🛜 Step-by-Step DNS Journey: From your Browser → Home Network → Internet → Server

1) DNS Query Initiation

Example you type a URL (e.g., cooervo.com) into your browser.

2) Local /etc/hosts file

• Your computer first checks the local hosts file before querying DNS servers.

cat /etc/hosts

# Example output

# dev
11.0.3.40  dev.my-app.com

# stg
11.0.2.40  stg.my-app.com

# prod
11.0.1.40  prod.my-app.com

• If a match is found (e.g., 11.0.0.30 cooervo.com), the browser will use the IP address specified there and attempt to connect to that address, bypassing DNS resolution entirely.

3) Local DNS cache

• If no matching entry is found in the hosts file. Your computer checks its local DNS cache (stored in memory) to see if it already knows the IP.

# macOS
dscacheutil -q host -a name cooervo.com

# Output
name: cooervo.com
ipv6_address: 2001:4830:c210:178::2

name: cooervo.com
ip_address: 154.12.2.90

4) DNS resolver (Router > ISP > DNS resolver)

• If not, it sends a request to the configured DNS resolver (usually your home router or an external resolver like Google’s 8.8.8.8 or Cloudflare’s 1.1.1.1).
  • Role of the Home Router
    • Most home networks use the router as the local DNS forwarder. The router itself is configured to use an upstream DNS server (ISP’s DNS or a custom one).
    • The router may also provide local DNS resolution for devices on the LAN (e.g., resolving raspberrypi.local via mDNS or DHCP-assigned hostnames).

# macOS
scutil --dns

# Output
#...
resolver #1
  nameserver[0] : 8.8.8.8
  nameserver[1] : 8.8.8.4
  if_index : 11 (en0)
  flags    : Scoped, Request A records, Request AAAA records
  reach    : 0x00000002 (Reachable)

We can additional use the dig command to check where does the DNS resolve a host to

dig @8.8.8.8 cooervo.com

# Output
# ...
;; ANSWER SECTION:
cooervo.com.		300	IN	A	154.12.2.90

Additionally if we want more info about he DNS we can use whois command

whois 8.8.8.8

# Output informs us it's Google's DNS
# ...
Organization:   Google LLC (GOGL)
#...
OrgName:        Google LLC
OrgId:          GOGL

5) Recursive DNS Resolution

If the router doesn’t have the answer cached it will try a recursive DNS resolution.

1. DNS Recursor Acts as an intermediary between the client and DNS server hierarchy. It follows a series of referrals until it finds the requested IP address, caching results to speed up future lookups.
2. Root Nameserver Receives the initial query from the DNS recursor and directs it to the appropriate Top Level Domain (TLD) server based on the domain extension (.com, .org, etc.).
3. TLD Server Manages information for all domains sharing the same extension. Upon receiving a request from the recursor, it responds with the address of the authoritative nameserver for that specific domain.
4. Authoritative Nameserver Contains the actual DNS records that link domain names to their corresponding IP addresses. It provides the IP address to the recursor or returns an error if the information isn't available.
5. Once the DNS recursor obtains the IP address, it returns this information to the client's browser, enabling connection to the desired website or application.

# Get just the IP address
dig +short cooervo.com

# Output
154.12.2.90

# Get detailed DNS response
dig +answer cooervo.com

6) BGP routing

Think of DNS resolution as getting the address (IP) of a house (server).

BGP is like the postal system—it figures out the fastest way to get to you home address (IP).

Autonomous Systems

To understand BGP, we must understand Autonomous Systems.

What is an autonomous system?

The Internet is a network of networks. It is broken up into hundreds of thousands of smaller networks known as autonomous systems (ASes). Each of these networks is essentially a large pool of routers run by a single organization.

Now we’re in the world of Autonomous Systems (ASes). ASes belong to Internet service providers (ISPs) tech companies, universities, government agencies, and scientific institutions.

BGP is the protocol that governs how ISPs, data centers, CDNs, and backbone networks talk to each other about:

• What IP address blocks they own (e.g., “AS12345 owns 154.12.0.0/16”)
• How to reach those IP blocks (e.g., through AS23456 and AS34567)

Path Selection

Routers participating in BGP use:

• Path length
• Policy (preferred peers, costs, etc.)
• AS path (sequence of networks to traverse)

...to determine the best route.

Routing to the Destination

Eventually, BGP steers the traffic to the network that owns the IP, like a cloud provider (AWS, GCP, DigitalOcean, etc.), University, ISP, a CDN (Cloudflare, Akamai), or a company data center.

7) TCP/IP Stack Connects to IP

Now that your browser has the IP address (154.12.2.90), it initiates a TCP connection (e.g., to port 80 or 443) with the target server using the three-way handshake, to start sending packages to the IP:

The three-way handshake consists of:

1. SYN: Client sends synchronization packet
2. SYN-ACK: Server acknowledges and sends its own synchronization
3. ACK: Client acknowledges server's synchronization and TCP socket connection is established.

8) 🔐 TLS handshake

After the TCP handshake the TLS handshakes occur for secure connections

1. Agree on the TLS version (such as TLS 1.2 or TLS 1.3) to ensure compatibility.
2. Select a cipher suite to determine the encryption algorithms for secure communication.
3. Verify the server's identity using its public key and the digital signature from a trusted Certificate Authority (CA).
4. Create session keys to enable symmetric encryption for data exchange once the handshake is complete.
5. A secure connection is established. If both keys match, the TLS handshake is complete.
6. Data Transmission:Once the connection is secure, the application layer (like HTTP) can transmit its data over the encrypted channel.

8) BGP routing

9) Reaches the Server

Once server <-> client connection is established what might happen in a typical production setup, is: the IP maps to a Load Balancer, which then forwards traffic into your Kubernetes workloads.