Computers on the internet are identified using IP addresses. These can be up to 12 characters long for IPv4 (e.g. 255.255.255.255) and up to 39 characters long for IPv6 (e.g., 2001:db8::7334). Since these numbers are difficult for humans to remember, domain names are used as easy-to-read aliases for IP addresses. However, computers still need the actual IP address to connect, so DNS (Domain Name System) servers are used to translate domain names into IP addresses.
How your browser determines IP Address from Domain Name
Each time you browse the internet, your browser (through its local DNS stub resolver) works to determine the IP address of the domain you entered in the address bar. Your browser needs to be configured to use the OS DNS resolver. You can check chrome://settings/security and disable Use Secure DNS
1. Local cache lookup: the local DNS stub resolver first checks if the IP address for the domain is already stored in the device’s cache. You can check your local cache using this PowerShell command on Windows. Get-DnsClientCache or clear with Clear-DnsClientCache. After clearing you can try a resolution with Resolve-DnsName google.com and the cache should populate again. If the local cache doesn’t have the required IP address, the local stub DNS resolver sends a request to the recursive DNS resolver
2. Recursive DNS query: If the local DNS stub resolver cannot determine the website’s IP address through the device’s cache, the DNS resolution request is sent to a recursive DNS resolver (often your ISP’s, a public DNS resolver or enterprise DNS resolver). For a Windows device, this is the DNS resolver configured on your network adapter. Assuming your device is connected to Wi-Fi, your local DNS stub resolver will forward DNS queries to your router which acts as a DNS forwarder. Your router checks its cache first and if no result it forwards the DNS Query to your ISP’s recursive DNS resolver or whichever has been configured. You can find the IP address of your router/DNS forwarder – Get-DnsClientServerAddress.
3. Root servers: The recursive DNS resolver starts by querying one of the root DNS servers. There are 13 of these root name servers which are static and often stored on your device in a root hints file. When a root name server is queried with “dareosewa.com” it answers “I know where you can get more information about “.com” addresses and returns the TLD name servers for .com. You can try this using the command below:
nslookup
> server 198.41.0.4
> dareosewa.com
The command above sets the target DNS server to the first of the 13 root DNS servers and queries dareosewa.com and this returns a list of TLD name servers for dareosewa.com
4. Top-Level Domain (TLD) servers: Now that the recursive name server has the TLD name servers for .com, it queries one of these name servers to know more about dareosewa.com. In this specific case, the dareosewa.com domain name was registered with IONOS but the website hosted on WebHostPython. In the process, the name servers of WebHostPython were configured on IONOS, IONOS then immediately updates the TLD registry. This means when your recursive DNS resolver queries the TLD nameserver they get the authoritative name servers for WebhostPython
In the result of the last command, I’ll use the IP address of the first TLD server returned
>server 192.41.162.30
> dareosewa.com
The command above sets the target server to 192.41.162.30 and queries for dareosewa.com which returns the authoritative DNS servers ns55.stableserver.net, ns56.stableserver.net. In this case, IP address is not returned so we have one more step:
ipconfig -> in the output of this command check the value of Default Gateway, this is the IP address of your router
> server $routerIpaddress
> ns55.stableserver.net
This command then gives the IP address of the authoritative name server
5. Authoritative DNS server: Finally, it contacts the domain’s authoritative DNS server, which provides the correct IP address.
> server $authoritativeNameserver
> dareosewa.com
6. Response – The IP address is returned to the browser, cached for future use, and used to connect to the website.