Radar has landed - discover the latest DDoS attack trends. Get ahead, stay protected.Get the report
Under attack?

Products

Solutions

Resources

Partners

Why Gcore

  1. Home
  2. Developers
  3. What Is Domain Name System (DNS)?

What Is Domain Name System (DNS)?

  • By Gcore
  • August 9, 2023
  • 13 min read
What Is Domain Name System (DNS)?

Any time you’re online, you’re using the Domain Name System (DNS) whether you realize it or not! When we’re online, we typically rely on website names, email addresses, or search engines to find what we need and communicate successfully. However, computers operate differently, communicating with each other using a system of numbers known as IP addresses. Finding and remembering a string of random numbers for every website we want to visit would be near-impossible for us. That’s where DNS comes in handy. DNS translates human-readable website names into IP addresses, allowing us to visit websites, send emails, and book flights by remembering just a catchy address, like gcore.com, instead of a string of numbers, like 92.223.84.84. In this comprehensive guide, you’ll learn everything there is to know about DNS, including what it is, how it works, security concerns, and Gcore Hosting benefits.

What Is DNS?

DNS (the Domain Name System) translates user-friendly website names, like www.gcore.com, into numerical IP addresses that computers use to communicate with each other, like 92.223.84.84 or 2a03:90c0:9994::9994. Both your device and the website you want to view have numbers that need to connect. DNS is like the internet’s phonebook, and IP addresses are like phone numbers.

Beyond websites, DNS is used for all online resources, including:

  • Email: When sending an email, your email client uses DNS to look up the Mail Exchange (MX) records of the recipient’s domain. This is how it knows where to send the email.
  • Video conferencing: Apps like Zoom and Microsoft Teams use DNS to connect users to their servers for video meetings.
  • Mobile apps: Apps on your smartphone that connect to the internet use DNS to convert the domain of the web service into an IP address.
  • Online gaming: Games played online use DNS to connect players to game servers.
  • Internet of things (IoT) devices: Smart home devices use DNS to turn a service’s website name into an IP address so they can use internet services.
  • Cloud: Many cloud services rely on DNS to route traffic and perform load balancing across multiple servers or data centers.
  • Content delivery networks (CDNs): CDNs use DNS to direct a client request to the nearest server holding the cached content.
  • VPNs: VPNs use DNS to resolve the domain names of their servers so that users can connect to them.

Users and servers over a network, with IP addresses used to facilitate network connections

DNS is a distributed database, which means that the IP data it holds is spread out across many servers, rather than being stored in one central place. DNS servers are distributed worldwide, managed by different organizations and internet service providers (ISPs.)

How Does DNS Work?

From the user’s point of view, entering a website address into the browser results in an almost instant content display. To go one level deeper, when the user requests a website (for example,) the DNS resolver gets the IP address from the web server, and then returns the information to the user’s device.

A simple illustration of how users access website content via DNS

However, behind the scenes, the DNS resolver performs a critical process called DNS lookup or DNS recursive query, which is central to how DNS operates. Let’s learn about it in more depth.

What Is DNS Lookup?

DNS lookup is when a DNS resolver asks DNS servers to find the IP address or related information of a domain name. When you enter a domain name in your web browser (or any other internet application,) the DNS resolver starts a DNS lookup to query the domain name into its matching IP address, giving you access to the desired content.

How Does DNS Lookup Work?

How DNS lookup works

Here’s how DNS lookup works:

  1. DNS query initiated: When you enter a domain name in your web browser (or any application requiring internet access,) your device initiates a DNS query to find the corresponding IP address.
  2. DNS resolver cache check: The DNS resolver first checks its local cache—the DNS cache—to see if it recently resolved the same domain name. If the information is found in the cache, it can provide the IP address directly without the need for further queries to the name servers; i.e., we can skip to step 6.
  3. Query root name servers: If the domain information is not found in the DNS cache, the DNS resolver queries the root server. The root name server then responds to the resolver’s query with the TLD name server responsible for the specific domain extension. For this one it is “example.com,” so the TLD is “com.”
  4. Contact TLD name servers: The DNS resolver then queries the TLD name servers to obtain the authoritative name servers addresses responsible for the queried domain (e.g., “example.com.”)
  5. Query authoritative name server: The DNS resolver sends a query to one of the authoritative name servers to obtain the IP address associated with the domain name. The authoritative name servers respond to the DNS resolver with the IP address.
  6. Establish connection: Now that the DNS resolver has obtained the IP address “192.0.2.1”, it sends it back to the user’s browser. The resolver will also store this information in the DNS cache respecting the TTL (time to live), which was provided as a part of the authoritative answer. With the IP address, the computer/device can connect to the appropriate server. The web content is then delivered to the device, allowing the user to access the website.

What Are the DNS Record Types?

DNS records consist of the following common record types: A, AAAA, CNAME, MX, NS, and TXT. Each record is used to store a different type of information about domain names and the resources connected to them, such as an email service or a website’s IP address. DNS records are usually held and managed by the domain registrar or the domain’s authoritative name servers. Let’s explore the specific functions of each of these DNS records in the table below.

DNS Record TypePurposeExample
ATranslates a domain name into an IPv4 addressA record for “example.com” pointing to “192.168.1.1”
AAAATranslates a domain name to an IPv6 addressAAAA record for “example.com” pointing to “2001:0db8:85a3::8a2e:0370:7334”
CNAMECreates an alias for a domain nameCNAME record for “shop” to example.com domain name pointing to “website-builder.ursite.com”
MXShows which mail servers are in charge of receiving emailsMX record for “example.com” pointing to “mail.example.com”
TXTStore text information for various purposes such as SPF configuration or domain name verificationTXT record for “example.com” with an email SPF configuration
NSStands for “name servers;” specifies authoritative name servers for the domain nameNS record for “example.com” pointing to “ns1.example.com” and “ns2.example.com”
SOAProvides essential parameters for the zone, including primary name server and administrator email addressProvides essential parameters for the zone (e.g., ns1.example.com, admin.example.com)

Most domains typically have multiple DNS record types in the zone file, including at least two NS (name server) records. The purpose of having multiple authoritative name servers is to create redundancy, in case one name server is temporarily unavailable, and enhance the availability and reliability of the DNS resolution process for the domain. This redundancy helps to distribute the DNS query load, making the domain more robust and resilient against potential server outages or network issues.

