When the Internet stumbles: Why DNS is important
Last week's massive AWS outage was a reminder that the modern Internet - an ecosystem of billions of connections, services and devices - still depends on a handful of silent, foundational systems. At the top of that list is the Domain Name System (DNS), the essential layer that translates human-readable names into machine-readable addresses. If DNS falters, everything that is built on it will also fail.
Robert Frank, Area Vice President Central Europe at DigiCert
When the AWS US-East-1 region went down, many organizations not only couldn't process requests, they couldn't even report their outages. Without working DNS resolution, systems couldn't find their monitoring or incident reporting endpoints. The event underscored a truth that security experts already know: DNS is not optional "plumbing"; it's the connective tissue of modern cloud-based applications.
A brief introduction: How DNS works
Every digital interaction, from sending an email to launching an app, starts with a DNS lookup. When you type PetStore.com into your browser, your device sends a request to translate that domain name into the appropriate IP address so it knows which server to contact. This process involves two different but complementary systems: recursive DNS and authoritative DNS.
Recursive DNS servers act on behalf of the user. They receive the original request, check cached results and, if necessary, contact other DNS servers, such as an upstream recursive server or authoritative servers, to find the correct IP address. These resolvers are typically operated by a local network administrator, internet service providers (ISPs), cloud platforms or specialized DNS providers. Recursive DNS is what most people interact with - indirectly - every time they go online.
Authoritative DNS, on the other hand, provides the definitive answer for a zone or domain in a tree hierarchy below the "root" servers and top-level domains such as .com, .org or .de. These servers are maintained by domain owners or DNS providers and contain the official records - A, AAAA, MX, TXT, CNAME - that define where traffic should be directed. When a user asks a recursive resolver, "Where is PetStore.com?", the recursive server queries the hierarchy of authoritative DNS servers, which provide an answer for the part of the tree for which they are authoritative (responsible).
Both are critical, but they fulfill very different roles. The AWS incident showed what happens when one side - the recursive layer - fails.
Read more with free registration
Register now for free and get full access to all exclusive articles from GIT SECURITY.
With our newsletter we regularly send you top news from the security industry as well as the latest e-issue.
Business Partner
DigiCert Inc.
US
most read
Romanian Security Summit Debuts in Bucharest
Eastern Europe’s security industry shows strong growth as 2,000+ experts unite at Bucharest’s first summit
Assa Abloy's battery-powered Aperio KL100 secures lockers
Boost workplace security and operational flexibility by securing more than just doors.
Machine & plant safety: The winners of category A at the GIT SECURITY AWARD 2026
GIT SECURITY AWARD 2026: Machine & plant safety - an overview of the most innovative solutions