DNS Resolution

Network

When we want to access something in the internet, we type a domain name, for example www.google.com, but what actually happen after that, first thing happens is a dns lookup to find out the ip address for the domain name, then access the data from the server with the ip address.

DNS Resolver

There are some different DNS resolvers we could use

  • Provided by ISP
  • Provided by third parties, such as Google, Cloudflare, OpenDNS etc.
  • Configure your own DNS server

Recursive Query

In case of DNS lookup for www.google.com

  • Send request to Root server, response with the location of TLDs, such as .com
  • Send request to TLD server, response with the location of google.com
  • Send request to google.com NS, response with the ip of www.google.com

Check the process with dig + trace command

$ dig +trace  www.google.com @8.8.8.8 -p 53

; <<>> DiG  <<>> +trace www.google.com @8.8.8.8 -p 53
;; global options: +cmd
.			86287	IN	NS	a.root-servers.net.
.			86287	IN	NS	b.root-servers.net.
.			86287	IN	NS	c.root-servers.net.
.			86287	IN	NS	d.root-servers.net.
.			86287	IN	NS	e.root-servers.net.
.			86287	IN	NS	f.root-servers.net.
.			86287	IN	NS	g.root-servers.net.
.			86287	IN	NS	h.root-servers.net.
.			86287	IN	NS	i.root-servers.net.
.			86287	IN	NS	j.root-servers.net.
.			86287	IN	NS	k.root-servers.net.
.			86287	IN	NS	l.root-servers.net.
.			86287	IN	NS	m.root-servers.net.
;; Received 525 bytes from 8.8.8.8#53(8.8.8.8) in 9 ms

com.			172800	IN	NS	e.gtld-servers.net.
com.			172800	IN	NS	b.gtld-servers.net.
com.			172800	IN	NS	j.gtld-servers.net.
com.			172800	IN	NS	m.gtld-servers.net.
com.			172800	IN	NS	i.gtld-servers.net.
com.			172800	IN	NS	f.gtld-servers.net.
com.			172800	IN	NS	a.gtld-servers.net.
com.			172800	IN	NS	g.gtld-servers.net.
com.			172800	IN	NS	h.gtld-servers.net.
com.			172800	IN	NS	l.gtld-servers.net.
com.			172800	IN	NS	k.gtld-servers.net.
com.			172800	IN	NS	c.gtld-servers.net.
com.			172800	IN	NS	d.gtld-servers.net.
;; Received 1174 bytes from 198.41.0.4#53(a.root-servers.net) in 119 ms

google.com.		172800	IN	NS	ns2.google.com.
google.com.		172800	IN	NS	ns1.google.com.
google.com.		172800	IN	NS	ns3.google.com.
google.com.		172800	IN	NS	ns4.google.com.
;; Received 840 bytes from 192.52.178.30#53(k.gtld-servers.net) in 109 ms

www.google.com.		300	IN	A	142.251.221.68
;; Received 59 bytes from 216.239.38.10#53(ns4.google.com) in 99 ms

Reference