How DNS Works – Step by Step

DNS resolution is a hierarchical, multi-stage process that transforms a domain name into actionable information—typically an IP address. Each stage involves specific roles and servers, and each response can be cached at different levels. Understanding this process is essential for designing resilient infrastructure, debugging connectivity issues, and ensuring high availability.

Below is a complete breakdown of the resolution lifecycle for a query like www.example.com:

Step 1: Local Resolution Attempt (Host Cache)

The client system (typically the operating system or browser) checks its local DNS cache to see if it has a valid response for the domain. This cache is populated based on past lookups and follows the TTL (Time to Live) value of each record.

If a valid cached entry is found, the process ends here and no external request is made.

Step 2: Query Sent to Recursive Resolver

If the local cache has no entry or the record has expired, the system forwards the query to a recursive resolver (also called a DNS recursor). This is often provided by the ISP or a public DNS provider (e.g., Google’s 8.8.8.8, Cloudflare’s 1.1.1.1, or a corporate DNS server).

The recursive resolver takes responsibility for resolving the query fully and returning a final answer.

Step 3: Recursive Resolver Queries Root Server

The recursive resolver starts the resolution from the top of the DNS hierarchy: the root zone.

It sends a query asking for the nameservers of the Top-Level Domain (TLD) associated with the domain, such as .com, .org, .net, etc.

Example query:

Q: What are the authoritative nameservers for the .com TLD?

The root server responds with a referral to the appropriate TLD nameservers.

Step 4: Query to TLD Nameserver

Next, the resolver queries one of the TLD nameservers returned by the root.

Example:

Q: What are the authoritative nameservers for example.com?

The TLD nameserver responds with a referral to the authoritative nameservers for example.com.

Step 5: Query to Authoritative Nameserver

Finally, the resolver queries the authoritative nameserver for example.com, asking for the specific record (e.g., A, AAAA, CNAME) for www.example.com.

Example:

Q: What is the A record for www.example.com?

The authoritative server returns the IP address, such as:

A = 93.184.216.34

This is the final resolution.

Step 6: Response Returned and Cached

The recursive resolver returns the resolved IP address to the client. Both the resolver and the client may cache this response for the duration specified in the TTL. This speeds up subsequent lookups and reduces overall query volume.

Summary of the Resolution Flow

Client → Local DNS cache
Client → Recursive resolver
Recursive resolver → Root server
Recursive resolver → TLD server
Recursive resolver → Authoritative nameserver
Recursive resolver → Client

Each stage includes opportunities for caching, failure handling, and DNSSEC validation if enabled.

PreviousWhy is DNS Critical?NextKey Concepts & Terminology

Last updated 2 days ago

Was this helpful?