Skip to main content
HashnodeLearn Tech With Kanishk

Command Palette

Search for a command to run...

A Beginner's Guide to How DNS Resolution Functions

Updated
4 min read
A Beginner's Guide to How DNS Resolution Functions
K
Kanishk Chandna

We humans, like names. Computers like numbers. This mismatch is the entire reason DNS exists.

When you type “google.com” into a browser, your machine has absolutely no idea where that is. Networks do not route packets based on vibes or brand recognition. They route packets using IP addresses. DNS exists to translate human-readable domain names into machine-readable IP addresses.

That translation process is called name resolution. It exists because nobody wants to memorise 142.250.195.46 just to check their email.

At a high level, DNS answers one question:
“What IP address should I talk to for this domain?”

dig: Your X-Ray for DNS

dig stands for Domain Information Groper, which sounds like it was named during a very different era of the internet.

dig is a diagnostic tool. You don’t use it to browse the web. You use it to inspect how DNS works, debug weird DNS issues, and understand who is responsible for answering what.

If DNS were a bureaucracy, dig would be the form that lets you see who approved what and why.

DNS Resolution Is Layered

DNS resolution does not immediately provide the answer. It moves through layers.
Root → TLD → Authoritative
Each layer knows just enough to point you to the next one. Nobody knows everything. This is intentional and very important for scalability.

“dig . NS” - Root Name Servers

When you run “dig . NS”, you’re basically asking:
“Who is responsible for the root of the DNS system?”

The answer is a list of root name servers. These servers do not know where “google.com” lives. What they do know is who manages “.com”, “.org”, “.in”, and every other top-level domain.

You can think of root servers as the front desk. They don’t know where every employee sits. They just know which department to send you to.

“dig com NS” - TLD Name Servers

Now you are asking the “.com” TLD servers:
“Who is authoritative for domains ending in .com?”

These servers still don’t know Google’s IP address. They only know which authoritative name servers are responsible for “google.com”.

Yes, DNS is a chain of directions.

“dig google.com NS” - Authoritative Name Servers

This tells you which name servers are authoritative for google.com.

Authoritative name servers are the final authority. They hold the actual DNS records - A, AAAA, MX, TXT, CNAME, etc.

“dig google.com” - The Full Resolution

This returns an A record (IPv4) and possibly an AAAA record (IPv6). That’s the IP address your browser will connect to.

Behind the scenes, this is what actually happened:

  1. Your system asked a recursive resolver (usually your ISP).

  2. The resolver asked a root server.

  3. Root pointed to .com.

  4. .com pointed to Google’s authoritative servers.

  5. Authoritative servers returned the IP.

  6. The resolver cached the result.

  7. Your browser finally made the HTTP request.

All of this happened in milliseconds. The internet is held together by duct tape, caching, and a lot of optimism.

What NS Records Actually Represent

NS records define responsibility.
They answer the question: “Who is allowed to speak with authority for this domain?”

Without NS records:

  • Delegation breaks

  • Caching becomes dangerous

  • DNS becomes a single giant failure point

NS records are the reason DNS scales globally without collapsing under its own weight.

Recursive Resolvers - The Middleman

Your browser does not walk the DNS hierarchy every time. That would be painfully slow.

Recursive resolvers:

  • Do the walking for you

  • Cache results

  • Respect TTLs

  • Save the internet from imploding

Every time you “dig”, you’re basically peeking behind the curtain to see what your resolver usually does quietly.

From “dig” Output to a Real Browser Request

When DNS resolution finishes, the browser finally gets an IP address. Only then does HTTP even enter the conversation.

No DNS resolution → No TCP connection → No HTTPS → No website.

So yes, before your browser loads a single pixel, DNS has already done a full distributed lookup across the globe.

Conclusion

DNS looks simple until you actually look at it. Then you realise it’s a carefully layered, globally distributed system that somehow works every day without drama.

Understanding DNS resolution is not about memorising record types. It’s about understanding delegation, trust, and caching at internet scale.

And now, when someone says “it’s a DNS issue”, you’ll know whether they actually mean it.

Want more?

Blog: https://blogs.kanishk.codes/
Twitter: https://x.com/kanishk_fr/
LinkedIn: https://linkedin.com/in/kanishk-chandna/
Instagram: https://instagram.com/kanishk__fr/

#chaicode#hiteshchoudharylco#networking#dns#server#chaiaurcode

More from this blog

Learn Tech With Kanishk

25 posts

Here, I share my learnings about tech, web development, generative AI, and whatever I am learning.