The important thing to realize is that the DNS is a hierarchical system.
(DNS stands for Domain Name System. The overall system. S doesn't stand for server).
https://en.wikipedia.org/wiki/Domain_Name_System
The maintenance is also a hierarchical thing.
At different "levels" there are different organizations/people responsible for maintaining the content of the DNS.
Like all hierarchical systems, there is a root. In the DNS, the root is "." (a dot).
Like / is the root in a file-system.
But unlike filesystem-names, the names don't grow "to the right", they grow "to the left".
(Long time ago, the British had their own DNS.
And their domain-names did grow from the left to the right. E.g. "uk.co.minicooper.www".
https://en.wikipedia.org/wiki/JANET_NRS
Just a useless fact from the past. Sorry about the distraction.
)
So the ICANN is responsible for maintaining the
"root zone".
The root zone consists of all top-level domains for all countries (.us .eu .ca .uk .nl .de .be etc etc).
And the original american top-level domains, like .com .edu .mil .net .gov etc etc.
(Note, technically the names of those top-level domains end in a dot. So the FQDN of "
www.google.com" is actually "
www.google.com.").
ICANN maintains the "root name-servers".
You can actually see who is responsible for each domain and subdomain.
Let's look at the domain-name
www.xs4all.nl.
We already know that "." is maintained by the root-name servers.
So first we ask who the maintainder of "nl." is. We ask a root name-server.
I use a simple program called "host" (a unix utility).
For clarity I left out most of the answers we got back.
$ host -t soa nl.
nl has SOA record ns1.dns.nl. hostmaster.domain-registry.nl. 2018092230 3600 600 2419200 600
In the SOA (Start of Authority) you can see who is responsible for the "nl." domain.
If we want to dig further, we'll have to ask the name-server(s) for "nl.".
(Btw, dig is also the name of a program like "host". More powerful. Slightly more complex ui).
$ host -t ns nl.
nl name server ns2.dns.nl.
nl name server ns3.dns.nl.
nl name server ns1.dns.nl.
nl name server sns-pb.isc.org.
These are the names of the 4 dns-servers for nl.
Now we need to ask the ip-address of one of those servers.
$ host -t a ns3.dns.nl.
ns3.dns.nl has address 194.0.25.24
So now we don't need to send queries to a root name-server anymore, we can send queries to ns3.dns.nl.
$ host -a xs4all.nl. 194.0.25.24 #(the last argument, the ip-address is the nameserver we send the query to).
....
xs4all.nl. 3600 IN NS ns.xs4all.nl.
xs4all.nl. 3600 IN NS ns2.xs4all.nl.
ns.xs4all.nl. 3600 IN A 194.109.6.67
ns2.xs4all.nl. 3600 IN A 194.109.9.100
ns.xs4all.nl. 3600 IN AAAA 2001:888:0:7::77
ns2.xs4all.nl. 3600 IN AAAA 2001:888:0:8::88
You can see xs4all.nl. has 2 name-servers (the NS records).
And we're getting already the ip-addresses for those 2 name-servers.
(A records contain a IPv4 address, AAAA records contain a IPv6 address).
So now we ask one of those name-servers about the name "
www.xs4all.nl".
$ host -a
www.xs4all.nl. 194.109.6.67
www.xs4all.nl. 300 IN A 194.109.6.92
www.xs4all.nl. 300 IN AAAA 2001:888:0:18::80
So to recap: who maintains the DNS ?
Here we did a query for
www.xs4all.nl.
The root (.) is maintained by ICANN. They can tell us who is resposible for "nl.".
And they give us the name and ip-address of a name-server for "nl.".
That name-server for "nl." is maintained by a Dutch organization called SIDN, who maintains the list of all domain-names and their servers under "nl.",
When we ask about xs4all.nl., that SIDN name-server refers us to xs4all's name-server, which is ofc maintained by xs4all.
Then we ask xs4all's name-server about
www.xs4all.nl, and we finally get the ip-address.
So you see: one query, but there were 3 parties involved. All responsible for maintaining their part of the overall DNS.