I'm having trouble understanding how the DNS resolution system actually works. I would like to know the functional relationship between these:
DNS server, root nameserver, gTLD, ccTLD, domain name registrar and domain name registry.
I know there is a hierarchy from the root servers down to DNS servers but quite do not understand the role of registrars for example (functionally, as in when resolving a URL).
I actually do have a pretty good knowledge but the top servers and registrars started confusing me after reading about botnets resolving their own DNS queries (from a 2005 source, not sure if they still do) to prevent people from shutting down the DNS servers and that registrars are difficult to deal with. So that means they relied on dynamic DNS in the past and now register a whole domain in the registrar and registrars refuse to block those addresses? What's the role of root servers then and why can't they block these DNS servers? And I'd imagine that registrars do not do dynamic DNS and the IPs of those servers could easily be revealed and shut down as they would be static.
I'm doing research on botnets and the information is very scattered so it's difficult to put everything together. Would really appreciate some help.