Skip to main content
HashnodeDNS Resolution

Command Palette

Search for a command to run...

The Internet's Address Book: A Deep Dive into DNS & dig

Peeling back the layers of the internet to see how domain names become IP addresses using the dig command.

Updated
4 min read
The Internet's Address Book: A Deep Dive into DNS & dig
J
Janhvi Deshmukh

When you navigate to google.com, you are asking for a name. But computers don't speak names, they speak numbers. They need an IP address (like 142.250.190.46) to route data.

DNS (Domain Name System) is the critical infrastructure that bridges this gap. It is the internet's "phonebook," translating human-friendly domain names into machine-friendly IP addresses. Without it, you would have to memorize random strings of numbers to browse the web.

But DNS isn't just a flat list. It is a highly structured, hierarchical distributed database. To understand how it truly works, we need to inspect it directly using the ultimate DNS diagnostic tool: dig.

What is dig?

dig (Domain Information Groper) is a command-line tool used to query DNS servers. While your browser hides the complexity of looking up an address, dig exposes the raw conversation. It is essential for debugging connectivity issues, verifying DNS records, and understanding the path your request takes across the world.

Let's peel back the layers of the internet, one command at a time.

Layer 1: The Root of All Things (dig . NS)

DNS is organized like an upside-down tree. At the very top (the "root") sits the Root Zone.

When a resolver (the server looking up the address for you) doesn't know where to start, it asks the Root. But who manages the Root? We can ask dig.

Command:

Bash

dig . NS

  • . represents the root of the DNS hierarchy.

  • NS stands for Name Server (who is responsible for this zone?).

The Output: You will see a list of servers named a.root-servers.net, b.root-servers.net, all the way to m.root-servers.net.

What this means: These are the Root Name Servers. There are 13 logical root server addresses in the world (though physically there are hundreds using Anycast). They are the gatekeepers. They don't know the IP address of google.com, but they know who manages .com.

They are the "Information Desk" at the entrance of the library. They can't give you the book, but they can point you to the correct aisle.

Layer 2: The Top-Level Domain (TLD) (dig com NS)

The Root servers direct traffic based on the extension of the domain (.com, .org, .io). These are called Top-Level Domains (TLDs).

If we want to find google.com, the Root server tells us to go talk to the servers that manage the .com registry. Let's see who they are.

Command:

Bash

dig com NS

The Output: You will likely see servers like a.gtld-servers.net.

What this means: These are the TLD Name Servers. In the case of .com, they are managed by a company called Verisign.

These servers still don't know the IP address of google.com. However, they track every single domain name that ends in .com. They know exactly which specific company has purchased "google" and which specific servers hold Google's records.

They are the "Aisle Librarian." They don't have the book, but they can point you to the specific shelf where the book lives.

Layer 3: The Authoritative Server (dig google.com NS)

The TLD server directs us to the Authoritative Name Server. This is the server actually owned or managed by the organization (Google) or their DNS provider (like Cloudflare or AWS Route53). This server holds the "Authority" to answer questions about that specific domain.

Let's ask the .com TLD servers where Google lives.

Command:

Bash

dig google.com NS

The Output: You will see servers like:

What this means: We have arrived at the destination. These servers are the final authority. They hold the actual map. If you ask ns1.google.com, "What is the IP for google.com?", it will answer with the actual data, not a referral.

Layer 4: The Final Resolution (dig google.com)

Now we put it all together. When you run a standard query, your computer (or your ISP's Recursive Resolver) follows this chain automatically.

Command:

Bash

dig google.com

(Note: By default, dig looks for an "A" record, which stands for Address/IPv4).

The Output:

Plaintext

;; ANSWER SECTION:
google.com.     300    IN    A    142.250.190.46

The Breakdown:

  1. Name: google.com. (The trailing dot signifies the root).

  2. TTL (300): Time To Live. This tells your computer, "Cache this answer for 300 seconds. Do not ask me again until then." This is crucial for performance.

  3. IN: Internet Class.

  4. A: The Record Type (IPv4 Address).

  5. Data: 142.250.190.46. The destination.

Summary: The Flow of Traffic

When you type a URL, the system design works like a relay race:

  1. You: "Where is google.com?"

  2. Recursive Resolver: "I don't know. Let me ask the Root." (dig . NS)

  3. Root: "I don't know, but .com is managed by Verisign. Go there."

  4. Recursive Resolver: "Okay Verisign, where is google.com?" (dig com NS)

  5. TLD Server: "I don't know the IP, but Google's Name Servers are at ns1.google.com. Go there."

  6. Recursive Resolver: "Hello ns1.google.com, what is the IP?" (dig google.com NS)

  7. Authoritative Server: "The IP is 142.250.190.46."

  8. Recursive Resolver: "Here is the IP!" -> Browser connects.

Understanding this flow allows you to spot where things break. If dig . NS fails, your internet is down. If dig google.com fails but dig 8.8.8.8 works, your DNS configuration is broken. dig gives you the visibility to know the difference.

Stay Tuned Coming Soon….

#dns#dns-resolver#dig#chaicode#masterji#ipaddress#web-development

Comments

Join the discussion

No comments yet. Be the first to comment.

More from this blog

DNS Resolution

5 posts