What Are the Components of DNS?

DNS is composed of several key components that work together to facilitate the translation of human-readable domain names into numerical IP addresses. The main DNS components are as follows:

#1 IP Address

IP address, or Internet Protocol address, is a unique set of numbers that identifies any device connected to a computer network. It serves as an identifier for that device, allowing it to send and receive data over the internet or a local network.

A lot of IP address activity happens behind the scenes. You don’t need to remember your device’s IP address or the website’s IP address to connect. DNS handles this for you, ensuring the right IP addresses are used to connect devices and exchange data smoothly. You also don’t usually need to think about your devices’ IP addresses; when you connect to a network, like home Wi-Fi, the router automatically assigns your device an IP address.

What Are IPv4 and IPv6?

Currently, there exist two versions of IP addresses: IPv4 and IPv6 (IP version 4 and IP version 6.) A single device can be assigned both an IPv4 and an IPv6 address.

IPv4 consists of four numbers separated by dots, like this: XXX.XXX.XXX.XXX. Each set can have a value from 0 to 255. For example, an IPv4 address could be 192.168.1.10.

IPv6 is the newer version of the Internet Protocol, created because the number of IPv4 addresses was running out. IPv6 consists of eight groups of four hexadecimal digits separated by colons. For example, an IPv6 address could be 2001:0db8:85a3:0000:0000:8a2e:0370:7334.

Types of IP Address

There are two types of IP address: public and private.

  1. Public IP address: This is a unique set of numbers assigned by your Internet Service Provider (ISP) to your router, which is connected to the internet. It works like a digital “address” for that device, allowing it to communicate with other devices and services on the global internet.
  2. Example: Imagine you have home internet, and your ISP named XYZ Internet Company gives your router a unique public IP address. Here’s what it looks like:
ISP ProviderPublic IP Address
XYZ Internet Company203.56.78.123

203.56.78.123 is your home’s digital address on the internet. When you visit a website, your device uses this address to connect to the website’s server, just like giving someone your home address so they can locate and visit you.

  1. Private IP address: This is a special set of numbers assigned to a device, like a computer within a private network. It is not visible or accessible from the internet. Instead, private IP addresses act as a means for devices in the same network to find and talk to each other.
  2. Example: Let’s say you need to set up an office. A network administrator can set up private IP addresses so that your office’s devices are connected to a local network. Here’s what that looks like:
DevicesPrivate IP Address
Laptop192.168.1.10
Printer192.168.1.30
Network Storage192.168.1.50

In this home office network example, each device is assigned a unique private IP address using the formula 192.168.1.X, where X is a different number per device. These private IP addresses enable seamless communication, data sharing, and collaboration among the devices within the local network.

DNS translates all of these complex numbers into a human-readable format, so we don’t need to keep track of all of these IP addresses for us to connect to the internet!

#2 Domain Name

A domain name is a simple, memorable name that is used to access online resources such as websites and email servers. Examples of domain names include “example.com,” “example.org,” and “example.net.” A domain is structured into different parts, separated by dots. Each part has a specific purpose and contributes to the overall hierarchical structure of the domain name. Here’s the typical structure of a domain name:

A fully-qualified domain name structure

Let’s break this down:

  • Root domain. The root domain is the base domain name without any subdomains. It is the main part of the domain name that represents the website’s identity. For example, in the “www.example.com,” “example.com” is the root domain.
  • Top-level domains (TLDs): This is the last part of a domain name that appears to the right of the furthest right “dot” symbol. TLDs are essential for categorizing and organizing domain names on the internet. Here are some common examples of TLDs:
Top Level Domains (TLD)Description
.comCommercial; commonly used for businesses and commercial websites
.orgOrganization; often used by non-profit organizations and non-commercial entities
.netNetwork; originally intended for network-related websites
Country-code top-Level Domains (ccTLDS)Description
.usCountry code TLD for United States
.ukCountry code TLD for United Kingdom
.caCountry code TLD for Canada

As of July 2023, China’s country code top-level domain (ccTLD) .cn is the most popular worldwide, with almost 30 million registered domains.

  • Second-level domain: A second-level domain is a part of the domain name that appears to the left of the top-level domain (TLD) and is located immediately to the left of the rightmost “dot” symbol. For instance, in the domain “gcore.com,” “gcore” is the second-level domain. Second-level domains serve as specific identifiers for websites, organizations, or individuals. Here are some additional examples below:
Domain NameSecond-Level Domain
gcore.comgcore
linux.orglinux
gov.ukgov
  • Subdomain (third-level domain): The subdomain, also known as third-level domain, is located to the left of the main domain and separated from it by a dot. Subdomains help to organize sections of a website with distinct web addresses. They appear before the main domain in a URL, allowing site owners to keep sections connected to the main domain. For instance, in “blog.example.com,” “blog” is the subdomain, “example” is the second-level domain, and “.com” is the TLD.

Fully-qualified domain example
Example URLSubdomain
www.example.comwww
support.example.netsupport
forum.example.orgforum

#3 DNS Resolver

A DNS resolver or DNS recursor is a server which executes the process of requesting information from authoritative DNS servers to find the IP addresses for domain names. When you enter a domain name in your web browser or perform an action requiring DNS resolution, the DNS resolver first checks its local cache—a temporary storage mechanism—to see if it recently resolved the same domain name. If the information is not found in the cache, the resolver looks for the corresponding IP address by initiating a DNS lookup.

#4 Servers

Specialized servers store and provide DNS information for specific domain names. They are managed by domain registrars, web hosting or cloud providers, or organizations. They work according to a hierarchy, starting from the highest level root name servers, then top-level domain (TLD) name servers, and finally to authoritative name servers for specific domains.

DNS server hierarchy

Each domain has multiple authoritative name servers associated with it. These authoritative name servers are responsible for holding the DNS records containing the corresponding IP address.

