Back to Blog
5 min readProtocols & Networking

DNS Resolution Explained

#DNS#Networking#Infrastructure

DNS (Domain Name System) is the phonebook of the internet. It translates human-readable names (example.com) into IP addresses (93.184.216.34).

The Hierarchy

  1. Stub Resolver: Your computer's local cache.
  2. Recursive Resolver: Usually your ISP or Google (8.8.8.8). It does the legwork.
  3. Root Servers (.): The 13 logical servers at the top of the chain. They know where .com, .org, etc., live.
  4. TLD Servers (.com): They know where example.com lives.
  5. Authoritative Nameservers: The actual server that holds the IP for example.com.

The Query Flow

  1. You: "Where is example.com?"
  2. Recursive: "I don't know. Hey Root, where is .com?"
  3. Root: "Go ask the .com TLD server at this IP."
  4. Recursive: "Hey .com TLD, where is example.com?"
  5. TLD: "Go ask the Authoritative Server at this IP."
  6. Recursive: "Hey Authoritative Server, what is the IP for example.com?"
  7. Authoritative: "It's 93.184.216.34."
  8. Recursive: "Here you go, user."

Security Implications

DNS was designed without security.

  • DNS Spoofing: An attacker replies faster than the real server.
  • DNS Tunneling: Exfiltrating data via DNS queries (since DNS is rarely blocked).

DNSSEC adds cryptographic signatures to records to prevent spoofing, but adoption is complicated.