DNS

How does DNS
lookup work?

What is DNS?

DNS stands for Domain Name System. This system uses designated authoritative nameservers to map domain names to numerical IP addresses.

What is a DNS lookup?

A DNS lookup, or DNS record lookup, is the process through which human-readable domain names (www.digicert.com) are translated into a computer-readable IP address (216.168.246.55).

A DNS lookup is the query journey initiated each time you enter a URL into your web browser’s address bar. Your DNS recursive resolver, also known as a recursor or resolver, will first check to see if the requested information is in cache. If no information is available in cache, the resolver will then request the IP address from root, TLD and authoritative nameservers.

Once the IP address has been found, the resolver will return that information to the client (your computer) in the form of the web page you’re trying to reach.  

What is a query journey?

A query journey includes every step taken to translate the domain name you’re trying to reach into an IP address. The journey begins when you enter a web address into your browser. The recursive server is the query’s first stop. From there, the recursor contacts a series of authoritative nameservers to gain the information it needs to translate the domain name into a language the computer can read. Finally, the IP address of the desired domain is returned. 

DNS records set the rules and lay down the paths the query will travel along. They store all the relevant information servers need to properly translate email addresses and domain names into meaningful numerical addresses to complete the DNS process. 

What is a forward DNS lookup? 

Forward DNS, also known as a forward DNS lookup, is one of the two different types of DNS lookup. This type follows the standard DNS query journey when you type in a URL or send an email and receive the related IP address in response to your request. 

This process allows an end client (your device) to translate a domain name or email address into the address of the device that would handle the server-side communication.

What is a reverse DNS lookup? 

Reverse DNS, also known as a reverse DNS lookup, is the second type of DNS lookup. This lookup request is used to obtain the domain name related to an IP address. Reverse lookups are typically used by email servers to ensure the servers they’re receiving messages from are valid.

To complete this process, the mail server must have a pointer (PTR) record established. This type of record informs other mail servers that its IP address is authoritative for sending and receiving mail for its related domain. 

The IP owner (typically the internet service provider (ISP) or hosting provider for the particular email server) delegates a zone for the server that ends in “in-addr.arpa” with numbers proceeding the letters. The numbers are the server’s IP block with the octets reversed.

DNS lookup commands

DNS information related to a domain can be found by using DNS lookup commands. These commands provide details such as nameservers, mail servers and configured records.

Nslookup

A nameserver lookup, also known as an nslookup, allows you to locate the nameserver associated with a domain along with any configured records. This information can be resolved using an IP address or domain name as the search option.

The command for an nslookup differs slightly across PC, Mac and Linux. On Windows 10, the command is run through the Command Prompt. On Mac, the command is run through the terminal. Linux users use dig, which is also a command line utility that allows users to locate domain information.