Let’s look at each level of the hierarchy in more depth.

  • Root name servers: These are the highest-level DNS servers in the hierarchy, providing information about top-level domain (TLD) name servers. When a DNS resolver needs to find a domain’s IP address, it contacts a root name server, which then directs the resolver to the appropriate TLD name server based on the domain’s extension (e.g., .com, .net, .org.) There are thirteen operators of root name servers worldwide.
  • Top-level domain (TLD) name servers: These servers handle the next level in the DNS hierarchy. They are responsible for specific domain extensions like .com, .org, .net, and country-code TLDs (ccTLDs) like .uk, .ca, etc. Each TLD name server is responsible for storing information about the domain names registered under that specific TLD. The Internet Assigned Numbers Authority (IANA) maintains a list of root zone databases.
  • Authoritative name servers: Authoritative name servers are responsible for storing and supplying specific and definitive DNS records from the second level onwards, including the IP address for the domain. They are officially appointed by either the domain owner or the domain’s registrar. For example, if our Gcore clients wish to use our DNS service, they are required to modify their name server details at the location they originally bought their domain, which is the domain registrar. Here’s what the authoritative name servers looks like:
Authoritative name serversValue
NS1ns1.gcorelabs.net
NS2ns2.gcdn.services

#5 DNS Zone File

A DNS zone file can be likened to an organized filing cabinet. It is a plain text document that houses critical information about a domain name. This file includes resource records, which enable the efficient pairing of domain names with their related requests, streamlining the process of finding what you need.

How a DNS zone file works

Every domain has a zone file of its own, containing different kinds of DNS resource records that describe the domain’s setup. The structure and language used in the zone file follow DNS standards such as RFC 1034 and RFC 1035, which define the architecture and specifications of DNS. This ensures that any DNS file can be easily read and interpreted by all DNS servers and other DNS-related software.

Here’s an example of a DNS zone file:

Components of DNS zone file

Let’s learn what each part means:

  1. Time to live (TTL): The initial line, “$TTL 3600,” establishes the zone’s default time to live (TTL) duration, which is 3600 seconds (1 hour.) The TTL determines how long DNS resolvers should store the records in their cache before looking for new information.
  2. Start of authority (SOA) record: The start of authority (SOA) record sets important details for the zone, like the main name server (ns1.example.com, ns2.example.com) and the email address of the zone’s administrator.
  3. Name server (NS) records: These records are the authoritative name servers that handle the DNS queries such as “ns1.example.com” and “ns2.example.com.”
  4. Address (A) records: This is a type of DNS resource record that maps a domain name to the corresponding IP address of the server hosting the domain. In our example above, the label “@” represents the origin of the domain, e.g., “example.com”), so that the domain itself is mapped to the IP address 192.168.1.10. Additionally, “www.example.com” and “mail.example.com” are mapped to their respective IP addresses.
  5. Mail exchange (MX) records: MX records define the mail servers responsible for receiving email messages for the domain. In this example, all emails for “example.com” will be delivered to the mail server “mail.example.com.”
  6. Canonical name (CNAME) records: CNAME records create aliases or alternate names for specific domain names. They point to the canonical (primary) name of another domain. In the example above, the CNAME record creates an alias for the domain name “ftp.example.com,” pointing it to the same IP address as “www.example.com.”

What Are DNS Attacks?

Since DNS is considered as a backbone of the internet, it is prone to attacks with potentially devastating effects. Tunneling attacks, malware, and DNS flooding are some of the risks associated with DNS. These can impact business owners who manage online services and websites. Potential disruptions as a result of a DNS attack include website service interruption, data breaches, and domain reputation damage, rendering DNS security measures essential.

Here are some of the most common DNS attacks:

DNS AttackDescription
DNS cache poisoningAttackers insert fake information into DNS caches, causing domain names to be resolved incorrectly. By manipulating the cached data in DNS resolvers, they can redirect users to malicious websites, intercept sensitive data or cause a denial of service attack. This attack type exploits vulnerabilities in DNS resolvers and can spread rapidly, affecting a large number of users. Example: Attackers targeted XYZ Company, a file sharing website, by compromising DNS records and injecting malicious data into the DNS resolver’s cache. This manipulation led to the legitimate domain name of XYZ Company being associated with a fake IP address controlled by the attackers.
DNS spoofingMalicious entities create fake DNS responses, leading users to be redirected to fraudulent websites or unintended destinations. In this DNS attack, attackers exploit DNS vulnerabilities to inject fake DNS responses into caches, redirecting users to deceptive destinations. This can result in users unknowingly sharing sensitive information with malicious sites or downloading harmful content. Example: Cybercriminals executed a DNS spoofing attack on ABC-Shop, an e-commerce platform. The attackers used fake DNS responses into the cache that led users to redirect them to the attacker’s website where it posted fake products, instead of to ABC-Shop. The attackers thereby stole customers and damaged ABC-Shops’ reputation with fake, subpar quality goods.
DNS reflectionThis is a type of DDoS attack where the attacker sends fake DNS requests to public DNS servers, using the victim’s IP address as the source. The DNS servers then respond to the victim’s IP, generating a massive flood of responses that overwhelms the victim’s network. Example: TechZone, a computer repair chain, experienced a DNS reflection attack where attackers flooded public DNS servers with fake requests, spoofing TechZone’s IP address. The flood of responses overwhelmed TechZone’s network, disrupting their online services, causing financial losses.
DNS floodingDNS flooding is a type of cyberattack that overwhelms DNS servers with a high volume of request, causing disruptions to services. Malicious actors use techniques like botnets to generate a massive number of DNS queries, exhausting server resources and rendering legitimate services unavailable. Example: Gaming-ABC is a gaming company that was targeted by malicious actors, who flooded its DNS servers with a massive volume of queries using a botnet. The overwhelming number of requests disrupted Gaming-ABC’s DNS infrastructure, causing service disruptions for players trying to access the games.
DNS malwareDNS malware refers to harmful software that alters DNS settings to redirect users to malicious websites. When a device is infected, the malware replaces legitimate DNS servers with unauthorized or malicious ones. Users are unknowingly redirected to fraudulent sites, leading to phishing attacks or malware distribution. To protect against DNS malware, users should update security software and be cautious with links and downloads. Example: Toys Co faces a DNS malware attack when an employee’s device becomes infected. The DNS malware redirects DNS queries to malicious servers controlled by attackers. This leads Toys Co to experience data theft and compromised business operations.

