DNS and Hosts File Explained: Complete Guide for Developers

📖 16 min readUpdated: December 2025
Ever wondered how typing google.com magically connects you to the right server? Or how to set up myapp.local for local development? This comprehensive guide explains DNS (Domain Name System), the hosts file, and how they work together to translate domain names into IP addresses. Perfect for developers who want to understand domain resolution and configure custom local domains.

📋 Table of Contents

What is DNS?

🔑 Key Concept: DNS as the Internet's Phone Book

DNS (Domain Name System) is a distributed hierarchical database that translates human-readable domain names (like example.com) into machine-readable IP addresses (like 93.184.216.34).

Without DNS, you'd have to remember 142.250.185.46 instead of google.com!

Why DNS Exists: IP addresses are hard to remember. Domain names are easy. DNS bridges the gap.

DNS Hierarchy

DNS is organized in a tree-like hierarchy:

DNS Hierarchy Structure
                    . (Root)
                    |
    ┌───────────────┼───────────────┐
    |               |               |
  .com            .org            .net        ← Top-Level Domains (TLDs)
    |               |               |
    |               |               |
example.com    wikipedia.org   archive.net   ← Second-Level Domains
    |
    |
www.example.com                              ← Subdomains
api.example.com
staging.example.com

Full DNS Query Path:
www.example.com → .com → example.com → www

Each level is managed by different nameservers.

DNS Components

Key DNS Components

DNS Resolution Process

When you type a URL in your browser, a complex but fast process happens behind the scenes:

1 Browser Cache Check

Your browser first checks its own DNS cache. If you recently visited the site, the IP is cached here.

  • Chrome: View cache at chrome://net-internals/#dns
  • Cache Duration: Typically 60 seconds to several minutes
  • Clear: chrome://net-internals/#dns → "Clear host cache"

2 Operating System Cache

If not in browser cache, check OS-level DNS cache.

  • Windows: DNS Client service maintains cache
  • macOS: mDNSResponder daemon handles caching
  • Linux: Varies (systemd-resolved, nscd, or no cache)

3 Hosts File Lookup

Before querying DNS servers, the OS checks the hosts file - a local override file.

Priority: Hosts file entries override DNS! This is crucial for local development.

4 DNS Resolver Query

If not found locally, your computer queries the configured DNS resolver (usually your ISP or public DNS).

The resolver either has the answer cached or performs a recursive query.

5 Recursive DNS Query

If resolver doesn't have the answer, it performs a full DNS query:

  • Step 1: Query Root Nameserver → Returns TLD server for .com
  • Step 2: Query .com TLD server → Returns authoritative server for example.com
  • Step 3: Query authoritative server → Returns IP address

6 Cache and Return

The resolver caches the result (based on TTL - Time To Live) and returns the IP to your computer.

Your OS and browser also cache it for future requests.

Complete DNS Resolution Flow
User types: www.example.com in browser

  ┌─────────────────┐
  │ 1. Browser Cache│ ─── Hit? → Return IP (done in <1ms)
  └─────────────────┘       │
            │              Miss
            ▼               │
  ┌─────────────────┐       │
  │ 2. OS Cache     │ ─── Hit? → Return IP (done in ~1ms)
  └─────────────────┘       │
            │              Miss
            ▼               │
  ┌─────────────────┐       │
  │ 3. Hosts File   │ ─── Found? → Return IP (highest priority!)
  └─────────────────┘       │
            │              Not found
            ▼               │
  ┌─────────────────┐       │
  │ 4. DNS Resolver │◄──────┘
  │   (8.8.8.8)     │
  └─────────────────┘
            │
            ▼
  Has cached answer? ─── Yes → Return IP (done in ~10-20ms)
            │
           No
            │
            ▼
  ┌─────────────────────────────────────────┐
  │ 5. Recursive Query (if not cached)      │
  │                                          │
  │  DNS Resolver → Root Server             │
  │       ↓                                  │
  │  Root Server: "Ask .com TLD server"     │
  │       ↓                                  │
  │  Resolver → .com TLD Server             │
  │       ↓                                  │
  │  TLD Server: "Ask example.com's NS"     │
  │       ↓                                  │
  │  Resolver → example.com Authoritative   │
  │       ↓                                  │
  │  Authoritative: "93.184.216.34"         │
  └─────────────────────────────────────────┘
            │
            ▼
  ┌─────────────────┐
  │ 6. Cache Result │ (TTL: 300s - 86400s)
  │   Return to User│
  └─────────────────┘
            │
            ▼
  Browser connects to 93.184.216.34

