Every time you type a website address into your browser, something happens behind the scenes that most people never think about. That something is DNS, and while it’s invisible when working correctly, it has a significant impact on your network’s speed, reliability, and security.
What DNS Is
DNS stands for Domain Name System. It’s a distributed directory that translates human-readable domain names (like jmbelanger.ca) into the IP addresses that computers actually use to communicate (192.0.2.1, for example).
Without DNS, you’d need to remember the IP address of every website or service you wanted to reach. DNS does that lookup automatically, billions of times a day, every time anyone connects to anything on the internet.
How a DNS Query Works
When you type an address into your browser:
- Your device asks its configured DNS server: “What is the IP address for this domain?”
- The DNS server either answers from its cache (if it’s looked up this domain recently) or queries other DNS servers further up the hierarchy to find the answer.
- The IP address is returned to your device.
- Your browser connects to that IP address.
This entire process typically takes milliseconds. When DNS is slow or broken, everything feels slow, websites take longer to load, applications lag, and users often blame the internet connection rather than DNS.
Public DNS vs Private DNS
Public DNS servers are operated by third parties and accessible to anyone. Common examples include:
- Quad9:
9.9.9.9and149.112.112.112 - Google:
8.8.8.8and8.8.4.4 - Cloudflare:
1.1.1.1and1.0.0.1 - OpenDNS:
208.67.222.222and208.67.220.220
These are fast, reliable, and free to use. Many routers are configured to use them by default or pass through whatever DNS servers the ISP provides.
Private DNS servers are operated within your own network or by your IT provider. They can resolve internal domain names (like a server called fileserver.local that only exists on your network) and offer more control over DNS behaviour.
For most SMEs, a combination works well: internal DNS for local resources, forwarding to a reliable public resolver for everything else.
Why Your Choice of DNS Server Matters
Speed. DNS response time affects how quickly connections are established. A slow DNS server adds latency to every new connection your devices make. Cloudflare’s 1.1.1.1 consistently ranks among the fastest public resolvers globally.
Reliability. If your DNS server goes down, your internet effectively stops working, even if the connection itself is fine. Using multiple DNS servers as fallbacks is basic resilience.
Privacy. Your DNS provider can see every domain your devices query. Some ISP-provided DNS servers log this data. Cloudflare and others offer privacy-focused resolvers that don’t retain query logs.
Security. This is where DNS becomes particularly valuable for businesses.
DNS Filtering: Security at the Network Level
DNS filtering works by intercepting DNS queries and blocking requests to known malicious, phishing, or inappropriate domains before a connection is ever made.
When a device on your network tries to reach a domain flagged as malicious, a phishing site, a malware command-and-control server, or a known ransomware distribution point, then the DNS filter returns no address, and the connection never happens.
This works for every device on your network automatically, without installing software on individual computers. It’s one of the most cost-effective security controls available to SMEs.
Services like Quad9, Cloudflare Gateway, Cisco Umbrella, and OpenDNS offer DNS filtering with varying levels of control and reporting. Some firewall platforms (including Sophos and Ubiquiti) integrate DNS filtering directly into their security stack.
Common DNS Issues and How to Diagnose Them
“Website not found” errors when the site is accessible from other networks: Often a DNS propagation or caching issue. Try flushing your DNS cache (ipconfig /flushdns on Windows, sudo dscacheutil -flushcache on macOS) or temporarily switching to a public resolver to test.
Everything feels slow, but the internet connection tests fast: Slow DNS resolution is a common cause. Test DNS response times using a tool like DNS Benchmark (Windows) or dig on macOS/Linux.
Internal resources not resolving: If devices can’t find internal servers by name, check that your router or internal DNS server is configured to resolve local domain names and that devices are pointed at the right DNS server.
DNS leaks on a VPN: Some VPN configurations don’t route DNS queries through the VPN tunnel, which can expose browsing activity. Check your VPN’s DNS leak settings if privacy is a concern.