How DNS Works: From Queries to Root Servers Explained

DNS (Domain Name System) is one of the core Internet protocols. It translates domain names to IP addresses, acting like a huge phone book.

1. What is DNS?

DNS’s role is simply to look up the IP address for a given domain name. For example, the domain math.stackexchange.com resolves to the IP address 151.101.129.69 .

2. Query Process

Although a DNS query returns only an IP address, the lookup involves several steps. The

dig

command can display the entire process.

<code>$ dig math.stackexchange.com</code>

The output consists of six sections:

Query parameters and statistics

Query content (the A record request)

Answer from the DNS server

NS records for the domain

IP addresses of the name servers

Additional transmission information

3. DNS Servers

The local machine must know the IP address of a DNS server; otherwise it cannot resolve domain names. DNS server addresses may be assigned dynamically via DHCP or configured statically (e.g., in

/etc/resolv.conf

on Linux). Common public DNS servers include Google’s 8.8.8.8 and Level 3’s 4.2.2.2 .

<code>$ dig @4.2.2.2 math.stackexchange.com</code>

4. Domain Hierarchy

DNS uses a hierarchical naming structure. Every fully‑qualified domain name ends with a root label (represented by a trailing dot). The hierarchy is:

<code>host.sld.tld.root</code>

where host is the machine name, sld is the second‑level domain, tld is the top‑level domain (e.g., .com), and root is the implicit root zone.

5. Root Name Servers

Root name servers hold the NS records for the root zone. An example list includes:

There are thirteen root server groups (A‑M), each with stable IP addresses and long TTL values.

6. Hierarchical Query Example

Using

dig +trace

shows the full step‑by‑step resolution from the root servers down to the authoritative server for math.stackexchange.com .

<code>$ dig +trace math.stackexchange.com</code>

7. NS Record Queries

The

dig ns

command can retrieve NS records for any zone.

<code>$ dig ns com
$ dig ns stackexchange.com</code>

8. DNS Record Types

Common DNS record types include:

A : Address record – returns the IPv4 address.

NS : Name server record – returns the authoritative name servers for a zone.

MX : Mail exchange – returns mail server addresses.

CNAME : Canonical name – alias to another domain name.

PTR : Pointer – reverse lookup from IP to domain name.

For example, the CNAME record for facebook.github.io points to github.map.fastly.net , whose A record resolves to 103.245.222.133 .

<code>$ dig facebook.github.io
... ANSWER SECTION:
facebook.github.io. 3370 IN CNAME github.map.fastly.net.
github.map.fastly.net. 600 IN A 103.245.222.133</code>

9. Other DNS Tools

Besides

dig

, useful command‑line utilities include:

host : a simplified query tool.

<code>$ host github.com
github.com has address 192.30.252.121
...</code>

nslookup : interactive lookup.

<code>$ nslookup
> facebook.github.io
Server: 192.168.1.253
Address: 192.168.1.253#53
Non‑authoritative answer:
facebook.github.io canonical name = github.map.fastly.net.
Name: github.map.fastly.net
Address: 103.245.222.133</code>

whois : shows domain registration information.

<code>$ whois github.com</code>

10. References

DNS: The Good Parts, by Pete Keen

DNS 101, by Mark McDonnell

11. DNS Encyclopedia (Brief)

DNS is a distributed database that maps domain names to IP addresses, operating over UDP port 53. It supports both static and dynamic mappings, and its security concerns include DDoS attacks, domain hijacking, vulnerable DNS server software, and misconfigurations that may leak sensitive information.