Fundamentals of DNS: Concepts, Resolution Process, Message Format, and Practical Examples

DNS (Domain Name System) is a global directory that maps domain names to IP addresses, functioning like a massive phone book; for example, www.bytedance.com resolves to 117.185.132.240 before a client can connect.

Domain names are hierarchical, separated by dots, with a maximum depth of 127 levels and each label up to 63 characters.

The DNS resolution process involves four key components: the DNS Resolver (often the local resolver on a device), Root Server, TLD Server, and Naming (authoritative) Server. The resolver receives a query, contacts a root server for the next‑step TLD server, which then points to the authoritative server that finally returns the IP address.

DNS messages consist of five sections—Header, Question, Answer, Authority, and Additional. The Header contains fields such as ID, QR, Opcode, AA, TC, RD, RA, Z, RCODE, and counts for each section. The Question section holds QNAME, QTYPE, and QCLASS, while the Answer section includes NAME, TYPE, CLASS, TTL, RDLENGTH, and RDATA.

Typical command‑line queries can be performed with dig google.com , which returns the resolved IPs, and with dig google.com +trace to display the step‑by‑step lookup from root servers. To query a specific DNS server, use dig google.com @114.114.114.114 .

Python can also perform DNS queries using the dns library:

import dns.resolver
import dns

message = dns.message.make_query('google.com', 'A')
r = dns.query.udp(message, '8.8.8.8')
answers = r.answer
for i in range(len(answers)):
    print(answers[i].to_text())

Common DNS record types include A (IPv4), AAAA (IPv6), CNAME (alias), NS (authoritative server), SOA (start of authority), and TXT (arbitrary text). Specific types can be queried with dig google.com -t SOA .

Modern DNS services support line/view/region routing, allowing different IPs to be returned based on the client’s network location (e.g., China Mobile Shanghai vs. China Telecom). This is achieved by grouping clients into views and mapping each view to distinct IP addresses.

EDNS (Extension Mechanisms for DNS) adds optional fields to the DNS message, and the ECS (EDNS Client Subnet) option lets a client specify a subnet IP so that the resolver can return results as if the query originated from that subnet. A Python example using ECS:

import dns.resolver
import dns
import clientsubnetoption

cso = clientsubnetoption.ClientSubnetOption('1.2.3.0')
message = dns.message.make_query('google.com', 'A')
message.use_edns(options=[cso])
r = dns.query.udp(message, '8.8.8.8')
answers = r.answer
for i in range(len(answers)):
    print(answers[i].to_text())

Understanding these fundamentals equips readers to answer DNS‑related interview questions and to troubleshoot or design DNS configurations effectively.