How DNS Resolution Works
Breaking Down DNS Resolution with Real dig Examples
β Introduction :
β€· Every time you type google.com in your browser, something important happens in the background.
Your computer does not understand website names. It only understands IP addresses.
β€ DNS (Domain Name System) helps convert:
google.com β IP address
β€ That is why DNS is called the internetβs phonebook.
β€ In this blog, we will understand how DNS works step by step using a tool called dig.
β What is DNS and Why Do We Need It?
β€ Humans like easy names:
β€ Computers like numbers:
- 142.250.185.46
β€ Without DNS:
You would need to remember IP addresses
Websites changing servers would break bookmarks
β€ DNS solves this by:
Mapping domain names to IP addresses
Working in a distributed way, not from one single server
Making the internet fast, scalable, and reliable
β What is dig and Why Is It Used?
β€ dig stands for Domain Information Groper.
β€ It is a command-line tool used to:
Check DNS records
Understand how DNS resolution works
Debug DNS problems
Learn DNS deeply
Basic command:
dig google.com
Unlike browsers (which hide DNS details), dig shows exactly what is happening.
β DNS Works in Layers (Hierarchy)
DNS is not one server.
It works in three main layers:
Each layer only knows the next layer, not everything.
β Layer 1 : Root Name Servers (dig . NS)
Command:
dig . NS
This asks:
Who manages the root of DNS?
What root servers do:
They are the top of DNS
They do NOT know website IPs
They only know where TLD servers are
Example response idea:
I donβt know google.com, but I know who manages .com
Important points:
There are 13 root server names
They are spread across the world
Very reliable and fast
β Layer 2 : TLD Name Servers (dig com NS)
Command:
dig com NS
This asks:
Who manages the .com domain?
What TLD servers do:
They manage domains like
.com,.org,.netThey do NOT know IP addresses
They point to authoritative servers
Example response idea:
I donβt know googleβs IP, but I know Googleβs name servers
β Layer 3 : Authoritative Name Servers (dig google.com NS)
Command:
dig google.com NS
This asks:
Who is responsible for google.com?
Authoritative servers:
Are owned by the domain owner (Google)
Store real DNS records
Are the source of truth
They contain:
A records (IP address)
MX records (email)
TXT records (verification)
Example:
ns1.google.com
ns2.google.com
These servers finally know:
Yes, this is the IP address of google.com
β Full DNS Resolution (dig google.com)
Command:
dig google.com
This gives:
IP address
TTL (how long it can be cached)
Which DNS server answered
β€ What happens behind the scenes:
Check cache
Ask root server
Root points to
.com.compoints to Google serversGoogle server returns IP
Result is cached
TTL example:
300 seconds
Means the result can be reused for 5 minutes.
β What Are NS Records and Why Are They Important?
β€· NS (Name Server) records tell:
Who controls a domain
Where DNS queries should go next
β€ They are important because:
DNS is distributed
No single server controls everything
Multiple servers give backup (redundancy)
If one server fails, another works.
β What is a Recursive Resolver?
β€· Your computer does not talk to root servers directly.
β€ Instead, it uses a recursive resolver, such as:
8.8.8.8 (Google DNS)
1.1.1.1 (Cloudflare DNS)
ISP DNS
Flow:
Your PC β Recursive Resolver β Root β TLD β Authoritative
β€ The resolver:
Does all DNS work for you
Caches results
Returns final IP
β DNS and Real Browser Requests
β€· When you open a website:
Browser checks cache
OS checks cache
Recursive resolver is asked
DNS resolution happens
IP address is returned
Browser connects using HTTP/HTTPS
β€ DNS usually takes:
20β120 ms if not cached
<10 ms if cached
Thatβs why DNS feels instant.
β DNS from a System Design View
β€ DNS is designed to be:
Distributed
Fast
Fault-tolerant
Scalable
β€ Important ideas:
Caching improves speed
Multiple name servers improve reliability
DNS helps CDNs route users to nearby servers
