When a user enters www.example.com in a browser, the Domain Name System (DNS) converts it into a routable IP address (such as 203.0.113.5) within 100 milliseconds. This process involves recursive query, hierarchical resolution and cache optimization, and is a core part of the Internet infrastructure. Its technical essence is the hierarchical retrieval of distributed databases, which completes billions of requests per second through the collaboration of millions of servers around the world.
1. Hierarchical decomposition of the resolution process
Local resolver query (recursive query)
The client first initiates a UDP 53 port request to the preset recursive resolver (such as 8.8.8.8). If there is a valid record in the local cache, the result is returned directly (TTL determines the cache validity). Statistics from a global CDN service provider show that 38% of queries are completed through this layer, with an average response time of 2ms.
Root domain name server guidance
When the cache misses, the recursive resolver requests the authoritative server address of the .com domain from the root domain name server (13 clusters around the world, each cluster is distributed). The root server only returns the top-level domain (TLD) information, not the specific domain name resolution results. Response example:
dns
;; AUTHORITY SECTION:
com. 172800 IN NS a.gtld-servers.net.
com. 172800 IN NS b.gtld-servers.net.Top-level domain server resolution
The recursive resolver queries the .com TLD server (such as a.gtld-servers.net) for the authoritative DNS address of example.com. The TLD server returns the NS record for the domain name:
dns
;; ANSWER SECTION:
example.com. 172800 IN NS ns1.cloudflare.com.Authoritative domain name server response
The recursive resolver finally requests the A record for www.example.com from ns1.cloudflare.com. The authoritative server returns the IP address and TTL value:
dns
www.example.com. 300 IN A 203.0.113.52. Key technical mechanisms and optimizations
Record types and functions
| Record type Function Example | Functions | Example |
| A | IPv4 address resolution | www IN A 203.0.113.5 |
| AAAA | IPv6 address resolution | www IN AAAA 2001:db8::1 |
| CNAME | alias pointing to | cdn IN CNAME example.cdn.com |
| MX | mail server location | @ IN MX 10 mail.example.com |
| NS | specifies the authoritative DNS server | @ IN NS ns1.example.com |
Cache acceleration strategy
The recursive resolver cache caches records according to TTL (default 300-3600 seconds) to reduce upward queries. The client cache is the operating system (such as Windows DNS Client) caching recent results. The pre-fetch optimization is that the browser resolves the domain name in the page in advance when rendering the page.
Protocol evolution
EDNS (Extension Mechanisms): Supports DNSSEC verification and larger UDP packets (breaking the 512-byte limit); DoH/DoT: DNS over HTTPS/TLS encrypted transmission to prevent man-in-the-middle attacks; QNAME minimization: only necessary query fields are sent (such as www.example.com instead of www.example.com.) to reduce privacy leakage.
3. Deep adaptation of resolution scenarios
Global load balancing (GLB) is achieved through DNS intelligent resolution. Geographic routing resolves US users to 104.16.1.1, and Asian users to 172.67.2.2. Health checks automatically block faulty nodes (response code SERVFAIL). Protocol optimization is that the mobile terminal returns an IPv6 address (reducing NAT conversion).
In CDN acceleration, the CNAME of assets.example.com points to example.cdn.com, and the CDN platform returns the optimal edge node IP based on the user's location. The measured latency of a video platform has been reduced by 63%.
Mail routing MX record priority control:
dns
example.com. IN MX 10 mail1
IN MX 20 mail2When the primary server mail1 fails, the mail is automatically routed to mail2
Security protection DNSSEC verifies the authenticity of the record through the RSA/SHA256 signature chain to prevent DNS spoofing, response policy zone (RPZ): intercept malicious domain names (such as resolving malware.com to 127.0.0.1).
4. Operation and maintenance practice and troubleshooting guide
1. Resolution verification tool chain
# Complete resolution link tracking
dig +trace www.example.com
# Query by specified record type
dig example.com MX
# Detect DNSSEC verification
delv @8.8.8.8 example.com +vtrace2. TTL configuration strategy
Static resources: Set a longer TTL (86400 seconds) to reduce queries
Failure switching scenario: Shorten TTL to 300 seconds to speed up the effectiveness
3. Common fault handling
| Phenomenon | Root cause | Solution |
| SERVFAIL | DNSSEC verification failed | Check the consistency of the authoritative server DS record |
| NXDOMAIN | The domain name is not configured or misspelled | Confirm the authoritative server Zone file |
| Resolution delay > 500ms | Recursive server overload | Switch to public DNS (such as 1.1.1.1) |
| CNAME loop | Alias chain exceeds 7 layers | Simplify the resolution chain |
4. Monitoring system construction
Performance monitoring: Prometheus collects resolution delay and timeout rate
Correctness verification: Regularly compare authoritative and recursive resolution results
Security audit: DNSSEC signature validity period warning (alarm approaching 30 days)
Architecture evolution suggestions:
Core business enables Anycast DNS to achieve 50ms global coverage. Deploy local cache resolvers (Unbound+Pi-hole) in hybrid cloud environments to reduce external network dependence. Gradually migrate to DoH/DoT and complete the elimination of plaintext DNS by 2025. Domain name resolution has evolved from simple address mapping to an intelligent traffic scheduling hub. When quantum computing threatens current RSA encryption, DNSSEC's post-quantum algorithms (such as Falcon-1024) need to be deployed in advance.
The above is all the content of this article. It will be helpful for users who are building network services or solving DNS-related problems and need to understand the underlying mechanism of domain name resolution. The domain name resolution process involves multiple technical levels. If you need more details, you can continue to read the articles on our official website!
