DNS Lookups Explained

dns-lookupsIn this tutorial we will examine what happens when you use DNS to lookup or resolve a domain name to an IP address.

We look at how DNS lookups work, and the exact process involved when looking up a domain name. We follow the client DNS query as it is processed by the various DNS servers in the response chain.

Before we start it might be useful to compare DNS name resolution with a standard question and answer that takes place in everyday life.

Let’s assume you want to know what country Casablanca is in.

Well the first thing you would probably do is ask one of your friends.

So you ask Bob but Bob doesn’t know so he would probably suggest you ask John as he travels a lot, and he might know. ( this is a referral)

So you ask John who again might know and give you the answer or again he might suggest you ask someone else. ( another referral)

This continues until you get an answer.

On the other hand you could also just ask bob, and tell him to get back to you when he’s found the answer. In this case Bob does all the chasing for you.

These exact processes are used when doing a domain name to IP address Lookup using DNS.

Recursive or non Recursive Queries

When a client or DNS server requests a DNS server to resolve a domain name it can use a recursive or non recursive query.


Recursive queries are generally used by clients i.e. PCs and they tell DNS server to respond only with an answer and not a referral.

A referral is essentially a response that says I don’t know the answer, but try this server it may know the answer.

Non recursive or Iterative queries are used by DNS servers and essentially instruct the other DNS server to return an answer or return the address of another DNS server that may know the answer.

Root Servers

The Domain name structure is an inverted tree like structure starting at the root.


You can consider it a parent child type relationship with the root being the parent.

The way in which it is constructed is that parents know about their children, but children don’t necessary know about their parents.

Therefore you can only traverse down the tree from the root and not up the tree.

The Root servers are responsible for the Root, and know all of the domain name servers that are responsible for all of the second level domain names. e.g. .com, .net, .org etc

So if you contact a root server looking to resolve the name www.mydomain.com it might not know the IP address itself, but it would know the IP address of a server that knows about the .com domain name.

Because almost all domain name queries need to use the root server there are many of them and they are busy.


DNS clients and DNS server both use caching to speed up the domain name lookup process and to ease traffic on the root servers.

A cache is a temporary store

If a client queries domain server A looking to resolve www.mydomain.com, and in turn domain server A queries domain server B etc then the result will be stored in a cache on

  • the client ( windows only)
  • domain server A
  • domain server B

If another client needs to resolve the same domain name using server A then server A can respond using the cached result.

You can check the DNS cache on a Windows machine with the command:

ipconfig /displaydns

Domain Name Lookup Examples

The schematic below shows two DNS lookups. In the first Lookup the local DNS server performs an interactive query and is directed down the domain tree to resolve the name.

In the second query the Local server knows the answer and so returns the result from cache.



  1. What would happen if client 1 makes a request for www.mydomain.com followed by ftp.mydomain.com
  2.  After about 1 minute Client 1 makes another request for www.mydomain.com .


  1. The first request would need to go to the root and work down the tree. The second request goes direct to the server responsible for the mydomain domain as the local server already knows who it is.
  2. If the client2 uses Windows then it uses it’s local DNS cache. If client2 is Linux machine then it will need to go the local DNS server, which will return it from it’s cache.
Was This Useful?

Related Tutorials and Resources:

Please rate? And use Comments to let me know more


  1. It sounds simple, so only one DNS hostname with the Pc ip gets an extension …like 193.678.8.1.(any number chosen). Then can be used by a router how do I assign usernames and passwords to hostnames ?

  2. This is an amazing article and shed light on many of the vague parts in my [naive] understanding of the DNS lookup process. Thanks Steve!

  3. Great explanation, thank you.

    Quick question, on Microsoft DNS is there a way to have logging set so that only DIRECT queries made against the Server for a HOST resolution is made, and have all other requests, referrals, etc not logged?


  4. Thanks for good explanation of DNS.

    But what happens if 1 of 2 DNS servers is down and my app wants to resolve domain name.
    does the DNS know that one DNS server is down and will aut. answer back with the other one?

  5. Hi Steve, this is very educative thank you.
    One question I’d like to ask:
    you mentioned we can check the client side DNS cache by ipconfig /displaydns, but how about the server side DNS cache. Is it possible to that if you are not the network administrator?

  6. Hi,
    I have a question: suppose that I ask for IP of http://www.example.com, the Local Name Server will start from the beginning of the tree asking the Root NS that referrals to TLD .com NS and so on.
    But what happens if I ask a second query for another .com domain like http://www.test.com? Does the Local Name Server ask again to the root NS or it goes directly to the TLD NS responsible for .com?

  7. how to check if the answer of the query raised by nslkookup (say nslookup somedoaminname.com server123) is from dans-cached data of the server 123

Leave a Reply

Your email address will not be published. Required fields are marked *