How Does DNS Work? — A Semi-Comical Flow

In my experience, I've revisited this topic multiple times — and every single time, I’ve learned something new. So here’s a simple visual walkthrough for those who want to understand what really happens when you type a domain name into your browser.

We’ll break this into two parts:

Part One: From User System to DNS Query

When you access the internet (typically via a web browser), your system doesn’t magically know where ashwiniag.com lives. It needs to resolve that domain into an IP address first. This is where DNS kicks in.

Part Two: The DNS Query's Journey Through the Internet

Now comes the resolution — the journey where your request travels across recursive resolvers, root servers, TLD servers, and authoritative name servers to eventually get back the IP address.
A simple picture to begin with...

So... Why DNS Anyway?

Your computer doesn’t understand "ashwiniag.com" — it understands IPs like 185.199.108.153. Since humans suck at remembering numbers, DNS was created to bridge that gap. It’s like asking your phone to "Call Mom" instead of typing her 10-digit number every time.

If you want a proper intro to DNS and its necessity, I covered it in this older blog post. Worth a read if you’re brushing up.

But Where Does the Resolution Actually Start?

The first real hero in this story is the Recursive Resolver. It’s the component that takes responsibility for figuring out what IP to return to your system.

Here’s the catch — how does your system know which resolver to ask?
Enter cat /etc/resolv.conf — this file typically holds the IPs of your DNS resolvers. These are usually provided by your ISP (Internet Service Provider), unless you’ve manually changed them.

Popular public resolvers:

• Google DNS: 8.8.8.8
• Cloudflare DNS: 1.1.1.1 (faster + more secure)

DNS Resolution Order

Here’s a quick high-level look at how your system handles a DNS request (assuming it’s not already cached):

1. Checks local cache (browser or OS memory)
2. Checks /etc/hosts – for any manually mapped IPs
3. Reads /etc/resolv.conf – to find out which DNS resolver to contact
4. Contacts the recursive resolver, which then:
   • Talks to the root server
   • Then the TLD server (like .com)
   • Then the authoritative name server
   • Gets the final IP and sends it back

I tried wrapping all of this in the most abstract and silly semi-comical flow I could draw — see below 😄

What Happens After We Get the IP?

Once your system has the IP address, the next phase begins — setting up a connection. That means opening a secure line of communication with the target server.

This is where understanding these topics becomes helpful:

• HTTP/HTTPS
• TLS Handshake
• SSL/TLS Protocol

TL;DR

• DNS is your phonebook for the internet.
• Your browser doesn’t “just know” where to go — it asks a bunch of systems.
• The resolution flow involves cache → hosts file → resolv.conf → DNS resolver → recursive resolution.
• Once resolved, only then does your browser open a connection via HTTP or HTTPS.

Troubleshootings

• Why nslookup works but ping says “Name or service not known”?