I was studying for my AWS Solutions Architect exam and realized that I was pretty weak on some web concepts. I’ve been mostly working on internal automation/ETL tools and some enterprise web, so I haven’t had the chance to deal with large-scale web traffic. After reading a bit of RFC 1034, various articles, and tinkering with dig, I think I’ve gotten a hand of how DNS works.

The gist of, say, looking up google.com, is this:

  1. Ask your router at for ..
  2. Router gives you (likely cached) NS records for . (root servers).
  3. Ask one of the root servers for the TLD com.
  4. Root server gives you NS records for generic top-level domain (GLTD) servers for com.
  5. Ask one of the gltd servers for subdomain google.com.
  6. gltd server gives you NS records for the subdomain google.com.
  7. Ask one of the NS servers for google.com.
  8. NS server can either give you a CNAME record that points to the canonical name (i.e. the subdomain that actually maps to the IP address of the resource you’re looking for), or an A (or AAAA for ipv6) record that maps that maps the google.com subdomain to the IP address of the server holding the resource for google.com. In the case of google.com, though, it’s just an A record, not a CNAME.

All of this is handled by the DNS resolver on each nameserver after your client makes the query.