Reliable DNS hosting, a DNS firewall, and mitigation solutions are essential measures to combat cybercrimes and address DNS security concerns.

At Gcore, our mission is to deliver a fast, reliable internet experience for users and create a safe online space for businesses to offer their products and services, free from worries about DNS attacks. Let’s explore how Gcore assists in mitigating DNS security risks and helps your business to succeed in a volatile cybersecurity environment.

Gcore DNS Hosting Benefits

At Gcore, we ensure that your website performance is consistent and outstanding with our DNS Hosting. We provide services to keep you safe from DNS attacks, ensuring that your website stays safe and your customers can always enjoy your business without experiencing downtime.

Let’s explore some key features of Gcore DNS hosting:

Gcore DDoS- and Bot-Protected DNS Hosting

Our DNS Hosting service leverages anycast network technology with hundreds of global nodes, providing superior security and unmatched resilience, even against the most extreme DDoS attacks. We ensure that only legitimate traffic reaches your website. Without proper DDoS protection, your website is vulnerable to DNS attacks that can cause your website to become unavailable to your visitors.

Another security concern is DNS flooding, a type of DDoS attack that employs botnets to generate an overwhelming number of DNS queries, causing resource exhaustion and preventing legitimate users from accessing the website. Website owners are rightly concerned about such an attack, since downtime means lost revenue and lost customers. Gcore Bot Protection defends against this risk.

Gcore DDoS-protected DNS Hosting

Gcore Geobalancing

GeoDNS or Geo Balancing is a DNS capability that leverages the client’s geographical location to deliver personalized DNS responses. Geobalancing is Gcore’s specialized product in this arena. It directs users to the closest or most suitable server based on their geographic region, improving the performance of online services and reducing latency. Users from Asia will be directed to an Asian server, while European users will be sent to a European server. This ensures a better user experience and improved efficiency for your online services.

Gcore’s GeoDNS directs users to their nearest DNS server

Gcore DNS Failover

DNS failover ensures that your business services remain accessible even during server outages. If any of your servers experience downtime, our failover system kicks in automatically, seamlessly redirecting user requests to an available server. This ensures uninterrupted service performance, safeguarding your business operations and customer experience.

DNS failover process

Gcore DNS Advanced Features

Gcore DNS advanced features offer enhanced security and performance measures:

Learn more about Gcore’s DNS solution for an exceptional DNS experience.

Conclusion

DNS plays a critical role in the functioning of the internet, translating human-readable domain names into numerical IP addresses, allowing seamless communication between devices and access to online services. However, DNS management comes with risks, such as DNS attacks that can disrupt services and compromise data security.

At Gcore, we prioritize fast and secure internet using comprehensive DNS solutions like DNS failover, Geobalancing, and anycast network. Trusting us with your DNS management means you can focus on your core business, knowing your website is performing and protected to the highest standard. If you’re interested in learning more or setting up DNS Hosting with us, reach out to our experts.

Explore Gcore DNS

Related articles

What are captions and subtitles, and how do they work?

Subtitles and captions are essential to consuming video content today. But how do they work behind the scenes?Creating subtitles and captions involves a five-step process to ensure that your video’s spoken and auditory content is accurately and effectively conveyed. The five steps are transcription, correction, synchronization/spotting, translation, and simulation/display on screen.The whole process is usually managed using specialized subtitle or caption creator software.In this blog, we explain the five steps in more detail, what the end user sees, and how to choose the right caption/subtitle service for your needs.Step 1: TranscriptionSpoken content is transformed into a text-based format. Formats are different ways to implement the textual elements, depending on technical needs.Transcription creates the raw materials that will be refined in stages 2–4.Step 2: CorrectionCorrection enhances readability by improving the textual flow. Punctuation, grammar, and sentence structure are adjusted so that the user’s reading experience is seamless and doesn’t detract from the content.Step 3: Synchronization/spottingNext, the text and audio are aligned precisely. Each caption or subtitle’s timing is adjusted so it appears and disappears at the correct moment.Step 4: TranslationTranslation is required for content intended for consumption in multiple languages. During this stage, it’s important to consider format requirements and character limitations. For example, a caption that fits on two lines in English might require three in Spanish, and so in Spanish, one caption becomes two. As a result, additional synchronization might be necessary.Step 5: Simulation/display on screenFinally, the captions or subtitles need to be integrated onto the end user’s screen. Formatting issues might arise at this stage, requiring tweaks for an optimal user experience.How does the end user see subtitles and captions?After the technical process of creating captions and subtitles, the next step is understanding how these elements appear to the end user. The type of captions you choose can greatly impact the user experience, especially when considering accessibility, engagement, and clarity. Below, we break down the different options available and how they serve different viewing scenarios.Open captions: These are always visible to viewers and are a fixed part of the video. They’re popular, for example, for video installations in museums and employee training videos—cases where maximum accessibility is the key consideration when it comes to captions and/or subtitles.Closed captions: Viewers can turn these on or off based on preference. For instance, an online course might offer this feature, allowing learners to choose how to consume the content. Students could opt temporarily to turn on closed captions to note the spelling of a new term introduced during the course.Real-time captions: These are great for live events like webinars, where the text appears almost simultaneously as the words are spoken. They keep the audience engaged in real time without missing out on crucial points. For example, ambient noise like chatter in a sports bar might obscure commentary on a live TV basketball game. Real-time captions allow viewers to benefit from near-live commentary regardless of the bar’s noise levels or if the TV’s sound is muted.Burned-in subtitles: These are etched onto the video and cannot be turned off. A promotional video targeting a multilingual audience might use this feature so that everyone understands the message, regardless of their language preference.What to look for in captioning and subtitling servicesTo deliver high-quality captions and subtitles, it's important to choose a provider that offers key features for accuracy, efficiency, and audience engagement.Original language transcription: Accurate documentation of every spoken word in your video for unrivaled accuracy.Tailored translation: Localized content that integrates translations with cultural relevance, increasing resonance with diverse audiences.Alignment synchronization: Time-annotated subtitles, matching words perfectly to the on-screen action.Automatic SRT file generation: A simplified subtitling and captioning process through effortless file creation for a better user experience.Transform your videos with cutting-edge captions and subtitles from GcoreNo matter your video content needs, it’s essential to be aware of the best type of captions and subtitles for your audience’s needs. Choosing the right format ensures a smoother viewing experience, better accessibility, and stronger engagement across every platform.Gcore Video Streaming offers subtitles and closed captions to enhance users’ experience. Each feature within the subtitling and captioning toolkit is crafted to expand your video content’s reach and impact, catering to a multitude of use cases. Embedding captions is quick and easy, and AI-automated speech recognition also saves you time and money.Try Gcore's automated subtitle and caption solution for free

