Recursive and iterative name resolution

from Wikipedia, the free encyclopedia
Query the DNS

A DNS request (also known as a DNS request ) can be answered using three different methods:

  • authoritative (the server gets the data from a local zone file )
  • non-authoritative
    • recursive (the server gets the data from another name server)
    • iterative (the server responds with one or more references or a resource record to other name servers)

The administrator of a name server can define whether this name server can process requests recursively or not. Name servers are usually recursive, as some resolvers cannot do anything with an iterative response. With heavily loaded servers (e.g. DNS root servers), however, recursion is deactivated.

Whether a request was answered authoritatively (i.e. from a local zone file) is defined by a flag in the DNS headers for requests and responses, the Authoritative Response Flag . The resolver can therefore determine from the server's response which of the three methods listed above was used.

The recursive answer

The recursion behavior is determined by further flags. A resolver sets the Recursion Desired flag - or RD for short - in the DNS request header when it wishes its request to be resolved recursively. The name server sets the Recursion Available Flag - RA - in its response if it is basically ready for recursion. Recursive work is only carried out if these flags are set for both a request and a response. Otherwise there is no difference between authoritative and recursive responses.

Recursive queries made to a name server are usually only resolved by it. To do this, the name server actively contacts other name servers, unless it can resolve the request itself (usually not the case).

The iterative answer

Instead of the data (e.g. IP address), an iterative response contains one or more references to other name servers. Such a reference includes the name of the other server, the name of the domain and - if known - the IP address (es). Here is an example of an iteratively answered DNS request with Nslookup : 

C:\>nslookup test.example.com

Name:    test.example.com
Served by:
 - dns01.extern.com
       172.27.182.11, 172.27.158.208
       example.com
 - dns02.extern.com
       example.com
 - dns03.extern.com
       172.27.157.16
       example.com

In this example, the name server tells the resolver that it can not resolve the name test.example.com , but that it knows three name servers that have information on this name. For the name server dns01.extern.com two IP addresses are supplied for dns02.extern.com not and dns03.extern.com one.