DEV Community

Cover image for How DNS Resolution Works
Anoop Rajoriya
Anoop Rajoriya

Posted on

How DNS Resolution Works

#dns #networking #beginners #chaicode

Content List

What is DNS and why name resolution exists

DNS (Domain Name Systems) are Hierarchical & Decentralized servers for the computers softwares, services, and information over the internet. Its job is to resolve Domain Names like google.com or chaicode.com into a IP Address like 64.233.176.113 or 104.21.16.156.

Think you have to call your friend than what you do, you find the name of your friend on the phone contact app or phone book and call him. Your phone contact app find pick the number point by the name of your friend. Here similar thing DNS do, when you search chaicode.com on browser your browser can't make request just using the this name it need the specific IP address for the connection. So it ask the DNS like Hey DNS i want IP of this name chaicode.com, than DNS return the ip address he has in his records we. This whole process called DNS resolution.

We need this resolution because remembering and calling the names are effective as compare to long string of random letters. Like most of us not even remember the more than 5 numbers of our friends but we have all our friends names in our mind.

Image represent what is DNS and why name resolution exists with the help of phonebook analogy

What is the dig command and when it is used

dig stand for Domain Information Groper it's a CLI tool for querying the raw information of domain names on DNS servers. Our broswers can only make the simple queries for getting the webpages but dig can make query which extract the detailed information about the domain names. You can think its like a X-Ray of the phone book or detail section of Contact App which tells you all information about the phone numbers like who update this entry, which phonebook or contact app are used, and secondary number for this perticular name.

dig tool is generally used by the network engineers and cyber security experts for tracking or solving the problem networking applications like checking the ip address of the particular domain name, which layer of DNS providing specific information related to application address.

Image explaining what is dig and when it used

Understanding dig . NS and root name servers

Root Name Servers are the top level DNS for resolving the domain names. These are configured in Root zone as a 13 autorities which supported by the 100 of servers form a network around the world. These servers don't know the exact location of your domain query but they know the servers who can help you to resolve your domain query. Thay are called TLDs (Top Level Domain) servers.

You can think, when you want a book so you going in library and ask for this book at information desk. The person on desk don't know about the book or not know exact self about the book but he know where you can find books related to book type, so he give the address of the self your can find books related to your book type.

dig . NS, this dig command used to ask which name servers are autoritative for DNS Root Zone, in result showing the all 13 root servers authorities domain names form a to m.

  • dig (Domain lookup utility) : its a name of utility for domain lookup tool.
  • . (dot) : dot used to represent Root.
  • NS (Name Server Record) : its represent Query Type which means show all name server records for queried zone (here is root).

Image showing what are roots server and showing flow of root server lookup

Understanding dig com NS and TLD name servers

TLD Name Servers are the Authoritative source for the all TLDs. These server are categorized for resolving domains based on its type like .com, .govt, and .in. TLds servers are sit at second layer in the process of domain resolving. These servers don't know the exact location of the domain names, it only know which autoritative servers can resolve this type domain so thay point to that Authoritative DNS server.

information: TLDs stands Top Level Domains those are used to categorized domains based on organizations and geographic locations like .com for commercial use, .govt for governments, and .uk for united kingdom location.

Think Top Level Domains like .com, .in are the cities and authoritative server are like city post offices. They dont know about the address for a specific houses they only know about the local areas offices and they assign next office based on area letter had.

This dig com NS lookup command ask which name server are authoritative for the .com TLD. When you run this command you get a list of TLDs servers responsible for delegating .com DNS queries to their respective Authoritative name servers.

Image showing what are TLD name servers and showing flow of its lookup

Understanding dig google.com NS and authoritative name servers

Authoritative Name Servers are the final holder of DNS record for the specific domain. This is the server own the actual information. when you ask to TLD server for google.com it send you here, That is the only one who can provide official ip address.

They are called Authoritative because they are the final word, if manager of the google.com say this is the final ip address 142.250.190.46 rest of the internet belive on that. If you want to change the ip address of your website, you change it here.

dig google.com NS, this command ask which name servers are authoritative for the domain google.com. This resulting the NS record for autoritative DNS servers that can be queried to obtain the ip address for google.com using A or AAAA record lookups.

Image showing what are Authoritative name servers and flow of its lookup

Understanding dig google.com and the full DNS resolution flow

The DNS Resolution Flow are the entire process we describe above, domain name->root DNS->TLD DNS->Autoritative DNS->Ip this process contains too many requests and responses our browser don't do that. Actually it use system called Recursive resolver its job is to do this all step and return the final response to browser.

dig google.com command without NS type it ask like what is the A record for the google.com and resolver return the final step response which is actual ip address for the google server.

These are the steps a resolver running on the browser request:

  1. Resolver -> Root DNS: ask "Where is the google.com"
  2. Root DNS -> Resolver: say "i don't know about that, ask for .com TLD servers"
  3. Resolver -> .com TLD DNS: ask "where is the google.com"
  4. .com TLD DNS -> Resolver: say "i don't know excat ip, ask for google.com autoritative server ns1.google.com"
  5. Resolver -> ask to ns1.google.com what is the Ip for google.com
  6. ns1.google.com -> Resolver: There are the Ip address of google.com
  7. Resolver -> Browser: here Take this ip address 142.250.190.46.

Image showing full DNS resolution flow of google.com

Top comments (0)