Why captions and subtitles are essential for video engagement

From TikToks on silent commutes to training videos in noisy offices, silent viewing is now standard. Captions and subtitles aren’t just accessibility features anymore. They’re essential for user engagement, global reach, and video performance.This article explores why captions and subtitles matter and how they boost engagement with your videos, providing a better user experience for your audience. If you want to know how captions and subtitles work, we’ve got an article for that too.How subtitles and captions improve your video performanceSubtitles are now widely used across platforms and age groups. For many younger viewers, reading along while watching is second nature, especially on social media. For others, subtitles are a practical solution: watching videos in public spaces, scrolling during breaks, or learning on the go—all without needing sound.Captions offer tangible benefits across four key areas:Engagement and comprehension: Improve clarity in movies, boost understanding in online courses, and increase focus in business content.Accessibility and inclusion: Make content available to hard-of-hearing users and break language barriers for global audiences.SEO and discoverability: Search engines can crawl subtitle text, making your video content more findable, even when autoplayed without sound.Silent usability: Your content works in all environments, from crowded trains to quiet offices.Captions have shifted from niche to norm, helping creators reach more people, boost retention, and deliver clearer messages.Common challenges and their solutionsImplementing captions at scale poses three major challenges: cost, delay, and accuracy. Here's why these challenges exist and how Gcore Video Streaming can help you overcome them at the click of a button.CostInvesting in high-quality transcriptions can be a financial burden, especially for smaller players in online education. Specialized expertise is required for accurate educational content, and human oversight adds ongoing labor costs. Transcription is a recurring expense that grows with multiple languages or regulatory compliance.Gcore scalable AI-powered transcription services reduce reliance on costly manual processes, offering affordable, multi-language support with built-in compliance features, making transcription cost-effective for all budgets.Delay/latencyIn live events, even slight delays in captioning can disengage audiences. For example, in a Formula One race, missing real-time commentary on pit stops or track conditions can leave viewers confused or frustrated. Lagging captions fail to keep pace with the action, breaking immersion.Real-time AI ASR (automatic speech recognition) from Gcore minimizes captioning delay, so that live captions sync perfectly with events, keeping viewers fully engaged without lag.AccuracyA small text error in captions can distort the message and harm reputation. Errors in MOOCs or corporate webinars risk undermining credibility and discouraging future participation. Precision is critical to maintain trust and clarity.Gcore leverages advanced AI models fine-tuned for domain-specific vocabulary and includes automated quality checks, drastically reducing errors and preserving message integrity across all video content.Enhance your video content with Gcore AI-powered caption and subtitles toolsCaptions are now a strategic content layer, not just an accessibility checkbox. With video now the dominant format across marketing, education, and entertainment, it's critical to implement captions efficiently, affordably, and at scale.Gcore’s AI-powered Video Streaming lets you generate accurate, real-time captions across multiple languages with minimal developer effort. Built-in AI ASR (automatic speech recognition) means your captions stay synchronized even during fast-paced live events. Whether you’re running an LMS, hosting global events, or publishing OTT content, Gcore Video Streaming helps you scale captions with speed and precision.Request a demo of Gcore AI ASR

