How Name Servers Work
The Difference Between Name Servers and DNS
These terms are often used in similar contexts, but they are technically different.
| DNS | Name Server | |
|---|---|---|
| What is it? | The name for the entire system and set of rules | The actual server that operates within that system |
| Analogy | “The phone book system” | “The person at the desk who holds the phone book” |
DNS (Domain Name System) refers to the entire system for looking up IP addresses from domain names. It is a concept that encompasses protocols, rules, record formats, and more.
A name server is the server that actually responds to queries within the DNS system. It is also called a DNS server, but they are the same thing.
“Name server” = “DNS server” (just different names for the same thing)
What makes this confusing is that “DNS” is used with two meanings:
- DNS = the entire system (Domain Name System)
- DNS server = a server that operates within that system = name server
DNS = the entire system
├── Name server = a server that answers queries (e.g., kellen.ns.cloudflare.com)
├── DNS records = the lookup table the server holds (A, CNAME, MX, NS, TXT...)
├── Resolver = a program on the user side that sends queries
└── Protocol = the rules for queries (UDP port 53, etc.)
In everyday usage, “I changed the DNS” and “I changed the name server” mean roughly the same thing. To be precise:
- “I changed the name server” = I changed which server handles the queries
- “I changed the DNS records” = I changed the entries in the lookup table
How Much Information Does a DNS Server Hold?
Major DNS providers like Cloudflare store DNS records for all their users on their own servers.
[Cloudflare's DNS Servers]
├── Lookup table for example.jp
├── Lookup table for someone-else.com
├── Lookup table for big-company.io
└── ... tens of millions of domains
While this is a massive number, each individual DNS record is a small piece of data, only tens to hundreds of bytes. Even with 100 million records, that would be only tens of gigabytes – easily fitting in the memory of a modern server.
How Record Updates Work
Cloudflare has servers in over 300 locations worldwide. Here is what happens when a single record is changed:
An administrator changes a record in the Cloudflare dashboard
│
▼
Cloudflare's central database is updated
│
▼
The change is propagated to 300+ locations worldwide within seconds
This “worldwide propagation in seconds” is one of Cloudflare’s strengths.
However, even though the update is fast, resolvers that have cached the old information (DNS query programs on the user side) will continue using the old data until the TTL (cache expiration time) runs out, so it takes some time before all users see the change.
Domains and Name Servers Are Separate Things
Domain management involves two distinct roles.
| Domain Ownership (Registrar) | Name Server (DNS) | |
|---|---|---|
| Role | Manages the “title deed” for the domain name | Manages the “lookup table” mapping domain names to destinations |
| Analogy | The land registry office | The guide who gives directions from an address to a house |
You can change the name server to a different company without changing the domain owner.
In other words, you can “keep the land ownership registered with the registrar while having a different company handle the directions.”
What Happens When You Access a Website in a Browser
User accesses "app.example.jp"
│
▼
① Browser → Resolver (recursive resolver)
"What is the IP address for app.example.jp?"
* The resolver is a "query agent" provided by the ISP, OS, 1.1.1.1, etc.
│
▼
② Resolver → Root DNS
"Who manages .jp?"
│
▼
③ Resolver → .jp registry (JPRS)
"What is the name server for example.jp?"
│
▼
④ JPRS responds:
"Ask kellen.ns.cloudflare.com"
│
▼
⑤ Resolver → Cloudflare's name server
"What is the IP address for app.example.jp?"
│
▼
⑥ Cloudflare responds:
"It's xxxxx.cloudfront.net" (CNAME record)
│
▼
⑦ Resolver → returns the result to the browser → CloudFront → website is displayed
The browser never directly queries the root DNS or the registry. The resolver handles everything on its behalf.
NS Delegation (Delegating Subdomains to a Different DNS)
You can delegate certain subdomains to a different DNS service.
example.jp (managed by Cloudflare)
├── app.example.jp → CloudFront (Cloudflare answers directly)
├── www.example.jp → Vercel (Cloudflare answers directly)
├── blog.example.jp → GitHub Pages (Cloudflare answers directly)
│
├── aws.example.jp → "Ask Route53" (NS delegation)
└── azure.example.jp → "Ask Azure DNS" (NS delegation)
For subdomains with NS delegation, Cloudflare does not answer the query itself but instead refers the requester to a different DNS server by saying “ask over there.” This allows each subdomain to be independently managed by a different cloud service.
How Does a Name Server Change Reach the Registry?
When changing name servers, there are three parties involved.
| Party | Role | Example |
|---|---|---|
| Registry | Manages the master database for an entire TLD (.jp, .com, etc.) | JPRS (.jp), Verisign (.com) |
| Registrar | The customer-facing provider for domain sales and administration | Onamae.com (a Japanese registrar), Google Domains, etc. |
| User | The domain owner | You |
Users cannot contact the registry directly. They must always go through a registrar.
① User requests an NS change in the registrar's dashboard
"Please set the NS for example.jp to kellen.ns.cloudflare.com"
│
▼
② Registrar notifies the registry
"Please update the NS record for example.jp"
│
▼
③ Registry updates its zone file
example.jp NS → kellen.ns.cloudflare.com / nora.ns.cloudflare.com
│
▼
④ DNS caches around the world are gradually updated (hours to up to 72 hours)
The user simply instructs the registrar, and the registrar handles the registration with the registry on the user’s behalf.
What Happens to Traffic During a Migration?
After requesting a name server change, it takes time for the registry’s zone file to be updated. During this period, access is not interrupted.
[Transition Period]
Request submitted to registrar
│
▼
Waiting for registry (e.g., JPRS) zone file update ← this is where the delay occurs
During this time, the registry still returns the old name server
→ Records remain on the old name server, so access works normally
│
▼
Registry switches to the new name server
→ The same records have been pre-registered on the new name server, so access works normally
│
▼
Resolver caches around the world are gradually updated
In other words, as long as you keep the records on the old name server intact and pre-register the same records on the new name server, access will not be interrupted during the migration.
How Long Does the Registry Update Take?
The registry’s (e.g., JPRS) zone file is not updated continuously but rather in batches at regular intervals.
Registrar submits the request
│
▼
Registry zone file is updated (hours to 24 hours)
│ * JPRS updates its zone file several times per day
▼
Each resolver's cache expires and is refreshed (up to 24 hours)
│ * Depends on TTL (cache expiration). Typically 86400 seconds = 24 hours
▼
Propagation complete worldwide
When a registrar’s email says “allow 24-72 hours for propagation,” this is a conservative estimate for the combined total of these two stages (registry update + cache propagation). In practice, the switchover often completes within a few hours.
The Big Picture of a Name Server Change
[Before the change]
Registrar ──owns──→ example.jp
Registrar ──DNS───→ manages records for example.jp
[After the change]
Registrar ──owns──→ example.jp (unchanged)
Cloudflare ──DNS───→ manages records for example.jp (only this part changed)
The domain contract, renewal, and payment continue to be handled by the registrar, while adding, modifying, and deleting DNS records is done through Cloudflare. This is the division of responsibilities.