Skip to main content
HashnodeJatin4224

Command Palette

Search for a command to run...

How DNS Resolution Works

Published
4 min read
J
Jatin Sharma

Aspiring Full-Stack Developer

Your web browser is kind of dumb.

When you type a website like google.com into your browser and hit Enter, your browser has no idea where that website lives. It doesn’t magically know how to reach it. To actually visit a website, your computer needs something very specific: an IP address.

An IP address is basically the website’s phone number.

And just like you don’t remember your friend Bernard’s phone number, your browser doesn’t remember the IP address of every website on the internet. Yet somehow, it still works. That magic is called DNS.

DNS in Simple Terms

Imagine I hand you an old phone and say,
Call your friend setu”

You couldn’t do it. You don’t know his number.

But if you open your contacts app, type “setu”, there’s his number. Now you can make the call.

That’s exactly what DNS does.

  • Domain name → Bernard

  • IP address → Bernard’s phone number

  • DNS server → Your contacts app

Your browser asks DNS,
“Hey, what’s the IP address for this website?”
DNS replies with the number, and your browser connects.

Step 1: Your Computer Checks Its Own Memory

When you enter a website, the first thing your computer does is check if it already knows the IP address.

This is handled by something called a stub resolver.
It’s just the DNS client running on your machine.

The stub resolver checks its local cache. If you’ve visited the site recently, the IP address might already be stored. If it is, your computer skips the whole DNS journey and goes straight to the server.

If not, it’s time to ask for help.

Step 2: Asking a Recursive DNS Server

Your computer is configured with a DNS server, usually provided by:

  • Your router

  • Your ISP

  • Or a public DNS like Google (8.8.8.8) or Cloudflare (1.1.1.1)

This DNS server is called a recursive resolver.

Your computer asks it:
“Do you know the IP address for google.com?”

Sometimes the recursive server already knows the answer because it has its own cache. If not, the real journey begins.

Step 3: Talking to the Root DNS Servers

DNS has a hierarchy.

At the very top are the root servers. These are the highest authority in DNS. They don’t store IP addresses for websites. Instead, they know who is responsible for each top-level domain.

The recursive resolver asks a root server:
“Who handles .com domains?”

The root server replies:
“I don’t know the IP, but here are the servers that manage .com.”

Step 4: Top Level Domain (TLD) Servers

Next, the recursive resolver contacts a TLD server for .com.

Now the question becomes:
“Who is responsible for networkchuck.com?”

The TLD server responds with the authoritative name servers for that domain. In many real-world cases, this might be Cloudflare, Google DNS, or another provider.

Step 5: Authoritative DNS Server (Final Jawab)

Finally, the recursive resolver asks the authoritative server:
“What is the IP address for google.com?”

This server owns the zone file for the domain. It knows everything → A records, MX records, subdomains, all of it.

It responds with the IP address.

The recursive resolver caches this result and sends it back to your computer.

Now your browser finally knows where to go.

And This All Happens Instantly

What’s crazy is that this entire process happens every time you visit a new website, and you barely notice it.

That’s DNS doing its job quietly in the background.

Why DNS Can Be Dangerous >> If Not Secured

By default, DNS queries use UDP port 53 and are sent in plain text.

That means:

  • ISPs can see what websites you visit

  • Attackers can intercept or modify DNS responses

  • Fake IP addresses can be returned (DNS spoofing)

This is why DNS security matters.

DNS Over HTTPS (DoH)

To fix this, we have DNS over HTTPS (DoH).

Instead of sending DNS queries in plain text, they are sent over HTTPS, the same encrypted protocol used by secure websites.

This means:

  • DNS queries are encrypted

  • Hackers can’t sniff them

  • DNS traffic blends in with normal web traffic

Most modern browsers and DNS providers support DoH today.

Understanding DNS Records

DNS is more than just domain → IP mapping.

Some important records include:

  • A record: Maps a domain to an IPv4 address

  • AAAA record: Maps a domain to an IPv6 address

  • NS record: Tells which DNS server is authoritative

  • MX record: Handles email routing

  • CNAME: Creates an alias for another domain

  • TXT record: Used for verification, SPF, DKIM, DMARC

These records power websites, emails, and security on the internet.

Using the dig Command to See DNS in Action

You don’t have to imagine DNS » you can actually see it working.

The dig command lets you query DNS directly.

To get the IP address of a domain:

dig google.com

To see which name servers handle a domain:

dig NS google.com

To inspect mail servers:

dig MX google.com

To query a specific DNS server:

dig @8.8.8.8  google.com

Using dig is one of the best ways to truly understand how DNS behaves.

#chaicode

Comments

Join the discussion

No comments yet. Be the first to comment.

More from this blog

Jatin4224

24 posts

Building cool stuff, writing tech content, and creating 3D art (with a few adventurous treks in between).