Total Time: 1-100ms depending on cache hits

DNS Record Types

DNS stores different types of records for different purposes:

Record Type Purpose Example
A Maps domain to IPv4 address example.com → 93.184.216.34
AAAA Maps domain to IPv6 address example.com → 2606:2800:220:1:248:1893:25c8:1946
CNAME Creates alias (points to another domain) www.example.com → example.com
MX Specifies mail servers example.com → mail.example.com (priority 10)
TXT Stores arbitrary text data SPF records, domain verification, DKIM
NS Specifies authoritative nameservers example.com → ns1.example.com, ns2.example.com
SOA Start of Authority (domain metadata) Primary nameserver, admin email, serial number, refresh/retry timers
PTR Reverse DNS (IP to domain) 93.184.216.34 → example.com
SRV Service locator (protocol-specific) _ldap._tcp.example.com → server:port
CAA Certificate Authority Authorization Specifies which CAs can issue SSL certificates

Querying DNS Records

bash 
# Using nslookup (Windows/Mac/Linux)
nslookup example.com
# Output shows A records (IPv4 addresses)

# Query specific record type
nslookup -type=MX google.com
# Shows mail server records

# Using dig (Mac/Linux - more detailed)
dig example.com
# Shows A records with TTL and more details

dig example.com AAAA
# Query IPv6 records

dig example.com ANY
# Query all record types (not always supported)

# Trace full DNS resolution path
dig +trace example.com
# Shows root → TLD → authoritative server path

# Query specific DNS server
dig @8.8.8.8 example.com
# Query Google DNS specifically

The Hosts File Explained

🔑 Key Concept: Hosts File as Local DNS Override

The hosts file is a plain text file on your computer that maps domain names to IP addresses. It's checked BEFORE DNS queries, giving you local control over domain resolution.

Priority: Hosts File > DNS Cache > DNS Servers

Use Cases: Local development domains, blocking websites, testing before DNS changes go live, bypassing DNS issues.

Hosts File Location

Windows Hosts File

Location: C:\Windows\System32\drivers\etc\hosts

Important: No file extension! It's named exactly "hosts" not "hosts.txt"

cmd 
# View hosts file
type C:\Windows\System32\drivers\etc\hosts

# Edit with Notepad (requires admin)
# Right-click Notepad → "Run as administrator"
# Then open: C:\Windows\System32\drivers\etc\hosts

# Or use PowerShell
notepad C:\Windows\System32\drivers\etc\hosts

macOS Hosts File

Location: /etc/hosts or /private/etc/hosts (same file, symlinked)

bash 
# View hosts file
cat /etc/hosts

# Edit with nano (requires sudo)
sudo nano /etc/hosts

# Or use vim
sudo vim /etc/hosts

# Or open in TextEdit
sudo open -e /etc/hosts

Linux Hosts File

Location: /etc/hosts

bash 
# View hosts file
cat /etc/hosts

# Edit with nano
sudo nano /etc/hosts

# Edit with vim
sudo vim /etc/hosts

# Edit with gedit (GUI)
sudo gedit /etc/hosts

Hosts File Syntax

text 
# Hosts file syntax: IP_ADDRESS  DOMAIN_NAME [ALIAS...]
# Lines starting with # are comments

# Default localhost entries (always present)
127.0.0.1       localhost
::1             localhost

# Custom local development domains
127.0.0.1       myapp.local
127.0.0.1       api.myapp.local
127.0.0.1       staging.myapp.local

# Multiple aliases on one line
127.0.0.1       dev.local app.dev myproject.test

# Block websites (redirect to nowhere)
0.0.0.0         example-ad-network.com
0.0.0.0         tracking-site.com

# Point domain to different IP (useful for testing)
192.168.1.100   production-site.com

# IPv6 entries
::1             myapp.local

# IMPORTANT RULES:
# - Use tabs or spaces (tabs preferred)
# - One entry per line
# - Case-insensitive domain names
# - No wildcards (* not supported)
# - Changes take effect immediately (but flush DNS cache)

How to Edit Hosts File

⚠️ Administrator/Root Privileges Required: Editing the hosts file requires elevated permissions. On all operating systems, you must run your text editor as administrator/root. Be careful not to delete default entries - breaking localhost can cause system issues!

