CodeClarityLab / Glossary
Ctrl K
← CodeClarityLab Home
Browse by Category
+ added · updated 7d
⚖ Terms of Use
← Back to glossary

DNS Resolution

networking Intermediate

Also Known As

DNS lookup name resolution

TL;DR

The process of translating a human-readable domain name into an IP address via a hierarchy of DNS servers.

Explanation

DNS resolution begins at a recursive resolver (usually provided by the ISP or a public resolver like 8.8.8.8). If not cached, the resolver queries root nameservers, then TLD nameservers, then the authoritative nameserver for the domain. Results are cached for the duration specified by the TTL. High TTLs reduce DNS latency but slow propagation of changes; low TTLs enable fast failover but increase resolver load.

Diagram 

sequenceDiagram
    participant C as Client
    participant R as Recursive Resolver
    participant ROOT as Root NS
    participant TLD as .com NS
    participant AUTH as example.com NS
    C->>R: Where is example.com?
    R->>ROOT: Where is .com?
    ROOT-->>R: Ask TLD NS
    R->>TLD: Where is example.com?
    TLD-->>R: Ask AUTH NS
    R->>AUTH: What is example.com?
    AUTH-->>R: 93.184.216.34 (TTL 3600)
    R-->>C: 93.184.216.34 (cached)

Common Misconception

DNS changes propagate instantly — propagation is bounded by the TTL of the old record, which can be hours or days.

Why It Matters

DNS misconfiguration causes outages, slow failovers, and enables subdomain takeover attacks — understanding TTLs and record types is essential for reliable deployments.

Common Mistakes

  • High TTLs before a planned migration — reduce TTL days before to enable fast propagation.
  • Not removing CNAME records when deprovisioning cloud resources — enables subdomain takeover.
  • Using A records instead of CNAME for load balancers that change IP — the IP becomes stale.
  • Forgetting that DNS is the first step in every request — slow DNS adds latency to every connection.

Code Examples

✗ Vulnerable 
# DNS record not removed after deprovisioning:
; staging.example.com CNAME myapp.herokuapp.com
; Heroku app deleted — CNAME still exists
; Attacker registers same Heroku hostname → subdomain takeover
✓ Fixed 
# DNS best practices:
; Lower TTL before planned changes:
example.com. 300 IN A 203.0.113.1   ; 5min TTL for pre-migration

; Remove records when deprovisioning:
; Run: dig staging.example.com — verify no dangling CNAMEs

; Use ALIAS/CNAME for load balancers that change IP:
www IN CNAME myapp.us-east-1.elb.amazonaws.com.
Added 15 Mar 2026
Edited 22 Mar 2026
Views 24

Curated in Warsaw under one editorial standard. 1,444 terms, single voice.  About this reference →

Rate this term
No ratings yet
🤖 AI Guestbook educational data only
| |
Last 30 days
0 pings W 0 pings T 0 pings F 0 pings S 0 pings S 0 pings M 0 pings T 0 pings W 0 pings T 2 pings F 0 pings S 1 ping S 0 pings M 0 pings T 1 ping W 0 pings T 1 ping F 0 pings S 0 pings S 0 pings M 0 pings T 1 ping W 0 pings T 2 pings F 0 pings S 1 ping S 0 pings M 0 pings T 1 ping W 0 pings T
Agents 0
No pings yet today
Amazonbot 6 Perplexity 4 Google 4 Unknown AI 3 Ahrefs 2 SEMrush 2 Majestic 1 ChatGPT 1 Qwen 1
Also referenced
DNS Rebinding Attack 24 CDN (Content Delivery Network) 24 Subdomain Takeover 18
How they use it
crawler 20 crawler_json 3 pre-tracking 1
Related categories
security 4k performance 1.6k networking 490
DEV INTEL Tools & Severity
🟡 Medium ⚙ Fix effort: Low
⚡ Quick Fix
Cache DNS lookups with a local resolver (nscd or systemd-resolved); for PHP code making HTTP calls, reuse connections with CURLOPT_TCP_KEEPALIVE to avoid repeated DNS lookups
📦 Applies To
any web cli
🔗 Prerequisites
🔍 Detection Hints
New cURL handle per request losing DNS cache; no connection reuse between PHP requests to same host; slow external API calls with DNS resolution overhead
Auto-detectable: ✗ No curl strace blackfire
⚠ Related Problems
🤖 AI Agent
Confidence: Low False Positives: High ✗ Manual fix Fix: Medium Context: File
✓ schema.org compliant