How DNS Resolution Works
Understanding DNS resolution with dig command
Before starting with DNS resolution it is important to understand some related concepts which are explained in short below:
Server : A computer that sends data or performs actions based on the client’s request.
IP address : IP address is the logical address assigned to a computer on the internet. These addresses are used for identifying and communicating with devices on the internet.
What is DNS and why name resolution exists
DNS - domain name system is a very crucial part of internet browsing that converts hostnames to IP addresses. This translation of hostnames to IP addresses is called domain name resolution. We need domain name resolution since computers don't understand hostnames and humans are not good at remembering IP addresses. The DNS hierarchy starts at the root followed by the top level domain server and then at last the authoritative server.
What is the dig command and when it is used
Dig stands for Domain Information Groper, it is a command line tool used to retrieve data of DNS name servers. It is used by network administrators and developers to troubleshoot. It gives information about which all servers were involved in finding the IP address of the hostname requested by the user.
Understanding dig . NS and root name servers
The first step for searching any hostname's IP is to get the top level domains for this we will run a query on the root server.
dig . NS
The query will return 13 logical root server names. The root name server has the highest position in the hierarchy.
Understanding dig com NS and TLD name servers
After we get the servers that handle the top level domain ( com, org, edu, in) for the hostname the next step is to get the authoritative servers for this we query the top level domain. The output returns authoritative servers that provide details for sites under the specified root name domains. The top level domain returns authoritative servers.
dig com NS
It returns the authoritative servers, authoritative name servers are responsible for individual websites under that top-level domain. The top level domains are the second highest authority in the DNS hierarchy.
Understanding dig google.com NS and authoritative name servers
The authoritative servers are the last ones in the DNS hierarchy ; these servers have an actual list of records of IP hostname mapping, meaning these will actually return the IP address on which the requested website is hosted. One website can have multiple authoritative name servers.
dig google.com NS
This query will return a list of servers that when queried will return the IP address of the requested hostname.
Understanding dig google.com and the full DNS resolution flow
Step 1: For any hostname requested the first step is to query the root domain and get the top level domain server for the hostname
Step 2: The top level domain server is then queried for the authoritative domain
Step 3: Then the authoritative domain is queried to get the list of servers that have the IP address of the hostname
Note: The query for the website first goes to the DNS resolver. If the DNS resolver has a result stored in cache it directly returns the IP of the requested website. If not, then the resolution starts from the root name servers.
