EN_CS_DNS - somaz94/DevOps-Engineer GitHub Wiki
Question: Explain how DNS resolves a domain name to an IP address using Recursive and Iterative Query methods. Also cover key DNS record types and their practical use cases.
| Term | Description |
|---|---|
| DNS | Distributed hierarchical system that resolves domain names to IP addresses |
| Root DNS | Top-level DNS servers (13 clusters worldwide) |
| TLD DNS | Manages top-level domains like .com, .net, .kr |
| Authoritative DNS | Holds the actual IP address for a domain |
| Recursive DNS | Performs the full lookup on behalf of the client; holds cache |
| TTL | Time To Live — duration (in seconds) a DNS record is cached |
Root DNS (.)
├── .com (TLD)
│ ├── google.com (Authoritative)
│ └── example.com (Authoritative)
├── .net (TLD)
└── .kr (TLD)
The client asks the Recursive DNS once; Recursive DNS performs the full lookup.
Client ──① www.example.com?──→ Recursive DNS
├──② .com NS?──→ Root DNS
├──③ example.com NS?──→ TLD DNS
└──④ www.example.com A?──→ Authoritative DNS
Client ←──⑤ 93.184.216.34──────── Recursive DNS
Client queries each DNS server directly in sequence. Rarely used in practice.
| Layer | Location | TTL |
|---|---|---|
| Browser cache | Client | ~60s (Chrome default) |
| OS cache | Client | Follows TTL |
| Recursive DNS | ISP / Corporate | Minutes to hours |
Cache hit = IP returned in 1 RTT.
| Record | Description | Example |
|---|---|---|
| A | Domain → IPv4 address | www.example.com → 93.184.216.34 |
| AAAA | Domain → IPv6 address | www.example.com → 2606:2800::1 |
| CNAME | Domain alias (points to another domain) | blog.example.com → example.com |
| MX | Mail server with priority | example.com MX 10 mail.example.com |
| TXT | Arbitrary text (SPF, DKIM, domain verification) | v=spf1 include:_spf.google.com ~all |
| NS | Authoritative nameserver for domain | example.com NS ns1.example.com |
| SOA | Zone metadata (Serial, Refresh, Retry, Expire) | — |
- Cannot use CNAME on root domain (
example.com) — conflicts with other records - Only valid on subdomains (
www.example.com)
| Feature | Description |
|---|---|
| GeoDNS | Return different IPs based on user location (AWS Route 53 Geolocation) |
| Weighted Routing | Traffic split by weight (Canary deployments) |
| Failover Routing | Auto-switch to secondary on health check failure |
| DNSSEC | Digital signatures on DNS responses to prevent spoofing |
dig www.example.com # Basic lookup
dig @8.8.8.8 www.example.com # Query specific DNS server
dig +trace www.example.com # Trace full resolution path
dig -x 93.184.216.34 # Reverse lookup (IP → domain)
# Flush DNS cache
sudo dscacheutil -flushcache && sudo killall -HUP mDNSResponder # Mac
sudo systemd-resolve --flush-caches # Linux