Understanding DNS Resolution: A Simple Guide with the dig Command

What is DNS and why name resolution exists.

What is DNS.

• DNS (Domain Name System) is a distributed system that maps human-readable domain names to IP addresses, acting like the internet phonebook.

• Just like a phonebook: you search a name in contacts → you get a number.

• DNS works the same way: you search a domain like google.com → you get an IP address like 216.58.196.110.

Example: Phonebook helps you find a number using person’s name.
DNS helps you find an IP address using a domain’s name.

Why name resolution exists.

• DNS resolution is the process of translating a domain name into its IP address by querying DNS servers.

---

How DNS resolution happens in layers

• DNS resolution does not happen in one step, it happens in layers.

• Root → TLD → Authoritative

• Each layer has one specific job.

Why DNS is designed in layers(IMP)

• Internet has millions of domains one server can’t handle everything.

• So DNS is Distributed, Hierarchical, Scalable.

• This makes DNS Fast, Reliable, Global.

• Root DNS servers (Top layer)

  Root servers are at the top of the DNS, they don’t know IP addresses, they only know where are the TLD servers.
  TLD servers like .com, .in, .dev, .org etc.

• TLD DNS servers(Middle layer)
  TLD(Top-level domain) servers handle one TLD only.
  .com servers handle all .com domains.
  .in servers handle all .in domains.
  TLD servers don’t store IP addresses they store reference of which authoritative server controls this domain.

• Authoritative DNS servers(Final layer)
  They are the final source of truth, they store DNS records such as A(IP address), CNAME, MX, TXT.
  This is the only layer that returns the IP.
  DNS resolution ends here.

---

Introduce dig as a diagnostic tool to inspect DNS resolution.

what is dig.

• dig is a command-line tool used to ask DNS questions to DNS servers and see their answers.

• Browser uses DNS sliently.

• dig shows DNS details clearly, that’s why dig is used for learning, debugging,ans system design.

what does dig actually do.

• dig allows you to query servers directly & inspect DNS information .

• It shows:

  • IP addresses

  • Name servers (NS)

  • Email servers (MX)

  • CNAMEs

  • TTL values

dig commands using google.com example:

1. dig google.com → Returns full DNS response details for the domain.

2. dig . NS → Display root DNS name servers.

3. dig com NS → Display TLD(Top level domain) name servers for .com.

4. dig google.com NS → Display authoritative DNS servers for the domain.

5. dig google.com +trace → Display the complete DNS resolution flow.

6. dig www.google.com CNAME → checks whether www.google.com points to another domain name.

7. dig google.com MX → Display main servers responsible for handling email for the domain.

---