What happens when you type www.google.com in the browser? How DNS works?

Why DNS is needed?

So we can't remember the IP address of each and every website present on the internet.

We need a platform to convert domain names (www.example.com) to an IP address of that respective domain. Here DNS comes in the picture. DNS helps us in converting a domain name to an IP address.

This is a very common question asked in system admin | DevOps interview . Lets's begin

When you type www.example.com in your browser:-

1. The operating system looks at /etc/host file first, for the IP address of www.example.com (this can be changed from /etc/nsswitch), then looks /etc/resolv.conf for the DNS server IP for that machine

2. DNS server will try to find the IP address of www.example.com in its database, If it finds, it will respond back, if not it will query root(.) server for the IP address of example.com.

3. Then it goes to root(.) server for the IP address of this domain name. There are a total of 13 root DNS servers whose information is already stored with the DNS software package.

a.root-servers.net.
b.root-servers.net.
c.root-servers.net.
d.root-servers.net.
e.root-servers.net.
f.root-servers.net.
g.root-servers.net.
h.root-servers.net.
i.root-servers.net.
j.root-servers.net.
k.root-servers.net.
l.root-servers.net.
m.root-servers.net.

4. From 13 root servers, one of the root servers will give the referral of TLD DNS servers of .com. TLD name servers have the information of all the SLD name servers.

5. After that one of the TLD servers from .com will give us the referral to the DNS servers of example.com

6. Then finally one of the DNS servers from example.com will give me the IP address of www.example.com (called A record)

Here is the demonstration of the above explanation with the dig command

 rasik@Rasiks-MacBook-Pro  ~  dig +trace www.example.com 
; <<>> DiG 9.10.6 <<>> +trace www.example.com
;; global options: +cmd
.   518400 IN NS a.root-servers.net.
.   518400 IN NS b.root-servers.net.
.   518400 IN NS c.root-servers.net.
.   518400 IN NS d.root-servers.net.
.   518400 IN NS e.root-servers.net.
.   518400 IN NS f.root-servers.net.
.   518400 IN NS g.root-servers.net.
.   518400 IN NS h.root-servers.net.
.   518400 IN NS i.root-servers.net.
.   518400 IN NS j.root-servers.net.
.   518400 IN NS k.root-servers.net.
.   518400 IN NS l.root-servers.net.
.   518400 IN NS m.root-servers.net.
;; Received 706 bytes from 127.0.0.1#53(127.0.0.1) in 507 ms


com.   172800 IN NS f.gtld-servers.net.
com.   172800 IN NS g.gtld-servers.net.
com.   172800 IN NS h.gtld-servers.net.
com.   172800 IN NS k.gtld-servers.net.
com.   172800 IN NS m.gtld-servers.net.
com.   172800 IN NS c.gtld-servers.net.
com.   172800 IN NS d.gtld-servers.net.
com.   172800 IN NS i.gtld-servers.net.
com.   172800 IN NS e.gtld-servers.net.
com.   172800 IN NS a.gtld-servers.net.
com.   172800 IN NS b.gtld-servers.net.
com.   172800 IN NS l.gtld-servers.net.
com.   172800 IN NS j.gtld-servers.net.
;; Received 1175 bytes from 192.5.5.241#53(f.root-servers.net) in 321 ms


example.com.  172800 IN NS a.iana-servers.net.
example.com.  172800 IN NS b.iana-servers.net.
;; Received 539 bytes from 192.52.178.30#53(k.gtld-servers.net) in 163 ms


www.example.com. 86400 IN A 93.184.216.34
;; Received 231 bytes from 199.43.135.53#53(a.iana-servers.net) in 319 ms

As you can understand by looking at the output of the dig commands, first f.root-server.net is replying with all NS(name server) of .com. Then k.gtld-servers.net is replying with all NS of the example.com. Finally a.iana-servers.net NS replies with the IP address of www.example.com domain name.