Basic Concepts
The DNS system is, at its heart, a translation mechanism between things humans are comfortable dealing with, and things that computers are comfortable dealing with. The human comfy part is essentially the domain name. Something like chrislea.com or nata2.org… something that we can see and recognize and remember. The thing is, your computer doesn’t care about those human readable domain names at all. The computer wants a number, since computers are pretty good at dealing with numbers. Specifically, the computer wants a number known as an IP address. That’s what DNS does.
The way that a domain name actually gets mapped to an IP for your computer is a little complicated, so I’m not going to talk about all the possibilities. The simplified version is that your computer will consult something called a “resolving nameserver”. These are different than “authoritative nameservers” which I’ll talk about in a bit. For now, there are two things to keep in mind.
1. Resolving nameservers are computers whose job it is to answer certain computers when they ask for a domain name to IP address mapping.
2. Your computer will typically use resolving nameservers that are provided by whatever ISP you are connecting to the internet through.
This means, for example, that if you are really unlucky and have Time Warner Cable as your ISP, then when your computer wants to know what IP address to use for say amazon.com, the Time Warner resolving nameservers are there to answer that question.
If you ask for a domain name and the resolvers don’t know the answer already, then the following sequence of things happens very quickly.
1. The resolver figures out what nameserver(s) know what IP is supposed to be used for the given domain.
2. The resolver asks that nameserver (which is the authoritative one) what the answer is.
3. The resolver stores the answer, and sends your computer the information it just got.
That is the basic life cycle of a DNS query. In general, you’ll be asking the resolver for what’s called an “A Record”.
An A Record is an IP address that corresponds to the domain name you asked for.
There are a couple of things to pay attention to here. First off, the nameservers that your domain registrar made you pick as your authoritative nameservers isn’t actually what most client computers talk to. Those authoritative ones spend most of their time answering requests from resolvers. Another important point is that the resolvers store the answers for all the computers that use them. If you’re using those Time Warner resolvers, and somebody else who uses them has gone to Digg prior to you going there, then when you go you’ll get the already stored response. It doesn’t have to do the lookup each time. But, the resolvers will periodically do a fresh lookup, even if it already has an answer in hand.
Also check this diagram out to see it in graphic.
I hope that covers everything but if it doesnt please do post with questions and I'll get back to you.
The two free DNS services are as follows.
OpenDNS -
Make your network safer, more secure, and more reliable.
Industry-leading Web content filtering, anti-phishing, DNS infrastructure and navigation services.
Comodo Secure DNS -
Comodo Secure DNS is a domain name resolution service that resolves your DNS requests through our worldwide network of redundant DNS servers. This can provide a much faster and more reliable Internet browsing experience than using the DNS servers provided by your ISP and does not require any hardware or software installation.
I use the later and have noticed faster browsing and less pop-ups than before.
They are easy to setup and need NOTHING extra for you to download, just slight modifications of your settings to point towards the chosen services DNS servers.
See this page for more on how to do that and links for those with XP, Vista, MAX OS X & Routers.
OpenDNS servers
---------------
208.67.222.222
208.67.220.220
Comodo Secure DNS servers
-------------------------
156.154.70.22
156.154.71.22
Thanks