How to cut egress costs and speed up delivery using Gcore CDN and Object Storage

If you’re serving static assets (images, videos, scripts, downloads) from object storage, you’re probably paying more than you need to, and your users may be waiting longer than they should.In this guide, we explain how to front your bucket with Gcore CDN to cache static assets, cut egress bandwidth costs, and get faster TTFB globally. We’ll walk through setup (public or private buckets), signed URL support, cache control best practices, debugging tips, and automation with the Gcore API or Terraform.Why bother?Serving directly from object storage hits your origin for every request and racks up egress charges. With a CDN in front, cached files are served from edge—faster for users, and cheaper for you.Lower TTFB, better UXWhen content is cached at the edge, it doesn’t have to travel across the planet to get to your user. Gcore CDN caches your assets at PoPs close to end users, so requests don’t hit origin unless necessary. Once cached, assets are delivered in a few milliseconds.Lower billsMost object storage providers charge $80–$120 per TB in egress fees. By fronting your storage with a CDN, you only pay egress once per edge location—then it’s all cache hits after that. If you’re using Gcore Storage and Gcore CDN, there’s zero egress fee between the two.Caching isn’t the only way you save. Gcore CDN can also compress eligible file types (like HTML, CSS, JavaScript, and JSON) on the fly, further shrinking bandwidth usage and speeding up file delivery—all without any changes to your storage setup.Less origin traffic and less data to transfer means smaller bills. And your storage bucket doesn’t get slammed under load during traffic spikes.Simple scaling, globallyThe CDN takes the hit, not your bucket. That means fewer rate-limit issues, smoother traffic spikes, and more reliable performance globally. Gcore CDN spans the globe, so you’re good whether your users are in Tokyo, Toronto, or Tel Aviv.Setup guide: Gcore CDN + Gcore Object StorageLet’s walk through configuring Gcore CDN to cache content from a storage bucket. This works with Gcore Object Storage and other S3-compatible services.Step 1: Prep your bucketPublic? Check files are publicly readable (via ACL or bucket policy).Private? Use Gcore’s AWS Signature V4 support—have your access key, secret, region, and bucket name ready.Gcore Object Storage URL format: https://<bucket-name>.<region>.cloud.gcore.lu/<object> Step 2: Create CDN resource (UI or API)In the Gcore Customer Portal:Go to CDN > Create CDN ResourceChoose "Accelerate and protect static assets"Set a CNAME (e.g. cdn.yoursite.com) if you want to use your domainConfigure origin:Public bucket: Choose None for authPrivate bucket: Choose AWS Signature V4, and enter credentialsChoose HTTPS as the origin protocolGcore will assign a *.gcdn.co domain. If you’re using a custom domain, add a CNAME: cdn.yoursite.com CNAME .gcdn.co Here’s how it works via Terraform: resource "gcore_cdn_resource" "cdn" { cname = "cdn.yoursite.com" origin_group_id = gcore_cdn_origingroup.origin.id origin_protocol = "HTTPS" } resource "gcore_cdn_origingroup" "origin" { name = "my-origin-group" origin { source = "mybucket.eu-west.cloud.gcore.lu" enabled = true } } Step 3: Set caching behaviorSet Cache-Control headers in your object metadata: Cache-Control: public, max-age=2592000 Too messy to handle in storage? Override cache logic in Gcore:Force TTLs by path or extensionIgnore or forward query strings in cache keyStrip cookies (if unnecessary for cache decisions)Pro tip: Use versioned file paths (/img/logo.v3.png) to bust cache safely.Secure access with signed URLsWant your assets to be private, but still edge-cacheable? Use Gcore’s Secure Token feature:Enable Secure Token in CDN settingsSet a secret keyGenerate time-limited tokens in your appPython example: import base64, hashlib, time secret = 'your_secret' path = '/videos/demo.mp4' expires = int(time.time()) + 3600 string = f"{expires}{path} {secret}" token = base64.urlsafe_b64encode(hashlib.md5(string.encode()).digest()).decode().strip('=') url = f"https://cdn.yoursite.com{path}?md5={token}&expires={expires}" Signed URLs are verified at the CDN edge. Invalid or expired? Blocked before origin is touched.Optional: Bind the token to an IP to prevent link sharing.Debug and cache tuneUse curl or browser devtools: curl -I https://cdn.yoursite.com/img/logo.png Look for:Cache: HIT or MISSCache-ControlX-Cached-SinceCache not working? Check for the following errors:Origin doesn’t return Cache-ControlCDN override TTL not appliedCache key includes query strings unintentionallyYou can trigger purges from the Gcore Customer Portal or automate them via the API using POST /cdn/purge. Choose one of three ways:Purge all: Clear the entire domain’s cache at once.Purge by URL: Target a specific full path (e.g., /images/logo.png).Purge by pattern: Target a set of files using a wildcard at the end of the pattern (e.g., /videos/*).Monitor and optimize at scaleAfter rollout:Watch origin bandwidth dropCheck hit ratio (aim for >90%)Audit latency (TTFB on HIT vs MISS)Consider logging using Gcore’s CDN logs uploader to analyze cache behavior, top requested paths, or cache churn rates.For maximum savings, combine Gcore Object Storage with Gcore CDN: egress traffic between them is 100% free. That means you can serve cached assets globally without paying a cent in bandwidth fees.Using external storage? You’ll still slash egress costs by caching at the edge and cutting direct origin traffic—but you’ll unlock the biggest savings when you stay inside the Gcore ecosystem.Save money and boost performance with GcoreStill serving assets direct from storage? You’re probably wasting money and compromising performance on the table. Front your bucket with Gcore CDN. Set smart cache headers or use overrides. Enable signed URLs if you need control. Monitor cache HITs and purge when needed. Automate the setup with Terraform. Done.Next steps:Create your CDN resourceUse private object storage with Signature V4Secure your CDN with signed URLsCreate a free CDN resource now

How do CDNs work?

Picture this: A visitor lands on your website excited to watch a video, buy an item, or explore your content. If your page loads too slowly, they may leave before it even loads completely. Every second matters when it comes to customer retention, engagement, and purchasing patterns.This is where a content delivery network (CDN) comes in, operating in the background to help end users access digital content quickly, securely, and without interruption. In this article, we’ll explain how a CDN works to optimize the delivery of websites, applications, media, and other online content, even during high-traffic spikes and cyberattacks. If you’re new to CDNs, you might want to check out our introductory article first.Key components of a CDNA CDN is a network of interconnected servers that work together to optimize content delivery. These servers communicate to guarantee that data reaches users as quickly and efficiently as possible. The core of a CDN consists of globally distributed edge servers, also known as points of presence (PoPs):Origin server: The central server where website data is stored. Content is distributed from the origin to other servers in the CDN to improve availability and performance.Points of presence (PoPs): A globally distributed network of edge servers. PoPs store cached content—pre-saved copies of web pages, images, videos, and other assets. By serving cached content from the nearest PoP to the user, the CDN reduces the distance data needs to travel, improving load times and minimizing strain on the origin server. The more PoPs a network has, the faster content is served globally.How a CDN delivers contentCDNs rely on edge servers to store content in a cache, enabling faster delivery to end users. The delivery process differs depending on whether the content is already cached or needs to be fetched from the origin server.A cache hit occurs when the requested content is already stored on a CDN’s edge server. Here’s the process:User requests content: When a user visits a website, their device sends a request to load the necessary content.Closest edge server responds: The CDN routes the request to the nearest edge server to the user, minimizing travel time.Content delivered: The edge server delivers the cached content directly to the user. This is faster because:The distance between the user and the server is shorter.The edge server has already optimized the content for delivery.What happens during a cache miss?A cache miss occurs when the requested content is not yet stored on the edge server. In this case, the CDN fetches the content from the origin server and then updates its cache:User requests content: The process begins when a user’s device sends a request to load website content.The closest server responds: As usual, the CDN routes the request to the nearest edge server.Request to the origin server: If the content isn’t cached, the CDN fetches it from the origin server, which houses the original website data. The edge server then delivers it to the user.Content cached on edge servers: After retrieving the content, the edge server stores a copy in its cache. This ensures that future requests for the same content can be delivered quickly without returning to the origin server.Do you need a CDN?Behind every fast, reliable website is a series of split-second processes working to optimize content delivery. A CDN caches content closer to users, balances traffic across multiple servers, and intelligently routes requests to deliver smooth performance. This reduces latency, prevents downtime, and strengthens security—all critical for businesses serving global audiences.Whether you’re running an e-commerce platform, a streaming service, or a high-traffic website, a CDN ensures your content is delivered quickly, securely, and without interruption, no matter where your users are or how much demand your site experiences.Take your website’s performance to the next level with Gcore CDN. Powered by a global network of over 180+ points of presence, our CDN enables lightning-fast content delivery, robust security, and unparalleled reliability. Don’t let slow load times or security risks hold you back. Contact our team today to learn how Gcore can elevate your online presence.Discover Gcore CDN

