In networks, for communication between nodes, certain numerical values are used. For instance, IP addresses have the form of four decimal digits like Such numbers are difficult to remember, so we also use letter names of sites for convenience. It is the DNS (Domain Name System) that associates the letter name of the website (domains) with the numerical value of the IP address.

All domain names, together with their IP addresses, were added to specialized DNS databases. The main databases are located on physical servers in the form of a hierarchical name structure, which was invented by Dr. Paul Mockapetris.

How unique addresses are created

To simplify the hierarchy of the domain name database, unique addresses were created. They are created by connecting the server name and the domain name. It looks like this: a computer named “tom” that belongs to the domain “” will be called “” But domains can consist of hosts and zones, that is, our domain can host the host along with the zone, and the zone can have subdomain properties, and host other hosts like

All domains have individual databases where DNS data is recorded in the form of plain text files. People usually try to locate such databases on powerful primary DNS servers, and they are the standard with which secondary servers are synchronized. All servers with DNS databases have files describing the status of the primary or secondary server for the zone in which they are located.

Principles of the DNS upward hierarchy

The DNS hierarchy is built from the lower local DNS server to the upstream servers up to the upper root server.

Also, the hierarchy can be expanded to the side due to backup DNS servers, which ensure uninterrupted operation. For these purposes, second-level domains and zones are required to select two or more DNS servers for servicing this domain.

Because of the continuous growth of the Internet network, it was necessary to divide the first-level domains into subdomains for convenience. In turn, all subdomains (zones) act as separate domains, but always query a DNS server through first-level domains.

DNS servers can be recursive and non-recursive

When they receive a request, recursive servers look for the necessary record in themselves and, if they don’t find it, they begin to communicate with DNS servers and will necessarily send a response. In most cases, recursive servers are local and can cache responses, which speeds up the response with repeated identical requests.

Non-recursive servers often have a tremendous capacity to handle a massive number of requests, but they cannot cache responses to search queries for the required records. They simply redirect requests to other DNS servers.

There are three ways to search for IP addresses in a database:

  • Between computers that are in the same zone through a query to the local DNS server that finds the needed address in its local name database.
  • If computers are in different zones, the request passes from the local DNS server to the root DNS server. In turn, the root server finds the desired DNS server and sends a response to the local DNS server. Along with the request, a special TTL value is transmitted, which indicates how long the found IP address will be stored in the cache of the local DNS server. As a result, the time required to process identical requests is significantly reduced.
  • If the computer needs to repeat communication with another computer from another zone, a request to the local DNS server of the native zone is generated. First, the local DNS server accesses its cache and, if it finds the desired name, checks the corresponding TTL value. If the request has not expired, the response is sent to the computer; if the request timed out, the root server is reaccessed.

Why can DNS changes take up to 48 hours?

Any change to the DNS record that is made in the zone file of a specific domain name may take up to 48 hours to synchronize data.
Synchronization time depends on various factors:

  • The specified storage period of information about DNS records in the cache (TTL lifespan).
  • Clock frequencies. The Internet provider caches DNS records, and does not perform timely synchronization with the specific DNS server.
  • Domain name zone updates. Many domain name registries do not often update domain name zones, protecting their root servers from overload.