DNS Resolution: Resolving a domain name to an IP address
What happens when you type a domain name in your browser?
We all know that computers understand only IP addresses and not domain names, so how are domain names mapped to IP addresses?
Most people would know that there is a process of DNS resolution involved which converts a domain name to an IP address, but how does that exactly work?
This post will cover each step involved in the resolution of a domain name into it’s corresponding IP address.
Step 1: Check browser cache
If this isn’t the first time you are visiting a website, there are chances that your browser has cached the IP address already.
This is to improve the performance and avoid the time spent in looking for the IP address.
If this is the case, then the process ends here.
But if you are visiting this site for the first time, or may be after a long time, we won’t have the browser cache available for this
Step 2: Forward the resolution to OS
If the browser does not find a cache, it makes a syscall to the OS. The syscall made is gethostbyname.
Once this call is made, the OS looks at the file /etc/nsswitch.conf.
This file would most probably have an entry like
hosts: files dns
This means that it needs to now check the /etc/hosts file
Step 3: /etc/hosts and and /etc/resolv.conf
The /etc/hosts file has entries of the following format
127.0.0.1 localhost.localdomain localhost
::1 localhost.localdomain localhost
The OS checks if there is a DNS entry for the requested domain name in /etc/hosts file.
If an entry is found, the corresponding IP address is returned. In case, no entry is present for the domain name in /etc/hosts file, it makes a DNS call to the /etc/resolv.conf file.
If there is no response, a DNS request is sent to the first IP address in this file.
This is generally the IP address of the DNS resolvers.
Step 4: DNS Resolvers
As soon as a DNS resolver gets a DNS request it looks in it’s cache. Maybe some other host also queried it for the resolution of the domain name and it has the entry present in its cache.
If so, it returns the cached IP address as a response.
If there is no entry, DNS resolver then sends the request to the root authority
Step 5: Root authority
DNS resolvers have the IP address of the root authoritative nameservers.
These nameservers contain IP addresses of the authoritative nameservers of the domain extensions.
So, for our example, if we are resolving medium.com, root authoritative server will look up for the IP address of the authoritative nameservers of com extension.
Step 6: Contacting the authoritative servers of domain extension
The root nameserver returns the IP address of the com authoritative namserver.
As soon as our resolver (from Step 4) gets this IP address, it sends a DNS request to the com authoritative server.
This authoritative server looks up its records and returns the IP address of the nameservers for medium.com
Step 7: Getting the final DNS record
Once our resolver (from step 4) receives the IP address of the nameserver of medium.com, it sends the DNS query to it.
This time, the nameserver looks into its DNS records and fetches the record mapped to medium.com.
This could either be an A record, CNAME or any other record.
This is then sent as a response to our DNS resolver.
If it is an A record, the IP address is then cached by the resolver and sent back to our OS, which forwards it to the browser. The browser then caches it too.
If in case it is a CNAME, the complete process from Step 4 to Step 7 is performed to resolve the corresponding CNAME to its IP address.
Some Basic Takeaways
Now that we know the entire process of DNS resolution, let’s see how it can some times impact our day to day life.
So consider that one of your browser is opening the website, while the other one is showing some error. It is most probably because the IP address has changed and one of the browser is using it’s cache to resolve the IP address. As soon as the cache expires, things will be back to normal in this case.
Consider that one of your friends in some different state can access a website but you face errors opening the same. It is the same cache issue but this time at the resolver level.
Though these cache issues are very rare to come by, but whenever they occur, we don’t know what happened and they seem to fix themselves magically.
Also this process of DNS resolution explains why having CNAMEs is a performance issue. Because now to open your website, the DNS resolution process has to be performed twice (or more if CNAME points to another CNAME).