accessing “company.co.uk” resolve to a public IP (192.168.1.5), which routes them through external security layers like firewalls and onto the public-facing slick version of the service.

Business DNS providers

Marketing teams often use the term “DNS provider” without specifying whether they mean DNS hosting or DNS resolution. These are two distinct services offered by two distinct types of providers, each offering essential services for businesses.

Quality DNS hosting ensures business websites remain performant and secure, and quality DNS resolution ensures your employees have performant applications to remain productive.

DNS hosting providers

Also known as “Authoritative DNS Providers”, These providers store and manage DNS records for a domain, ensuring that requests for “yourbusiness.co.uk” return the correct IP address.

  • Examples: GoDaddy, Google Domains, Namecheap, and Cloudflare DNS (as a hosting provider, not a resolver).
  • Features: All solutions include >99.9% uptime and built-in DNS security, but only premium solutions can handle high volumes of DNS requests, email hosting and other advanced features.
  • Use cases:
    • Small businesses and startups usually rely on free DNS hosting, which is included with domain registration.
    • Mid-sized or growing companies opt for premium solutions like Cloudflare or AWS Route 53 for better performance.
    • Enterprises use multiple hosting providers for redundancy and failover.

DNS resolution providers

Also known as “Resolvers-as-a-Service” or “Protective DNS”, these are for-hire, paid resolvers designed for businesses that need fast, secure, and policy-driven DNS resolution. They provide custom caching, security filtering, logging, DDoS protection, and compliance features that free public resolvers lack.

  • Examples: Cisco Umbrella, Cloudflare for Teams, Akamai Enterprise DNS, Infoblox, Microsoft Defender DNS, and Palo Alto Networks DNS Security.
  • Use cases: 
    • Small businesses: Typically don’t need private DNS resolvers unless required to meet cybersecurity compliance, or they generate high volumes of DNS requests.
    • Larger businesses: Typically go for DNS providers that provide multi-layered DNS security and custom policy enforcement.

Public DNS providers

Also known as “Public DNS recursive resolvers”, these providers offer free DNS resolution alternatives to your default business broadband provider’s resolver. Businesses using standard broadband connections like SoGEA, cable, and full fibre business broadband can switch to Google’s or Cloudflare’s public DNS resolvers for free, and often experience performance boosts from doing so.

Common services include Google Public DNS (8.8.8.8), Cloudflare DNS (1.1.1.1), OpenDNS, and Quad9. Businesses often test multiple resolvers to find the fastest. Quad9 has additional threat filtering, and Cloudflare offers the best privacy, deleting logs every 24 hours.

SMEs typically select one or two public resolvers for redundancy. Larger businesses use private DNS resolvers and keep these public DNS as a backup.

FAQs – Business DNS

Our business broadband experts answer commonly asked questions regarding DNS for businesses in the UK:

What is the difference between DNS and DHCP?

DNS translates domain names into IP addresses. DHCP (Dynamic Host Configuration Protocol) dynamically assigns IP addresses to devices on a network. See how DNS applies to business networks here.

How do DNS propagation times affect website updates?

After updating DNS records, changes don’t take effect immediately due to DNS propagation: the time it takes for changes to spread across all DNS servers worldwide. This delay can impact how quickly users see updates to a website or experience changes in services, and there is not much anyone can do about it!

Can DNS records stop working during a website migration?

During a website migration, it’s essential to update DNS records carefully to point to the new server’s IP address. Coordinating the timing of DNS changes with the TTL (Time to Live) settings can minimise downtime and ensure a smooth transition for users.

Back to blog Back to broadband guides
Talk to a Networking Specialist

Related

Dynamic DNS Dynamic DNS

Many small businesses prefer the greater control and privacy of self-hosting their websites, emails and VPNs instead of relying on third-party cloud providers. However, not all of them have access to static IP plans. For this niche, self-hosting requires Dynamic DNS (DDNS), which can keep their digital services available even under the dynamic (changing) IPs…

SD-WAN cybersecurity SD-WAN Security

SD-WAN’s ability to control your business’s network devices and cloud services makes it ideal for implementing consistent, network-wide security policies from a single interface. Forget about manually configuring security at each business site or using VPNs to inherit security for remote work. SD-WAN greatly enhances and simplifies security for all employees, both at the office…

We use cookies to give you a better experience of our site and to analyse traffic. Click to view our Privacy Policy or Manage Cookie Choices.
Accept all Reject all