1 Open Hosts File with Admin Rights

Windows:

  • Right-click Notepad → "Run as administrator"
  • File → Open → Navigate to C:\Windows\System32\drivers\etc\
  • Change filter to "All Files (*.*)" to see the hosts file
  • Open "hosts" file

macOS/Linux:

sudo nano /etc/hosts

2 Add Your Custom Entry

At the end of the file, add your custom domain mapping:

127.0.0.1       myapp.local

Best Practices:

  • Use .local, .test, or .localhost TLDs (reserved for local use)
  • Avoid .dev (requires HTTPS - Google owns .dev TLD)
  • Group related entries together with comments
  • Document why each entry exists

3 Save the File

Windows Notepad: File → Save (Ctrl+S)

nano: Ctrl+O (write out), Enter, Ctrl+X (exit)

vim: :wq (write and quit)

4 Flush DNS Cache

For changes to take effect in your browser, flush DNS cache:

bash 
# Windows
ipconfig /flushdns

# macOS (Big Sur and later)
sudo dscacheutil -flushcache
sudo killall -HUP mDNSResponder

# Linux with systemd
sudo systemd-resolve --flush-caches

# Linux with nscd
sudo service nscd restart

# Linux with dnsmasq
sudo service dnsmasq restart

5 Clear Browser DNS Cache

Browsers maintain their own DNS cache. Clear it or restart browser:

  • Chrome: chrome://net-internals/#dns → "Clear host cache"
  • Firefox: Restart browser or clear history
  • Edge: edge://net-internals/#dns → "Clear host cache"

6 Test the Configuration

bash 
# Test DNS resolution
ping myapp.local

# Should resolve to 127.0.0.1 and show successful pings

# Or use nslookup (may not respect hosts file on some systems)
nslookup myapp.local

Then open http://myapp.local:3000 in your browser (assuming your dev server is on port 3000).

Custom Local Domains for Development

Using custom domains like myapp.local instead of localhost:3000 provides a more professional development experience and enables testing subdomain-based features.

Benefits of Custom Local Domains

Why Use Custom Domains?

Complete Setup Example

Scenario: React + Express App with API Subdomain

Step 1: Edit Hosts File

127.0.0.1       myapp.local
127.0.0.1       api.myapp.local

Step 2: Flush DNS Cache

ipconfig /flushdns   # Windows
sudo killall -HUP mDNSResponder   # macOS

Step 3: Configure Your Development Servers

React (package.json):

json 
{
  "scripts": {
    "start": "HOST=myapp.local PORT=3000 react-scripts start"
  }
}

Express API (server.js):

javascript 
const express = require('express');
const app = express();

app.listen(4000, () => {
  console.log('API running at http://api.myapp.local:4000');
});

Step 4: Configure Reverse Proxy (Optional but Recommended)

Use Nginx or Apache to remove port numbers:

nginx 
# /etc/nginx/sites-available/myapp.local
server {
    listen 80;
    server_name myapp.local;

    location / {
        proxy_pass http://localhost:3000;
    }
}

server {
    listen 80;
    server_name api.myapp.local;

    location / {
        proxy_pass http://localhost:4000;
    }
}

Step 5: Access Your App

💡 Recommended TLDs for Local Development:

Avoid: .dev (owned by Google, requires HTTPS), .app (requires HTTPS), real TLDs like .com or .net

DNS Cache Management

DNS caching improves performance but can cause confusion when testing DNS changes. Understanding and managing DNS cache is essential for developers.