What is a CDN?

Whether you’re running an e-commerce store, streaming videos, or managing an app, delivering content quickly and reliably is essential to keeping users satisfied. This is where a content delivery network (CDN) comes into play. A CDN is a globally distributed network of servers that work together to deliver content to users quickly, minimizing latency. Instead of relying on a single server, a CDN uses edge servers—called points of presence (PoPs)—to cache or temporarily store copies of your content closer to the user. This optimizes website performance, drastically cuts down on load times, and improves the user experience. Research suggests that a one-second lag in page loading speed can significantly decrease engagement, citing a 7% decline in conversions and an 11% decrease in page visits. CDNs considerably speed up load times by reducing latency through content caching closer to the user. By splitting up your website’s traffic over several servers, CDNs also protect it from online threats. Distributed denial-of-service (DDoS) attacks are lessened by CDNs because they spread traffic among a network of servers, improving security and availability. What Challenges Do CDNs Address?CDNs tackle two key challenges to improve website and application performance: Slow load times: Users sometimes experience frustratingly slow-loading websites and applications. This is because data must travel from a server to the end user’s device, causing latency. CDNs move servers closer to end users, reducing the distance that data has to travel and speeding up load times.  High traffic volumes: High traffic volumes during peak times or cyberattacks can overwhelm your website and lead to latency or site unavailability. Since CDNs distribute traffic across multiple servers, no single server is overwhelmed. This helps prevent crashes and delivers smooth performance for all users.Common Use Cases for CDNsCDNs are vital across a range of industries, providing measurable improvements in content delivery and user experience. E-commerce websites use CDNs to guarantee quick page loading and frictionless shopping experiences, even during periods of high traffic. Speed is crucial for online businesses. A study found that the average cost of downtime for e-commerce websites is around $500,000 per hour. This includes lost sales, operational costs, and long-term damage to brand reputation Streaming services rely on CDNs to deliver high-quality video content while minimizing buffering. Netflix states that its CDN contributes to the daily delivery of over 125 million hours of streaming content, guaranteeing a seamless experience for customers worldwide. Gaming companies use CDNs to lower latency and provide a consistent real-time user experience, especially during live multiplayer matches, where it is essential to preserve an engaging and fair gameplay experience. News outlets and blogs benefit from CDNs by ensuring their content loads quickly for readers around the world, during large-scale traffic surges, especially during major events like elections or breaking news.  The Benefits of a CDNFaster Website PerformanceEvery second counts when delivering content online. Slow websites frustrate users and harm your business. CDNs speed up content delivery by caching data closer to users, reducing page and file load times. Whether you’re delivering static content (such as CSS, HTML or JPG files) or dynamic content (like data generated by user interactions or API calls), a CDN ensures optimal performance regardless of user location. While factors like DNS settings, server configurations, and code optimization all play a role, the physical distance between your origin server and your users is a factor that only a CDN can solve. Increased Availability and ReliabilityDowntime can seriously affect online businesses. Hardware failures, traffic surges, and cyberattacks can reduce your website’s availability, harming your customers’ experience and causing financial or reputational damage. In fact, around 98% of organizations report that just one hour of downtime costs over $100,000. A CDN ensures that your website remains available, fast, and reliable by leveraging essential features such as: Load balancing: This process dynamically distributes traffic across multiple servers to optimize performance and prevent overload.Intelligent failover: Automatically redirects traffic if a server goes offline, ensuring continuity with minimal disruption.Anycast routing: Directs users to the closest or most efficient server, further reducing latency and enhancing response times.Security FeaturesAs cyber threats continue to grow in sophistication and frequency, securing your website or application is more critical than ever. According to recent statistics from Cobalt’s 2024 Cybersecurity Report, weekly attacks worldwide increased by 8% in 2023, while attackers used more sophisticated strategies to exploit vulnerabilities. Strong security measures that not only safeguard your website but also guarantee optimal performance are necessary in light of these evolving threats. CDN security features not only improve website performance but also defend against a wide range of attacks by distributing traffic across multiple servers, which mitigates DDoS attacks and filters out malicious traffic before it reaches your website. These features, from DDoS protection to safeguarding APIs, help maintain uptime, protect sensitive data, and guarantee a seamless user experience. Most modern solutions like Gcore CDN integrate robust security measures into content delivery, such as:SSL/TLS encryption facilitates secure data transmission by encrypting traffic, protecting sensitive information from being intercepted.L3/L4 DDoS protection blocks large-scale cyberattacks designed to flood your network and disrupt services.L7 DDoS protection guards your website from more complex attacks targeting how the website functions, helping it continue to operate smoothly.Web application firewall (WAF) acts as a shield, blocking harmful traffic such as hacking attempts or malicious scripts before they can affect your site.API security protects the communication between your application and other software, preventing unauthorized access or data theft.Bot protection identifies harmful automated traffic (bots), preventing activities like data scraping or login attempts with stolen credentials while allowing useful bots (like search engine crawlers) to function normally. Elevate Your Online Experience With a CDNA CDN is no longer a luxury—it’s a necessity for businesses that want to deliver fast, reliable, and secure online experiences. Whether your goal is to optimize performance, manage high traffic, or protect your site from attacks, a well-configured CDN makes all the difference.Ready to enhance your website’s performance? Our futureproof CDN runs on a global network of over 180 points of presence, so your customers get outstanding performance no matter where in the world they’re located. Get in touch with our team today to learn how our CDN can benefit your business.Discover Gcore CDN

