Skip to main content
HashnodeBaloch Coder

Command Palette

Search for a command to run...

A Step-by-Step Guide to Tracing DNS with dig

Updated
3 min read
A Step-by-Step Guide to Tracing DNS with dig
A
Asim Ali

What is DNS and Why Name Resolution Exists?

Computers are great with numbers but they don't understand these plain texts on the other hand humans are great with names.

Name Resolution

Name Resolution is a the bridge between these two which is the process of converting a human readable domain google.com into a machine readable IP address (142.250.190.46). Just imagine if this didn't exist then you had to memorize hundreds of random numbers just to browse each site.

dig: command The DNS Detective

The dig (Domain information Groper) command is a powerful command line tool for querying DNS servers. It is used by developers and network administrators. It gives detailed information about domain names, IP addresses, and various DNS records such as A, MX and CNAME.

The Root Name Servers

dig . NS

The journey starts at the Root. The dot (.) in the command represents teh root of the entire internet. When you run dig . NS it means you are asking for the NS (Nameservers) which manage the top of the hierarchy. Globally there are 13 logical root server addresses. They don't know where is google.com but they know exactly who is the in charge of .com.

Once the Root Server tells you which "floor" to go to, you arrive at the TLD Name Servers. If you are looking for google.com, you must first talk to the .com TLD server.

What is a TLD Server?

A Top-Level Domain (TLD) server is a specialized DNS server that maintains the "master list" for a specific domain extension. Whether it’s .com, .net, .org, or specialized ones like .codes (which you use for your blog), every extension has its own dedicated set of TLD servers.

The Authoritative Name Servers

dig google.com NS

The authoritative DNS server is the final destination of the IP of the domain that you are actually finding. This is known as the boss. When you run dig google.com NS your see the servers that google has designated as the official source of truth. If a record is not found then it means it doesn't exist.

The Final Answer

dig google.com

Finally we perform the full lookup. When you run dig google.com you will be able to see the entire DNS Resolution Flow in action. The output will render an Answer Section with an A Record. This is the IP address your browser uses to finally knock on Google's door.

How This Works in the Real World

  • When you type a URL into a browser a Recursive Resolver (usually provided by your ISP)
    does all the dig steps for you in milliseconds.

  • It asks the Root where .com is.

  • It asks the TLD where google.com is.

  • It asks the Authoritative server for the IP address.

  • It hands that IP to your browser.

Why This Matters for You

As a developer, understanding this hierarchy helps you debug Propagation. When you change your DNS records and things don't work immediately, it’s usually because a server somewhere in this chain is still "remembering" the old answer.

#dns-resolution#chaicode#dns

Comments

Join the discussion

No comments yet. Be the first to comment.

More from this blog

Baloch Coder

12 posts

Deep dives into web development and code logic. A technical journal of my learning journey featuring cohort tasks, project walkthroughs, and modern tech explorations.