Skip to main content
HashnodeDNS Blog

Command Palette

Search for a command to run...

Understanding DNS and the dig Command: A Complete Guide to DNS Resolution.

Published
4 min read
Understanding DNS and the dig Command: A Complete Guide to DNS Resolution.
S
Saurav Jha

What is DNS?

The Domain Name System (DNS) is the phonebook of the internet. It translates the human-friendly website name into machine readable numeric values, in long story short it converts website name (www.example.com) into IP address (123.1.1.1) like this. DNS is like a universe of websites where all websites name in terms of IP are registered.

How DNS works?

There are several steps involved in this we will go through with each steps:

From the above image we can see the overview or how DNS works, now lets see how it internally works.

  • A user types example.com in the browser and that query goes to the internet and received by the DNS recursive resolver.

  • The resolver queries in to the DNS root nameserver.

  • The root server send responds to the resolver with the address of Top Level Domain (TLD) DNS server (such as .com or .net) which stores the information for its domains.

  • The resolver then makes a request to the .com TLD.

  • The TLD server then responds with the IP address of the domain’s nameserver, example.com.

  • Lastly, the recursive resolver sends a query to the domain’s nameserver.

  • The IP address for example.com is then returned to the resolver from the nameserver.

The above image is the architecture of DNS how IP address returned from the resolver of website and goes with the http request.

What is the dig Command and When It Is Used ?

dig stands for Domain Information Groper. It is a powerful command-line tool used to query DNS servers directly and inspect DNS records.

Why Use dig?

  • To debug DNS issues

  • To understand how DNS resolution works

  • To check DNS records like A, NS, MX, TXT, etc.

  • To see which DNS server is responding

dig google.com

This google.com is the domain name and when we type dig google.com then this command asks DNS server that what is the IP address of the google.com?

Understanding dig commands

Understanding dig . NS and Root Name Servers

Let’s start at the very top of the DNS hierarchy.

dig . NS

Here, the dot (.) represents the DNS root zone.

What Are Root Name Servers?

  • Root servers are the starting point of DNS resolution

  • They don’t know IP addresses of websites

  • They know which servers handle each TLD (.com, .org, .net, etc.)

There are 13 logical root server clusters, named:

a.root-servers.net
b.root-servers.net
...
m.root-servers.net

Each cluster is globally distributed using Anycast, meaning there are hundreds of physical servers worldwide.

Key Point

Root servers answer:

“I don’t know the IP, but I know who manages .com, .org, etc.”

Understanding dig com NS and TLD Name Servers

Next, we move one level down.

dig com NS

This asks:

“Which name servers are responsible for the .com top-level domain?”

What Are TLD Name Servers?

  • Managed by organizations like Verisign (for .com)

  • They store information about domains under that TLD

  • They do NOT store IP addresses for domains like google.com

Instead, they point to authoritative name servers for each domain.

Example Role

TLD servers answer:

“I don’t know google.com’s IP, but I know who is authoritative for google.com.”

Understanding dig google.com NS and Authoritative Name Servers

Now let’s query a specific domain:

dig google.com NS

This returns Google’s authoritative name servers, such as:

ns1.google.com
ns2.google.com
ns3.google.com
ns4.google.com

What Are Authoritative Name Servers?

  • They hold the actual DNS records for a domain

  • They provide final answers (IP addresses, mail servers, etc.)

  • They are controlled by the domain owner

These servers know everything about google.com, including:

  • A records (IPv4)

  • AAAA records (IPv6)

  • MX records (email)

  • TXT records (verification, SPF, DKIM)

Understanding dig google.com and the Full DNS Resolution Flow

Now let’s bring it all together.

dig google.com

Step-by-Step DNS Resolution Flow

  1. Client (Browser/OS)

    • Checks local cache

    • If not found, queries a recursive resolver (usually ISP or public DNS like 8.8.8.8)

  2. Recursive Resolver → Root Server

    • Asks: “Who handles .com?”

    • Root replies with .com TLD servers

  3. Recursive Resolver → TLD Server

    • Asks: “Who handles google.com?”

    • TLD replies with Google’s authoritative name servers

  4. Recursive Resolver → Authoritative Server

    • Asks: “What is the IP of google.com?”

    • Authoritative server returns the IP address

  5. Resolver → Client

    • Returns IP address

    • Stores the result in cache (based on TTL)

  6. Browser Connects to the IP

    • HTTP/HTTPS request begins

    • Website loads

Important Concept: Caching

DNS heavily relies on caching at multiple levels:

  • Browser cache

  • OS cache

  • Recursive resolver cache

This makes DNS extremely fast despite being a multi-step process.

Conclusion

DNS may seem simple on the surface, but it is a highly optimized, distributed, and resilient system that powers the entire internet.

By using the dig command, you can:

  • Explore DNS hierarchy hands-on

  • Understand root, TLD, and authoritative servers

  • Debug real-world DNS issues

  • Strengthen your networking and backend fundamentals

If you’re a backend developer, DevOps engineer, or full stack developer, mastering DNS is not optional — it’s essential.

#chaicode#chaicohort#chai-code

Comments

Join the discussion

No comments yet. Be the first to comment.

More from this blog

DNS Blog

2 posts