How DNS Resolution Works
In this blog I will share my knowledge about DNS what is DNS, how it works, why we need it, what is NS, records etc. With this we will use the dig command which will help to check DNS, name servers and records.
What is DNS
Domain Name System (DNS) many of us heard about it somewhere, specially in the 2025 Cloudflare outage. DNS is the phonebook of the internet. Browsers interact through IP addresses, but we humans can’t remember IP addresses because IPs are long numbers with dots such as 192.168.0.1 (IPv4) and sometimes numbers with alphabet such as 8926:bc48:3802:1::b249:d83b (IPv6).
That’s why we use domains. They are easy to remember and do the same job. But you might be thinking how, so here comes DNS. DNS translates domains to IP addresses. It is a hierarchical and decentralized system that follows some steps.
It is called name resolution. It exists to bridge the gap between us humans and computers. It helps us remember domains and helps computers get IP addresses. It also provides system agility. Name server resolution allows a website's server IP address to change without needing us to remember a new IP address. Server admin can easily update the DNS record and the existing domain continues to work. It takes some time to update the records on servers all over the world.
dig command
Before diving more into DNS and name servers, we need to understand a tool called dig, which we will use to see DNS server details such as their IP, records and name servers.
Domain Information Groper (dig) is a command line tool used for querying DNS servers. It helps to verify DNS records, trace queries and do reverse lookups.
Basic command examples:
| Task | Command |
| Simple Lookup | dig google.com |
| Short Answer (IP only) | dig google.com +short |
| Query Specific Record | dig google.com MX |
| Query Specific Server | dig @8.8.8.8 google.com |
| Reverse Lookup | dig -x 142.250.182.206 |
| Full Trace | dig +trace google.com |
Recursive DNS Resolver
Before root, TLD and authoritative servers come into picture, there is something very important called recursive DNS resolver. This is usually provided by your ISP or public DNS like:
8.8.8.8 (Google)
1.1.1.1 (Cloudflare)
9.9.9.9 (Quad9)
Your browser does not directly talk to root or TLD servers. It talks to recursive resolver.
Recursive resolver’s job is:
Ask other DNS servers on your behalf
Cache results
Finally give IP back to your browser
So recursive resolver is like your personal assistant who runs around and collects answers for you.
Root Servers
As we know Domain Name System hierarchy, so at the top of pyramid this root server stands. They are just like the Elder from John Wick. Root servers don’t store the website IP. They don’t even know full domain details.
If user's recursive DNS server gets an uncached DNS query, then the query goes to Root Server. They get queries, check which Top Level Domain (TLD) it is (like .com, .org) and then refer to that TLD server. That’s the job of root server.
There are 13 main root servers around the globe.
dig . NS
When you run:
dig . NS
This shows you the name servers for the root zone. These are the root servers.
What this means in real flow:
These servers are responsible for directing queries to TLD servers
They don’t give you google.com IP
They just say: “Go ask .com servers”
So root servers are like traffic controllers for the top of DNS hierarchy.
TLD Servers
In the domain hierarchical pyramid, these are the second from top, just like High Table from John Wick. TLDs categorize websites by purpose, type or geography etc. Some TLDs: .com, .org, .net, .in, .uk etc.
TLD server stores list of domains under that TLD and their authoritative name servers.
So when a user sends a request for a domain, the TLD server receives the request from a root server and responds by providing the address of the specific authoritative name server for that domain. Then authoritative does the rest job.
dig com NS
When you run:
dig com NS
This shows you the name servers responsible for .com TLD.
What this means in real flow:
Root server sends query to these .com servers
These servers don’t give IP for google.com
They only tell which authoritative servers handle google.com
So TLD servers are like a directory that tells you where to find the real owner of the domain.
Authoritative Name Servers
This is the DNS server that stores all records:
IP address (A / AAAA)
Mail server info (MX)
TXT records
CNAME etc.
This is the 3rd position from top of the pyramid. They are just like The Continental from John Wick. They provide the final result to a DNS query for that domain.
These servers manage zone files and are responsible for a specific domain.
dig google.com NS
When you run:
dig google.com NS
This shows you the authoritative name servers for google.com
What this means in real flow:
TLD server points to these servers
These servers actually know about google.com
These servers hold real DNS records for google.com
So authoritative servers are the only ones that can give final correct answer for that domain.
dig google.com
When you run:
dig google.com
You are asking your recursive resolver to resolve google.com
Behind the scenes, this is what happens (if not cached):
Recursive resolver asks Root Servers
Root points to .com TLD Servers
TLD points to google.com Authoritative Servers
Authoritative returns IP address
Recursive resolver caches it
Recursive resolver sends IP to your computer
So even though you typed one command, a lot of DNS servers were involved.
Full DNS Resolution Flow
Let’s understand the full DNS resolution flow in simple way.
Think like this: you want to watch YouTube. You don’t know the IP of youtube.com but you know the domain. So you type youtube.com in browser.
Flow looks like this:
Browser asks Recursive DNS Resolver
If cached → resolver returns IP immediately
If not cached → resolver asks Root Servers
Root sends resolver to .com TLD Servers
TLD sends resolver to youtube.com Authoritative Servers
Authoritative returns IP address
Resolver caches it
Resolver sends IP to browser
Browser connects to that IP and loads website
So browser never talks to root or TLD directly. Recursive resolver does all the heavy work for you.
Why NS records matter
NS records tell you which servers are authoritative for a domain.
This is important because:
They define who controls DNS for a domain
They decide where queries should be sent
If NS records are wrong, domain will break
They are key part of DNS delegation
That’s why dig NS commands are very useful in debugging DNS issues.
How this connects to real world systems
When you open a website, your browser depends fully on DNS to find the server IP. If DNS is slow or broken, website feels slow or broken even if server is healthy.
In backend and system design, DNS is critical because:
Load balancers use DNS
Multi-region setups use DNS
Failover is often handled using DNS
Traffic routing can be done at DNS level
Mapping dig to DNS layers
dig . NS→ Root Serversdig com NS→ TLD Serversdiggoogle.comNS→ Authoritative Serversdiggoogle.com→ Full resolution via recursive resolver
