HomeBlockchainUsing dig +trace to understand DNS resolution from start to finish

Using dig +trace to understand DNS resolution from start to finish

-


The dig command is a powerful tool for troubleshooting queries and responses received from the Domain Name Service (DNS). It is installed by default on many operating systems, including Linux® and Mac OS X. It can be installed on Microsoft Windows as part of Cygwin. 

One of the many things dig can do is to perform recursive DNS resolution and display all of the steps that it took in your terminal. This is extremely useful for understanding not only how the DNS works, but for determining if there is an issue somewhere within the resolution chain that cause resolution failures for your zones or domains. 

First, let’s briefly review how a query recursive receives a response in a typical recursive DNS resolution scenario: 

  1. You as the DNS client (or stub resolver) query your recursive resolver for www.example.com. 
  2. Your recursive resolver queries the root nameserver for NS records for “com.” 
  3. The root nameserver refers your recursive resolver to the .com Top-Level Domain (TLD) authoritative nameserver. 
  4. Your recursive resolver queries the .com TLD authoritative server for NS records of “example.com.” 
  5. The .com TLD authoritative nameserver refers your recursive server to the authoritative servers for example.com. 
  6. Your recursive resolver queries the authoritative nameservers for example.com for the A record for “www.example.com” and receives 1.2.3.4 as the answer. 
  7. Your recursive resolver caches the answer for the duration of the time-to-live (TTL) specified on the record and returns it to you.

The above process basically looks like this:

Step 1

Step 2

Step 3

Step 4

Step 5

This process occurs every time you type a URL into your web browser or fire up your email client. This illustrates why DNS answer speed and accuracy are so important: if the answer is inaccurate, you may need to repeat this process several times; and if the speed with which you receive an answer is slow, then it will make everything you do online seem to take longer than it should.  

Driving both DNS answer speed and accuracy is at the core of the IBM® NS1 Connect® value proposition.   

Learn more at IBM NS1 Connect

Was this article helpful?

YesNo

LEAVE A REPLY

Please enter your comment!
Please enter your name here

LATEST POSTS

Congressman Matt Gaetz Introduces Bill to Allow Federal Income Tax Payments in Bitcoin

Congressman Matt Gaetz (R-FL) has introduced legislation to allow federal income tax payments to be made in Bitcoin. Exclusively reported first by the Daily Wire,...

Rivian’s stock rockets 41% higher on $1 billion Volkswagen investment, planned JV

Shares of Rivian Automotive Inc. skyrocketed after hours Tuesday after Volkswagen AG said it will invest $1 billion in the electric-vehicle maker, with plans...

Play Games, Win Bitcoin With THNDR Games CEO Desiree Dickerson

Company Name: THNDR GamesFounder: Desiree Dickerson, Jack Everitt, Greg Flor and Rafal GawelDate Founded: Originally founded in 2019 | Re-launched in 2021Location of Headquarters:...

Unclogged Now Officially Live in Six Countries

New Features and Game ModesAmong the new features introduced is Arcade Mode, designed to provide players with levels featuring specific objectives.This mode aims to...

Most Popular