How does Domain Name Resolution actually work?

7 min readMay 12, 2024

Domain resolution is also called domain pointing, server settings, domain configuration, reverse IP registration, and so on. The service is completed by the DNS server, which resolves the domain name to an IP address.
Before we dive deep into how DNS resolution happens, let’s clear our understanding of a few concepts.

Internet Service Provider (ISP)

An internet service provider (ISP) is a company that provides internet access to consumers and businesses. ISPs can offer internet access through a variety of channels, including dial-up, DSL, cable, wireless, and fiber-optic connections. Example: Jio Fiber, Airtel Fiber, Verizon, etc.

Domain Name System (DNS)

It is a system that translates domain names into IP addresses. DNS servers act like a phone book for the internet, containing a database of public IP addresses associated with website names. When a user types a domain name into their browser, the DNS finds the correct IP address so the browser can load the internet page.

Search 8.8.8.8 in your browser and you will see Google DNS opening up.

Is Wireless Mobile Network and Wired Fiber Network same?

When you have a wired internet connection at home, such as fiber optics, DSL, or cable, the company providing you with that connection is acting as your Internet Service Provider (ISP). They manage the infrastructure that delivers internet access to your home through physical cables.
On the other hand, when you use a wireless mobile connection on your smartphone or tablet, the company providing you with the SIM card and mobile network service is known as a Mobile Network Operator (MNO). MNOs operate the cellular towers, radio access networks, and other infrastructure that allow your device to connect to the internet wirelessly.

Example: When you use a Vodafone SIM card in your mobile device to connect to the internet, Vodafone acts as the Mobile Network Operator (MNO). Vodafone operates the infrastructure, such as cellular towers and network equipment, that allows your device to communicate with its network. Vodafone, as an MNO, then connects to the broader internet through agreements with various ISPs (Internet Service Providers). These ISPs provide the backbone connectivity to the internet. When you access websites, send emails, or use apps on your mobile device, data travels from your device through Vodafone’s network, then through the ISPs’ network, and finally to the servers hosting the content or services you’re accessing. So, while you’re directly interacting with Vodafone’s network through your mobile device, Vodafone relies on ISPs to provide the internet connectivity that allows you to access online content and services.

How does everything come together?

So what happens when you hit example.com in your browser?

Step 1: Local Cache lookup

Your browser checks its local cache to see if it already has a recent DNS resolution for the requested domain. If it finds a match, it can skip the rest of the lookup process and use the cached IP address, expediting the connection.
If the DNS resolution isn’t found in the browser’s cache, the browser may check your operating system’s DNS cache. Operating systems like Windows and macOS maintain their own DNS caches for efficiency. If the DNS record is present here, it’s promptly returned to the browser.

Step 2: Request Sent to DNS Resolver

When you hit Enter, your browser sends a request to a DNS resolver. DNS resolver is part of the browser’s software, it receives the DNS query initiated by your action. The DNS resolver first checks if it already knows the IP address for example.comby looking in its local cache. If it finds the IP address there, it can skip the rest of the process and go directly to accessing the website.
If it doesn’t find the IP address in the cache, it starts reaching out to DNS servers for help.

Step 3: DNS Resolver forwards the request to DNS Server

How does the browser know the IP address of the DNS?
There are several options available for this:

Default DNS Resolver: Most devices, such as computers, smartphones, and routers, are pre-configured with the IP address of one or more DNS resolvers provided by your Internet Service Provider (ISP) or network administrator.
Network Configuration: When your device connects to a network, whether it’s your home Wi-Fi network, a cellular network, or a public Wi-Fi hotspot, it receives network settings from the network’s DHCP (Dynamic Host Configuration Protocol) server. These settings include the IP address of one or more DNS resolvers.

There are more esoteric methods for getting DNS server information to clients, but the two above cover well over 90% of cases.

Since DNS resolver now knows the IP of DNS server it has to connect to, it connects with the DNS server and asks for the IP address. It the IP address is found, it is returned to the DNS resolver. Otherwise, the DNS resolution process continues.

