Mastering DNS: From Basics to Advanced Queries

DNS (Domain Name System) is one of the core Internet protocols; understanding it is essential for both browsing and development.

1. What is DNS?

DNS translates domain names into IP addresses, acting like a massive phone book. For example, the domain

math.stackexchange.com

resolves to the IP

151.101.129.69

.

2. Query Process

The lookup involves several steps, which can be displayed with the

dig

tool.

<code>$ dig math.stackexchange.com</code>

The command returns six sections:

Query parameters and statistics.

Query content.

DNS server response.

NS records for

stackexchange.com

.

IP addresses of the name servers.

Transmission information.

Adding

+short

simplifies the output to the four A records for the domain.

<code>$ dig +short math.stackexchange.com
151.101.129.69
151.101.65.69
151.101.193.69
151.101.1.69</code>

3. DNS Servers

The local machine must know a DNS server’s IP (often provided via DHCP or configured in

/etc/resolv.conf

). Example server IP:

192.168.1.253

. Public servers include Google’s

8.8.8.8

and Level 3’s

4.2.2.2

.

<code>$ dig @4.2.2.2 math.stackexchange.com</code>

4. Domain Hierarchy

Domain names are hierarchical:

host.sld.tld.root

. The trailing dot represents the root zone. Example:

www.example.com.

The levels are root → top‑level domain (TLD) → second‑level domain (SLD) → host.

<code>host.sld.tld.root</code>

5. Root Name Servers

Root servers (A‑ROOT‑SERVERS.NET, B‑ROOT‑SERVERS.NET, …) have fixed IPs such as

198.41.0.4

. There are thirteen root server groups worldwide.

6. Hierarchical Query Example

Using

dig +trace

shows the full resolution chain from root to authoritative server.

<code>$ dig +trace math.stackexchange.com</code>

7. NS Record Queries

Specific NS records can be queried with

dig ns com

or

dig ns stackexchange.com

, optionally using

+short

for concise output.

<code>$ dig ns com
$ dig ns stackexchange.com</code>

8. DNS Record Types

Common record types:

A : address record, returns an IP address.

NS : name‑server record, points to the server for the next zone.

MX : mail exchange record, specifies mail servers.

CNAME : canonical name, an alias to another domain.

PTR : pointer record, used for reverse lookups.

Example CNAME lookup:

<code>$ dig facebook.github.io
;; ANSWER SECTION:
facebook.github.io. 3370 IN CNAME github.map.fastly.net.
</code>

Reverse lookup example:

<code>$ dig -x 192.30.252.153
;; ANSWER SECTION:
153.252.30.192.in-addr.arpa. 3600 IN PTR pages.github.com.</code>

9. Other DNS Tools

host provides a simplified view of records.

<code>$ host github.com</code>

nslookup offers an interactive query interface.

<code>$ nslookup
> facebook.github.io</code>

whois shows domain registration information.

<code>$ whois github.com</code>

10. References

DNS: The Good Parts, Pete Keen

DNS 101, Mark McDonnell

Appendix – DNS Overview

DNS maps hostnames to IP addresses over UDP port 53. It can be static (local hosts file) or dynamic (central DNS servers). Proper configuration prevents security issues such as DDoS, hijacking, and information leakage.

Common security concerns include malicious attacks on DNS infrastructure, domain hijacking, vulnerable DNS software, and misconfigurations that expose sensitive data.