Cache Levels

Multiple DNS Cache Layers

  1. Browser Cache - Cached in your web browser (60-300 seconds typically)
  2. OS Cache - Operating system DNS cache (varies by OS)
  3. Router Cache - Your home/office router caches DNS (usually several hours)
  4. ISP Cache - Your Internet Service Provider caches DNS (hours to days)

Implication: Flushing your OS cache won't clear upstream caches. DNS propagation can take time due to these multiple layers.

How to Flush DNS Cache

bash 
# ========================================
# WINDOWS
# ========================================
# Flush DNS cache
ipconfig /flushdns

# Display DNS cache contents (before flushing)
ipconfig /displaydns

# ========================================
# macOS
# ========================================
# macOS Big Sur (11) and later
sudo dscacheutil -flushcache
sudo killall -HUP mDNSResponder

# macOS Catalina (10.15) and earlier
sudo killall -HUP mDNSResponder

# ========================================
# LINUX
# ========================================
# systemd-resolved (Ubuntu 18.04+, most modern distros)
sudo systemd-resolve --flush-caches
# Or
sudo resolvectl flush-caches

# Check systemd-resolved status
sudo systemd-resolve --statistics

# nscd (older systems or RHEL/CentOS)
sudo service nscd restart
# Or
sudo /etc/init.d/nscd restart

# dnsmasq (if using dnsmasq)
sudo service dnsmasq restart
# Or
sudo /etc/init.d/dnsmasq restart

# If no DNS cache daemon, nothing to flush
# (Some minimal Linux systems don't cache DNS)

# ========================================
# BROWSER DNS CACHE
# ========================================
# Chrome/Edge: Navigate to chrome://net-internals/#dns
# Click "Clear host cache"

# Firefox: Restart browser or:
# about:config → network.dnsCacheExpiration = 0 (temporarily)

# Safari: Clear history or quit and reopen
💡 Pro Tip: When testing DNS changes, use dig @8.8.8.8 yourdomain.com or nslookup yourdomain.com 8.8.8.8 to query a public DNS server directly, bypassing all local caches. This tells you if DNS has propagated globally, even if your local cache is stale.

DNS Troubleshooting

Common DNS Problems

1. Domain Not Resolving (NXDOMAIN)

Error: "This site can't be reached" or "Server not found"

Causes:

Solutions:

# Check if domain exists
nslookup yourdomain.com

# Query authoritative nameserver directly
dig @ns1.yourdomain.com yourdomain.com

# Check domain registration
whois yourdomain.com

2. Wrong IP Address Returned

Error: Domain resolves but to wrong server

Causes:

Solutions:

# 1. Check hosts file first
cat /etc/hosts   # Mac/Linux
type C:\Windows\System32\drivers\etc\hosts   # Windows

# 2. Flush all DNS caches
ipconfig /flushdns   # Windows
sudo killall -HUP mDNSResponder   # macOS

# 3. Query public DNS to check propagation
dig @8.8.8.8 yourdomain.com
dig @1.1.1.1 yourdomain.com

# 4. Clear browser cache
# chrome://net-internals/#dns → Clear host cache

3. DNS Server Not Responding

Error: Timeout or "DNS server not responding"

Causes:

Solutions:

# Check current DNS server
ipconfig /all   # Windows - look for "DNS Servers"
cat /etc/resolv.conf   # Linux/Mac

# Switch to public DNS
# Google DNS: 8.8.8.8, 8.8.4.4
# Cloudflare DNS: 1.1.1.1, 1.0.0.1

# Test with specific DNS server
nslookup google.com 8.8.8.8

# Check if port 53 is reachable
telnet 8.8.8.8 53

4. Local Domain Not Working (.local)

Error: myapp.local doesn't resolve after editing hosts file

Solutions:

  1. Verify hosts file syntax: 
    # Correct format (space or tab between IP and domain)
127.0.0.1       myapp.local

# Incorrect (no space)
127.0.0.1myapp.local

# Incorrect (wrong IP)
localhost       myapp.local
  2. Flush DNS cache (see commands above)
  3. Restart browser - some browsers aggressively cache
  4. Check for typos - domain names are case-insensitive but must match exactly
  5. Test with ping: 
    ping myapp.local
# Should reply from 127.0.0.1
  6. macOS .local issue: On macOS, .local is reserved for Bonjour/mDNS. Use .localhost or .test instead.