Step 4: Recursive Resolution

The DNS resolver, upon receiving a negative response (indicating that the initial DNS server does not have the IP address), continues the resolution process recursively. It queries other DNS servers in the DNS hierarchy to find the IP address of the requested domain name.

Step 5: Querying the Root Servers

The DNS resolver sends queries to authoritative DNS servers, starting with the root DNS servers.

The administration of the Domain Name System (DNS) is structured in a hierarchy using different managed areas or “zones”, with the root zone at the very top of that hierarchy. Root servers are DNS name servers that operate in the root zone.
There are 13 sets of root servers worldwide, maintained by various organizations under the oversight of the Internet Corporation for Assigned Names and Numbers (ICANN).

Since the DNS root zone is at the top of the DNS hierarchy, recursive resolvers cannot be directed to them in a DNS lookup. Because of this, every DNS resolver has a list of the 13 IP root server addresses built into its software. Whenever a DNS lookup is initiated, the recursor’s first communication is with one of those 13 IP addresses.

During an uncached DNS query, whenever a user enters a web address into their browser, this action triggers a DNS lookup, and all DNS lookups start at the root zone. Once the lookup hits the root zone, the lookup will then travel down the hierarchy of the DNS system, first hitting the TLDs servers, then the servers for specific domains (and possibly subdomains) until it finally hits the authoritative nameserver for the correct domain, which contains the numerical IP address of the website being sought.

Read this to learn more about root server: https://www.cloudflare.com/en-gb/learning/dns/glossary/dns-root-server/

Step 6: Top-Level Domain (TLD) Server

The root DNS server directs the resolver to the TLD server responsible for the .comdomain. The resolver then sends a query to this TLD server, asking for the IP address of example.com.

Step 7: Authoritative Name Server

The TLD server responds with the IP addresses of the authoritative name servers for example.com. An authoritative name server is a DNS server that holds the official and up-to-date DNS records for a specific domain name or zone. These servers are responsible for providing responses to DNS queries for the domain names within their authoritative zones.
These authoritative servers are responsible for knowing the IP address associated with example.com. The requested domain might have multiple IP addresses.
These multiple IPs serve as a form of redundancy and load balancing, ensuring reliability and performance. The DNS resolver receives these IPs and selects one based on factors like proximity, availability, or load.

Step 8: GeoDNS (Geographic DNS): Optimizing for Location

In addition to multiple IP addresses, some authoritative name servers employ GeoDNS techniques. GeoDNS provides different IP addresses based on the geographic location of the user making the DNS query. This optimizes performance and delivers geographically relevant content by directing users to the nearest data center, reducing latency and enhancing the user experience.

Step 9: Caching

The ISP’s recursive DNS resolver caches the IP address obtained from the authoritative name server, including multiple IP addresses if applicable.

Step 10: User’s Browser (Finally): Connecting to the Web

Finally, the DNS resolver sends the IP address back to your web browser. Armed with the IP address, your browser can now establish a connection to the web server hosting example.comand request the webpage.

Conclusion

In wrapping up, think of the DNS lookup process as the internet’s magical translator, turning everyday web addresses into digital doorways. From the initial domain name entry to the swift connection to your favorite websites, it’s a choreographed dance of servers and systems ensuring your online journey is smooth and seamless. So, the next time you surf the web, remember the invisible wizards behind the scenes making it all happen!

Happy Browsing!

Let’s Get in Touch

You are most welcome to follow me here on Medium. In addition, feel free to check out:

References

https://www.lifewire.com/free-and-public-dns-servers-2626062
https://www.datadoghq.com/knowledge-center/dns-resolution/
https://www.novell.com/documentation/dns_dhcp/?page=/documentation/dns_dhcp/dhcp_enu/data/behdbhhj.html
https://www.inetdaemon.com/tutorials/internet/dns/operation/hierarchy.shtml
https://www.cloudflare.com/en-gb/learning/dns/glossary/dns-root-server/
https://taruntelang.medium.com/demystifying-dns-lookup-a-deep-dive-into-how-your-browser-connects-to-a-website-bac738aaef9a#:~:text=Your%20browser%20checks%20its%20local,IP%20address%2C%20expediting%20the%20connection.