How does DNS Resolution Works

Source: Dev.to

In this blog, we will cover

• What DNS is and why name resolution exists
• What the dig command is and when it is used
• Understanding dig . NS and Root Name Servers
• Understanding dig com NS and TLD Name Servers
• Understanding dig twitter.com NS and Authoritative Name Servers
• Understanding dig twitter.com and the complete DNS resolution flow

What is DNS (Domain Name System)?

DNS stands for Domain Name System.
Its main job is to convert human‑friendly domain names like:

www.example.com

into computer‑friendly IP addresses like:

192.168.1.1

Think of DNS as the phonebook of the Internet – humans remember names, computers communicate using numbers. DNS bridges that gap.

Why Does Name Resolution Exist?

• Humans can easily remember names like twitter.com.
• Computers understand numbers like 192.8.1.1.

So, DNS acts as a translator between humans and machines, allowing us to access websites using names instead of memorising IP addresses.

What is the dig Command?

dig stands for Domain Information Groper.
It is a command‑line tool used to retrieve information from DNS servers. Network administrators and engineers commonly use dig to:

• Perform DNS lookups
• Verify DNS configurations
• Troubleshoot DNS issues

When is dig Used?

• Debugging DNS resolution problems
• Checking which DNS servers are authoritative for a domain
• Verifying DNS records such as A, AAAA, CNAME, MX, etc.

Basic Syntax

dig [server] [domain] [record_type]

Example

dig twitter.com A

How DNS Resolution Works (Step by Step)

Let’s understand what actually happens when you type:

www.twitter.com

into your browser.

1. Root Name Servers

Root name servers are the starting point of the DNS hierarchy.

• There are 13 logical root servers (named A to M).
• Each logical server has many physical instances worldwide.
• Root servers do not know the IP address of individual websites; they point the resolver to the servers that handle the relevant top‑level domain (e.g., “.com”).

Check Root Name Servers

dig . NS

The command returns the list of root name servers.

2. TLD (Top‑Level Domain) Name Servers

A Top‑Level Domain (TLD) is the last part of a domain name, such as:

• .com
• .net
• .org
• .in

TLD servers also do not return IP addresses; they point to the authoritative name servers for the specific domain.

Check TLD Name Servers for .com

dig com NS

This returns the authoritative name servers responsible for all .com domains.

At this point, the resolver knows exactly where to go next.

3. Authoritative Name Servers

Authoritative name servers hold the actual DNS records for a domain.

Running:

dig twitter.com NS

returns a list of name servers that are authoritative for twitter.com.

These servers contain records such as:

• A (IPv4 address)
• AAAA (IPv6 address)
• CNAME (canonical name)
• MX (mail exchange)

Getting the Actual IP Address

dig twitter.com A

The command finally returns the IP address of twitter.com, completing the DNS resolution process.

Example IP address

172.66.0.227

Now the browser knows where to connect and can load the Twitter website.

Complete DNS Resolution Flow (Summary)

1. You type www.twitter.com in your browser.
2. The browser asks a recursive DNS resolver.
3. The resolver queries Root Name Servers.
   • Root servers say: “Ask the .com TLD servers.”
4. The resolver queries TLD Name Servers.
   • TLD servers say: “Here are the authoritative servers for twitter.com.”
5. The resolver queries Authoritative Name Servers.
   • These servers return the actual IP address.
6. The browser connects to the IP and loads the website.

Final Notes

• Root servers → know where TLDs are.
• TLD servers → know which servers are authoritative.
• Authoritative servers → know the actual IP address.
• Recursive DNS servers perform this entire lookup on behalf of the client.

Image Credits:
https://www.indusface.com/learning/what-is-dns/