How DNS Resolution Works

Have you ever wondered what actually happens when you type google.com in your browser and press Enter?

How does you browser know where to take you? Why doesn’t it send you to some random website? And most importantly how does the internet understand human readable names like google.com?

This blog is my attempt to understand DNS from absolute basics to a professional leel mental model, written exactly the way I learned it step by step, no assumptions, no jargon overload.

---

1. The Question That Started It All

when I type:

google.com

into my browser, I’m not giving it:

• a location

• a server address

• or any networking details

Yet somehow, I always land on Google, and not somewhere else.

So the obvious question is:

How does my browser know where to go?

The short answer is DNS. The real answer is much more interesting.

---

2. Why DNS Exists

Computer do not understand domain names. They communicate using IP addresses, like:

142.250.195.46

Imagine if every time you wanted to visit a website, you had to remember numbers like these. That’s not realistic right.

This is Why Name Resolution Exists

Name Resolution exists to solve one problem:

Convert a human-friendly name into a machine-friendly IP address.

That conversion system is called DNS (Domain Name System).

---

3. DNS= Internet’s PhoneBook (But Smarter)

I like to think of DNS as:

The internet’s phonebook

But unlike a draditional phonebook:

• DNS is distributed

• DNS is hierarchical

• DNS is globally scalable

---

4. What Happens When I Search google.com?

Here’s the important part:

My browser does NOT directly ask Google.

Instead, it asks:

Hey, does anyone know the IP address for google.com?

That question starts a multi-step journey through DNS.

---

5. DNS Works in Layers

DNS resolution doesn’t happen in one step. It happens layer by layer.

DNS Hierarchy

Each layer only knows who to ask next.

---

6. Before Going Deeper: What is the dig Command?

While learning DNS, I realize I needed a way to see DNS in action. That’s where dig comes in.

What is dig?

dig (Domain Information Groper) is a DNS inspection tool.

It allows us to:

• Ask DNS questions manually

• See which servers respond

• Understand resolution step by step

Think of it as debugging DNS.

---

7. Why I Use dig

I don’t use dig to browse the internet. I use it to:

• Learn how DNS works

• Debug DNS issues

• verify name server configuration

• Build a system-design-level understanding

---

8. Understanding NS Records

While exploring DNS, one term keeps appearing:

NS (Name Server) Records

An NS record answers one simple question:

Who is responsible for this domain?

Important:

• NS records do not give IP addresses

• They tell where to ask next

This is how DNS stays scalable.

---

9. Starting from the Top: Root Name Servers

Command

$  dig . NS
;; QUESTION SECTION:
;.                                IN     NS
;; ANSWER SECTION:
.                         395484  IN     NS     a.root-servers.net.
.                         395484  IN     NS     b.root-servers.net.
.                         395484  IN     NS     c.root-servers.net.
.                         395484  IN     NS     d.root-servers.net.
.                         395484  IN     NS     e.root-servers.net.
.                         395484  IN     NS     f.root-servers.net.
.                         395484  IN     NS     g.root-servers.net.
.                         395484  IN     NS     h.root-servers.net.
.                         395484  IN     NS     i.root-servers.net.
.                         395484  IN     NS     j.root-servers.net.
.                         395484  IN     NS     k.root-servers.net.
.                         395484  IN     NS     l.root-servers.net.
.                         395484  IN     NS     m.root-servers.net.

This asks:

Who handles the root of DNS?

What Root Servers Do

• They sit at the top of DNS hierarchy

• They don’t know website IPs

• They only point to TLD servers

Mental Model

I don't know google.com,
but I know who manages .com

---

10. Next Layer: TLD Name Servers

Command

$  dig com NS
;; QUESTION SECTION:
;com.                               IN      NS
;; ANSWER SECTION:
com.                        171633  IN      NS      e.gtld-servers.net.
com.                        171633  IN      NS      h.gtld-servers.net.
com.                        171633  IN      NS      l.gtld-servers.net.
com.                        171633  IN      NS      a.gtld-servers.net.
com.                        171633  IN      NS      c.gtld-servers.net.
com.                        171633  IN      NS      j.gtld-servers.net.
com.                        171633  IN      NS      f.gtld-servers.net.
com.                        171633  IN      NS      k.gtld-servers.net.
com.                        171633  IN      NS      b.gtld-servers.net.
com.                        171633  IN      NS      d.gtld-servers.net.
com.                        171633  IN      NS      g.gtld-servers.net.
com.                        171633  IN      NS      m.gtld-servers.net.
com.                        171633  IN      NS      i.gtld-servers.net.

TLD stands for Top-Level Domain.

Examples:

• .com

• .org

• .in

What TLD Servers Do

They answer:

Who is authoritative for google.com?

They don’t give the IP yet. They just point forward

---

11. Final Authority: Authoritative Name Servers

Command

$  dig google.com NS
;; QUESTION SECTION:
;google.com.                        IN      NS
;; ANSWER SECTION:
google.com.                    49892    IN        NS        ns4.google.com.
google.com.                    49892    IN        NS        ns2.google.com.
google.com.                    49892    IN        NS        ns1.google.com.
google.com.                    49892    IN        NS        ns3.google.com.

These servers:

• Own the DNS data for the domain

• Store actual records

• Are the source of truth

Only authoritative servers return the ffinal IP address.

---

12. The Full DNS Resolution Flow

Command

$  dig google.com
;; QUESTION SECTION:
;google.com.                     IN    A
;; ANSWER SECTION:
google.com                262    IN    A    142.250.206.14

Behind the scenes, this is what happpens:

1. Browser → Recursive Resolver
2. Resolver → Root Server
3. Root → TLD Server (.com)
4. TLD → Authoritative Server
5. Authoritative → IP Address
6. Resolver → Browser

---

13. Recursive Resolver: The Hidden Worker

I don’t manually query root or TLD servers.

A recursive resolver does it for me.

Examples:

• ISP DNS

• Google DNS (8.8.8.8)

• Cloudflare (1.1.1.1)

It:

• Queries DNS layers

• Caches results

• Speeds up browsing

---

14. Mapping dig to DNS Layers

This mapping helped me visualize DNS clearly.

---

15. How This Connects to Real Browsing

Every time I open a website:

1. DNS resolution happens

2. IP address is found

3. Network connection starts

4. Website loads

DNS is always the first step.

---

16. Why DNS Is Designed This Way (System Design View)

DNS is:

• Distributed → No single failure

• Hierarchical → Scales globally

• Cached → Fast

• Stateless → Reliable

This same thinking appears in modern system design.

---

17. Final Thoughts

DNS felt mysterious at first. But once I broke it down layer by layer, it became logical.

Now when I type google.com, I don’t see just a website I see a well-orchestrated distributed system at work.