HSCN Domain Name System (DNS)

Domain Name System (DNS) allows IP network users to use easy-to-identify names in place of numeric IP addresses.

For example, a user typing www.nhs.uk into a web browser will get to the website because DNS tells the user's computer that www.nhs.uk is actually at IP address 217.64.234.65.

DNS also allows operators move servers and services to different IP addresses invisibly, whilst keeping the DNS name the same for users.

A DNS client (typically, a user’s computer or a server) issues a query to their local DNS server.

Domain name data is distributed and/or delegated amongst several name servers. Often, the local DNS server doesn't hold all the data requested, even though local DNS servers do store (cache) answers to recent DNS queries.

If the answer isn't cached, the local DNS server utilises other DNS servers to get the answer.

This process continues until the answer is found, whereupon it is cached for the next user to improve performance.

Although our example uses the nhs.uk domain, the resolving process works for any domain that is registered and in use. An HSCN-user’s DNS request for the IP address of www.microsoft.com is resolved in the same way.

Because DNS is a critical service on HSCN and on the Internet, multiple DNS servers are implemented for resilience at every stage in the resolution path.

The HSCN DNS Service directs all queries destined for the internet to the NCSC’s Protective Domain Name Service (PDNS). PDNS is aimed at disrupting the use of DNS for malware distribution and operation.

PDNS is a free and reliable internet-accessible DNS resolver service for the public sector and is one of the NCSC’s widely deployed Active Cyber Defence capabilities. It has been mandated for use in the public sector by the Cabinet Office.

Further information is available on the NCSC website.

nhs.uk is the registered domain for the UK National Health Service (NHS). The domain nhs.uk is used by the NHS to publish websites and services for use by the public on the internet, and also for use by NHS organisations on HSCN.

nhs.uk is the NHS's apex domain. NHS organisations and certain national services may request their own sub-domain of nhs.uk, such as digital.nhs.uk.

The HSCN DNS service is provided to all HSCN-connected organisations on only the following 2 IP addresses.

The HSCN DNS service is provided to all HSCN-connected Organisations on only the above listed IP addresses.

The N3 network was replaced by HSCN in 2019.

The NHS England DNS Team own and administer nhs.uk DNS for the NHS in England.

NHS National Service Scotland (NSS) administers the sub-domain scot.nhs.uk.

NHS Wales Informatics Service administers the sub-domains wales.nhs.uk and cymru.nhs.uk.

Health and Social Care Northern Ireland (HSCNI) administers the sub-domain n-i.nhs.uk.

DNS change requests must be made directly to these bodies.