Mastering DNS: How Domain Names Resolve to IP Addresses

DNS (Domain Name System) is one of the core Internet protocols; understanding it is essential for both browsing and development.

1. What is DNS?

DNS maps domain names to IP addresses, acting like a massive phone book. For example, the domain

math.stackexchange.com

resolves to the IP

151.101.129.69

.

2. Query Process

Although the result is a single IP address, the DNS lookup involves several steps. The

dig

tool can display the entire process.

<code>$ dig math.stackexchange.com</code>

The output consists of six sections:

Query parameters and statistics.

Query content (the domain being queried).

DNS server responses.

NS records for the domain.

IP addresses of the name servers.

Transmission information such as server IP, port (53), and response length.

Using the

+short

option simplifies the output to just the A records:

<code>$ dig +short math.stackexchange.com
151.101.129.69
151.101.65.69
151.101.193.69
151.101.1.69</code>

3. DNS Servers

Your machine must know the IP address of a DNS server, either assigned via DHCP or configured statically (e.g., in

/etc/resolv.conf

). Common public DNS servers include Google’s

8.8.8.8

and Level 3’s

4.2.2.2

. You can query a specific server with

dig @4.2.2.2 math.stackexchange.com

.

4. Domain Hierarchy

Domain names are hierarchical:

host.sld.tld.root

. The trailing dot represents the root zone, which is implicit in everyday use. The hierarchy consists of the root zone, top‑level domain (TLD), second‑level domain (SLD), and host name.

<code>host.sld.tld.root
# e.g.,
host.sld.tld.root</code>

5. Root Name Servers

Root servers hold NS records for the root zone. There are thirteen root server groups (A‑M). Their IP addresses are hard‑coded into DNS software, ensuring they are always reachable.

6. Hierarchical Query Example

Using

dig +trace

shows the full delegation chain from the root servers down to the authoritative server for the target domain.

<code>$ dig +trace math.stackexchange.com</code>

The first section lists all root server NS records. Subsequent sections show the TLD servers, the second‑level domain servers, and finally the A records for the host.

7. Querying NS Records

You can query NS records directly:

<code>$ dig ns com
$ dig ns stackexchange.com</code>

Adding

+short

returns a concise list of name servers.

<code>$ dig +short ns com
$ dig +short ns stackexchange.com</code>

8. DNS Record Types

Common DNS record types include:

A : Address record, returns the IP address.

NS : Name server record, returns the server responsible for the next zone.

MX : Mail exchange record, returns mail server addresses.

CNAME : Canonical name record, points to another domain.

PTR : Pointer record, used for reverse lookups from IP to domain.

Example of a CNAME lookup:

<code>$ dig facebook.github.io
...;
facebook.github.io. 3370 IN CNAME github.map.fastly.net.
github.map.fastly.net. 600 IN A 103.245.222.133</code>

PTR records are queried with

dig -x

or

host

for reverse lookups.

<code>$ dig -x 192.30.252.153
...;
153.252.30.192.in-addr.arpa. 3600 IN PTR pages.github.com.</code>

9. Other DNS Tools

Besides

dig

, useful tools include:

host : Simplified query tool that returns various records.

nslookup : Interactive query utility.

whois : Retrieves domain registration information.

<code>$ host github.com
github.com has address 192.30.252.121
...
$ nslookup
> facebook.github.io
Server: 192.168.1.253
Address: 192.168.1.253#53
Non-authoritative answer:
facebook.github.io canonical name = github.map.fastly.net.
Name: github.map.fastly.net
Address: 103.245.222.133
</code>

10. References

DNS: The Good Parts, by Pete Keen

DNS 101, by Mark McDonnell