No announcement yet.

Difference between recursive DNS and authoritative DNS


Unconfigured Ad Widget

  • Filter
  • Time
  • Show
Clear All
new posts

  • Difference between recursive DNS and authoritative DNS

    What is the difference between recursive DNS and authoritative DNS? I have heard these terms before, but I'm not sure what they mean or how they are different. Can anyone explain it in simple terms?

  • #2
    There are two types of DNS servers: Authoritative and Recursive.

    Comparable to a publisher of various, regionally specific phone books is an authoritative nameserver. It possesses the initial zone records. It has been set up from the initial source, and it provides responses to the administrator-predetermined questions.

    Recursive DNS servers function similarly to someone looking for a person's or business' phone number in a phone book. In a recursive DNS lookup, one DNS server interacts with a number of additional DNS servers to locate an IP address and provide it to the client. Contrast this with an ongoing DNS query, when the client speaks to every DNS server participating in the lookup directly.

    Recursive and authoritative DNS exist simultaneously and are dependent on one another, although they differ significantly in the following ways:
    • Recursive servers cache information they've already retrieved, but they must obtain it from a different server if it isn't there in the cache. Authentic nameservers always have the most recent data and can respond definitively to new user inquiries.
    • Authoritative DNS servers give responses to asked queries via recursive DNS servers with the help of provided IP address and domain name. Recursive DNS servers get queries from clients and recursively traverse the DNS hierarchy until they find the appropriate IP address that is associated with the Domain name.
    • Typically, authoritative DNS servers don't store the outcomes. In order to speed up subsequent requests and lighten the stress on the DNS infrastructure, recursive DNS servers cache the outcomes of earlier queries.
    • Authoritative DNS servers are generally operated by the administrators of the domain names they serve. Internet service providers (ISPs) and other companies that offer internet connectivity typically run recursive DNS servers.
    • DNS cache poisoning operations, in which attackers alter the DNS cache to reroute clients to malicious websites, can make recursive DNS servers vulnerable. Since authoritative DNS servers rarely store results, they are less susceptible to these attacks.
    • Only requests for domain names that are hosted on authoritative DNS servers are answered. Particularly during times of peak internet traffic, recursive DNS servers may experience a large volume of client inquiries.