DNS Diagnostic Commands

bash 
# ========================================
# nslookup - Basic DNS lookup (Windows/Mac/Linux)
# ========================================
nslookup google.com
# Shows IP addresses (A records)

nslookup -type=MX google.com
# Query mail server records

nslookup google.com 8.8.8.8
# Query specific DNS server

# ========================================
# dig - Detailed DNS information (Mac/Linux)
# ========================================
dig google.com
# Detailed A record query with TTL

dig google.com AAAA
# Query IPv6 records

dig google.com MX
# Query mail server records

dig +short google.com
# Show only IP address (concise)

dig +trace google.com
# Trace DNS resolution path from root servers

dig @8.8.8.8 google.com
# Query Google DNS specifically

dig -x 8.8.8.8
# Reverse DNS lookup (IP to domain)

# ========================================
# host - Simple DNS lookup (Mac/Linux)
# ========================================
host google.com
# Quick DNS lookup

host -t MX google.com
# Query specific record type

# ========================================
# Check DNS Server Configuration
# ========================================
# Windows
ipconfig /all | findstr "DNS Servers"

# macOS/Linux
cat /etc/resolv.conf
# Or
scutil --dns   # macOS

# ========================================
# Test DNS Propagation
# ========================================
# Query multiple public DNS servers
dig @8.8.8.8 yourdomain.com       # Google
dig @1.1.1.1 yourdomain.com       # Cloudflare
dig @208.67.222.222 yourdomain.com  # OpenDNS
🔐 DNS Security Warning: DNS queries are typically unencrypted. Anyone on your network can see which domains you're visiting. Consider using DNS over HTTPS (DoH) or DNS over TLS (DoT) for privacy. Modern browsers and operating systems support these:

Frequently Asked Questions

Q: Can I use wildcards in the hosts file?

A: No. The hosts file does not support wildcards. You cannot use *.myapp.local to match all subdomains. You must add each subdomain explicitly:

127.0.0.1       myapp.local
127.0.0.1       api.myapp.local
127.0.0.1       admin.myapp.local

For wildcard DNS, you need a local DNS server like dnsmasq.

Q: How do I set up wildcard local domains (*.local)?

A: Use dnsmasq (Linux/Mac) or Acrylic DNS Proxy (Windows). Example with dnsmasq:

# Install dnsmasq (Mac)
brew install dnsmasq

# Configure wildcard
echo "address=/.local/127.0.0.1" >> /usr/local/etc/dnsmasq.conf

# Start dnsmasq
sudo brew services start dnsmasq

# Configure system to use dnsmasq
sudo mkdir -p /etc/resolver
echo "nameserver 127.0.0.1" | sudo tee /etc/resolver/local

Now all *.local domains resolve to 127.0.0.1.

Q: Why does my hosts file not work on some websites?

A: Some browsers and apps use DNS over HTTPS (DoH) which bypasses the hosts file. To fix:

Alternatively, some apps hard-code DNS servers (like 8.8.8.8) and ignore system DNS settings entirely.

Q: What's the difference between localhost and 127.0.0.1?

A: localhost is a hostname that resolves to a loopback IP address. 127.0.0.1 is the actual IPv4 loopback address.

Q: How long does DNS propagation take?

A: DNS propagation depends on TTL (Time To Live) values:

Q: Can I block ads using the hosts file?

A: Yes! Redirect ad domains to 0.0.0.0 (or 127.0.0.1):

0.0.0.0       ads.example.com
0.0.0.0       tracker.example.com
0.0.0.0       malware-site.com

This prevents your computer from connecting to those domains. However:

There are community-maintained hosts files with thousands of ad/tracker domains: Steven Black's hosts

🔗 Related Guides

Understanding Localhost Complete guide to 127.0.0.1 Network Ports Explained Learn about port numbers and allocation HTTP vs HTTPS Explained Web protocols and encryption Connection Refused Errors Fix ERR_CONNECTION_REFUSED Localhost Not Working Troubleshoot localhost issues Troubleshooting Center Interactive problem solver

📚 Further Reading

← Back to Locallhost.dev Home