How DNS Resolution Works
I’m Ashwin Gudepu, a web development learner currently part of the Chai Code cohort. I’m blind, so accessibility is not an afterthought for me. I write about coding, tools, and lessons from building usable web apps.
How DNS Finds a Website (Using dig)
When you type google.com into your browser, the website loads instantly. You never type the actual IP address (a string of numbers like 142.251.223.14).
This happens because of DNS (Domain Name System). DNS translates human-friendly names into computer-friendly numbers.
But DNS is not just one step. It is a relay race involving your computer, your internet provider, and a global network of servers. In this article, we will break down the exact steps, explain the server types, and use the dig command to watch the process in action.
What is the dig Command?
dig stands for Domain Information Groper. It is a command-line tool used by network engineers to ask DNS servers questions directly. Normally, DNS does its job silently. With dig, we can pull back the curtain and see exactly what information is being passed around the internet.
(Note for Windows users: dig is not installed by default. Open PowerShell as Administrator, run winget install ISC.BIND, and restart your terminal to use it).
Step 1: The Local Cache (Your Computer's Memory)
Before your computer asks the internet for help, it checks its own memory. This is called the Cache. It happens in two phases:
Browser Cache: Google Chrome (or your browser) checks its own history. If you visited
google.com5 minutes ago, it already knows the IP address.OS Cache: If the browser doesn't know, your Operating System (Windows/Mac/Linux) checks its own system memory.
If the IP address is found here, the search stops immediately. The website loads. If not, the search moves to the internet.
Step 2: The Recursive DNS Resolver (The Middleman)
If your computer doesn't know the IP address, it asks for help from a Recursive DNS Resolver.
What is it? It is a server usually provided by your ISP (Internet Service Provider, like Jio, Airtel, or Comcast).
What it does: Think of the Recursive Resolver as your personal assistant. Your computer says, "Get me the IP for google.com." The Recursive Resolver says, "I don't know it, but I will go ask the big internet servers for you."
The Recursive Resolver does all the hard work. It will now travel through the 3 Pillars of DNS to find the answer.
Step 3: The 3 Pillars of DNS (Root, TLD, and Authoritative)
1. The Root Server (The Front Desk)
The Root Server is the absolute top of the internet. The Recursive Resolver asks the Root first.
dig . NS
What it does: The Root does not know Google's IP. But it sees the .com extension. It tells the Recursive Resolver: "Go ask the .com TLD server*."*
2. The TLD Server (Top-Level Domain)
The Recursive Resolver follows the instructions and asks the .com server.
dig com NS
What it does: The .com server manages all .com websites. It doesn't know the IP, but it knows exactly who bought the domain. It tells the Recursive Resolver: "Go ask Google's Authoritative Servers*."*
3. The Authoritative Server (The Final Answer)
The Authoritative Name Server is the final boss. It is owned by the actual company (Google) and holds the official data.
dig google.com NS
The Output:
The Recursive Resolver has found Google's servers. Notice that there are four servers, not just one.
💡 System Design Concept: Why Multiple Servers?
In large-scale system design, having multiple Name Servers is critical for two reasons:
Redundancy (Safety): If
ns1crashes,ns2instantly takes over. The website never goes offline.Load Balancing: Millions of users search Google every second. Four servers share this heavy traffic so no single machine gets overloaded.
Step 4: Returning the Final IP Address
Finally, the Recursive Resolver asks one of Google's Authoritative servers for the actual IP address.
dig google.com
The Final Output:
google.com. 300 IN A 142.251.223.14
Success. The Authoritative server gives the IP (142.251.223.14) to the Recursive Resolver, which passes it back to your Computer.
Your browser now connects to the IP address, and the website loads.
(Note: The number 300 is the TTL, or Time-To-Live. The Recursive Resolver and your computer will now save this IP in their Cache for 300 seconds so they don't have to repeat these steps again).
Command Summary Table
Here is a quick recap of the commands we used to trace the DNS journey:
| Command | What It Does | Use Case in our Story |
dig . NS | Queries the Root of the internet. | To find out who manages the .com extension. |
dig com NS | Queries the Top-Level Domain (TLD) server. | To find out who owns google.com. |
dig google.com NS | Queries the Authoritative Name Servers. | To find the specific servers managed by Google. |
dig google.com | Queries for the 'A' record (IP Address). | To get the final IP address of the website. |
Conclusion: The Full Flow
DNS is a perfectly organized, step-by-step system:
Local Cache (Checks your computer's memory)
Recursive Resolver (The ISP's detective)
Root Server (Points to
.com)TLD Server (Points to Google)
Authoritative Server (Gives the IP address)
By understanding this chain and using dig, you stop seeing the internet as magic and start seeing it as pure engineering.