How to Migrate Your Video Files to Gcore Video Streaming

Migrating large volumes of video files from different platforms can be daunting and time-consuming, often discouraging companies from moving to a superior provider. But it doesn’t have to be this way. We’ve created this three-step guide to help you efficiently migrate your video files to Gcore from other popular streaming platforms.Step 1: Get Links to Your VideosFirst, obtain links to your videos and download them. Look for your provider in the list below, or refer to the general SFTP/S3 storage section if applicable. After completing the steps for your provider, go straight to step 2.Google DriveShare the file: Open Google Drive and locate the MP4 file you want to download. Right-click on the file and select “Share.”Get the shareable link: In the sharing settings, click “Get link.” Ensure the link-sharing option is turned on.Set sharing permissions: Adjust the sharing permissions so “Anyone with the link” can view or download the file. Copy the generated link.Amazon S3Edit S3 block public access settings: Go to the S3 management console, select the bucket containing your MP4 file, and edit the Block Public Access settings if necessary.Add a bucket policy: Implement a bucket policy that grants public read access to your files.Get the list of objects: Navigate to the Objects tab, find your MP4 file, and click on the file to obtain the Object URL, which will be your download link.VimeoAccess the video: Log in to your Vimeo account and go to the video you wish to download.Select options: Click on the “Settings” button (gear icon) below the video player.Get video file link: In the settings menu, go to the “Video File” tab, where you can find the download link for your MP4 file.MUXEnable master access: Log in to your MUX account, navigate to the video asset, and enable master access if it’s not already enabled.Retrieve URL to master: Once master access is enabled, the URL to the master file will be available in the video asset details. Copy this URL for downloading the file.DropboxCreate a shareable link: Log in to your Dropbox account and locate the MP4 file you want to share. Click on the “Share” button next to the file.Set access permissions: In the sharing settings, create a link and set the permissions to “Anyone with the link.” Copy the generated link to download the file.General SFTP or S3 StorageAccess storage: Log in to your SFTP or S3 storage service control panel.Manage buckets/directories: Navigate to the appropriate bucket or directory containing your MP4 files.Retrieve download links: Generate HTTP/S links for the files you want to download. You can then use these links to download the files directly.Step 2: Check Availability to DownloadEnsure that your video files are available and ready for download, preventing any interruptions or issues during the migration process.Open HTTP/S link in a browser: Copy the HTTP/S link for the MP4 file and paste it into your browser’s address bar. Press Enter to navigate to the link.Check the video plays correctly in the browser: Verify that the video starts playing once the link is opened. This step ensures that the file is accessible and the link is functioning properly.Right-click to download: While the video is playing, right-click on the video player. Select “Save video as…” from the context menu. Choose a destination on your local disk to save the MP4 file.Step 3: Upload to Gcore Video StreamingNo matter which provider you’re migrating from, you need to upload your videos to Gcore Video Streaming storage. There are three primary methods to upload videos to Gcore storage:Copy from external storage: If your videos are available via public HTTPS URLs, you can directly copy the video files from external storage to Gcore. This method efficiently transfers files without downloading them to your local device first.Upload from a local device: Videos can be uploaded from your local host, backend, browser, or mobile app using the TUS resumable upload protocol. This method is resilient to interruptions, ensuring a smooth upload process by resuming from the point of failure.Batch upload: This method will soon be available to migrate extensive collections of videos, allowing you to transfer vast numbers of video files efficiently.The simplest migration option is to obtain video URLs and copy them to Gcore Video Hosting, eliminating the need to download and reupload videos.Example API Request to Copy Video from External StorageTo copy a video from another server, specify the origin_url attribute in the POST API request. The original video will be downloaded for video hosting on our server. Here is an example of the API request to set a task for copying a video from external storage:curl -L 'https://api.gcore.com/streaming/videos/' \-H 'Content-Type: application/json' \-H 'Authorization: APIKey 1234$0d16599c' \-d '{ "video": { "name": "Gcore Demo", "description": "Video copied from an external S3 Storage", "origin_url": "https://s-ed1.cloud.gcore.lu/demo-video/gcore.mp4" } }Refer to the complete documentation for detailed steps and examples of API requests. The original file must be in MP4 format or one of the following formats: 3g2, 3gp, asf, avi, dif, dv, flv, f4v, m4v, mov, mp4, mpeg, mpg, mts, m2t, m2ts, qt, wmv, vob, mkv, ogv, webm, vob, ogg, mxf, quicktime, x-ms-wmv, mpeg-tts, vnd.dlna.mpeg-tts. Streaming formats like HLS (.m3u8/.ts) and DASH (.mpd/.m4v) are intended for final video distribution and cannot be used as original file formats. Here are examples of good and bad links:Good link: https://demo-files.gvideo.io/gcore.mp4Bad link (chunked HLS format): https://demo-files.gvideo.io/hls/master.m3u8Note: Currently, only one video can be uploaded per request, so transferring your library in batches will require automation.Migrate to Gcore Video Streaming TodayGcore Video Streaming makes video migration easy with support for multiple sources and automatic transcoding. Whether you’re moving files from cloud storage, hosting platforms, or API-based services, Gcore streamlines video administration. Store, process, and distribute videos in various formats, complete with features like subtitles and timeline previews.With seamless migration and automatic transcoding, Gcore ensures your videos are optimized and ready for distribution, saving you time and effort. Simplify your video management and ensure your content is always accessible and in the best format for your audience with Gcore’s robust video streaming solutions.

Subscribe to our newsletter

Get the latest industry trends, exclusive insights, and Gcore updates delivered straight to your inbox.