Using dig +trace to understand DNS resolution from start to finish

General

The
dig
command
is
a
powerful
tool
for
troubleshooting
queries
and
responses
received
from
the Domain
Name
Service
(DNS).
It
is
installed
by
default
on
many
operating
systems,
including
Linux®
and
Mac
OS
X.
It
can
be
installed
on
Microsoft
Windows
as
part
of Cygwin. 

One
of
the
many
things
dig
can
do
is
to
perform
recursive
DNS
resolution
and
display
all
of
the
steps
that
it
took
in
your
terminal.
This
is
extremely
useful
for
understanding
not
only
how
the
DNS
works,
but
for
determining
if
there
is
an
issue
somewhere
within
the
resolution
chain
that
cause
resolution
failures
for
your
zones
or
domains. 

First,
let’s
briefly
review
how
a
query
recursive
receives
a
response
in
a
typical
recursive
DNS
resolution
scenario: 

  1. You
    as
    the
    DNS
    client
    (or
    stub
    resolver)
    query
    your
    recursive
    resolver
    for
    www.example.com. 
  2. Your
    recursive
    resolver queries
    the
    root
    nameserver
    for
    NS
    records
    for
    “com.” 
  3. The
    root
    nameserver
    refers
    your
    recursive
    resolver
    to
    the
    .com
    Top-Level
    Domain
    (TLD)
    authoritative
    nameserver. 
  4. Your
    recursive
    resolver
    queries
    the
    .com
    TLD
    authoritative
    server
    for
    NS
    records
    of
    “example.com.” 
  5. The
    .com
    TLD
    authoritative
    nameserver
    refers
    your
    recursive
    server
    to
    the
    authoritative
    servers
    for
    example.com. 
  6. Your
    recursive
    resolver
    queries
    the
    authoritative
    nameservers
    for
    example.com
    for
    the
    A
    record
    for
    “www.example.com”
    and
    receives
    1.2.3.4
    as
    the
    answer. 
  7. Your
    recursive
    resolver
    caches
    the
    answer
    for
    the
    duration
    of
    the

    time-to-live
    (TTL)     specified
    on
    the
    record
    and
    returns
    it
    to
    you.

The
above
process
basically
looks
like
this:

Step
1

Step
2

Step
3

Step
4

Step
5

This
process
occurs
every
time
you
type
a
URL
into
your
web
browser
or
fire
up
your
email
client.
This
illustrates
why
DNS
answer
speed
and
accuracy
are
so
important:
if
the
answer
is
inaccurate,
you
may
need
to
repeat
this
process
several
times;
and
if
the
speed
with
which
you
receive
an
answer
is
slow,
then
it
will
make
everything
you
do
online
seem
to
take
longer
than
it
should.  

Driving
both
DNS
answer
speed
and
accuracy
is
at
the
core
of
the
IBM®
NS1
Connect®
value
proposition.
  

Learn
more
at
IBM
NS1
Connect

Was
this
article
helpful?


YesNo

Technical
Team
Lead,
IBM®
NS1
Connect®

You might also like More from author

Comments are closed.