In this blog, we will cover:
- What DNS is and why name resolution exists
- What the
digcommand is and when it is used - Understanding
dig . NSand Root Name Servers - Understanding
dig com NSand TLD Name Servers - Understanding
dig twitter.com NSand Authoritative Name Servers - Understanding
dig twitter.comand the complete DNS resolution flow
What is DNS (Domain Name System)?
DNS stands for Domain Name System.
Its main job is to convert human-friendly domain names like:
www.example.com
into computer-friendly IP addresses like:
192.168.1.1
Think of DNS as the phonebook of the internet. Humans remember names, but computers communicate using numbers. DNS bridges that gap.
Why Does Name Resolution Exist?
- Humans can easily remember names like
twitter.com - Computers understand numbers like
192.8.1.1
So, DNS acts as a translator between humans and machines, allowing us to access websites using names instead of memorizing IP addresses.
What is the dig Command?
dig stands for Domain Information Groper.
It is a command-line tool used to retrieve information from DNS servers. Network administrators and engineers commonly use dig to:
- Perform DNS lookups
- Verify DNS configurations
- Troubleshoot DNS issues
When is dig Used?
- Debugging DNS resolution problems
- Checking which DNS servers are authoritative for a domain
- Verifying DNS records like A, AAAA, CNAME, MX, etc.
Basic Syntax
dig [server] [domain] [record_type]
Example:
dig twitter.com A
How DNS Resolution Works (Step by Step)
Let’s understand what actually happens when you type:
www.twitter.com
into your browser.
1. Root Name Servers
Root name servers are the starting point of the DNS hierarchy.
- There are 13 logical root servers (named A to M)
- Each logical server has many physical instances worldwide
- Root servers do not know the IP address of websites
Instead, they guide the resolver by saying:
“I don’t know the IP, but I know where
.comdomains are handled.”
Check Root Name Servers
dig . NS
This command returns the list of root name servers.
2. TLD (Top-Level Domain) Name Servers
TLD stands for Top-Level Domain, such as:
.com.net.org.in
TLD servers also do not return IP addresses.
Their job is to point to the authoritative name servers for a domain.
Check TLD Name Servers for .com
dig com NS
This returns the authoritative name servers responsible for all .com domains.
At this point, the resolver knows exactly where to go next.
3. Authoritative Name Servers
Authoritative name servers are where the actual DNS records live.
When you run:
dig twitter.com NS
You get a list of name servers that are authoritative for twitter.com.
These servers contain real DNS records such as:
-
A(IPv4 address) -
AAAA(IPv6 address) CNAMEMX
Getting the Actual IP Address
dig twitter.com A
This finally returns the IP address, for example:
172.66.0.227
Now the browser knows where to connect and can load the Twitter website.
Complete DNS Resolution Flow (Summary)
- You type
www.twitter.comin your browser - The browser asks a recursive DNS resolver
- The resolver queries Root Name Servers
-
Root servers say: “Ask
.comTLD servers”- The resolver queries TLD Name Servers
-
TLD servers say: “Here are the authoritative servers for twitter.com”
- The resolver queries Authoritative Name Servers
-
These servers return the actual IP address
- The browser connects to the IP and loads the website
Final Notes
- Root servers → know where TLDs are
- TLD servers → know which servers are authoritative
- Authoritative servers → know the actual IP address
- Recursive DNS servers perform this entire lookup on behalf of the client
Image Credits:
https://www.indusface.com/learning/what-is-dns/
Top comments (0)