Recursive vs Iterative DNS Name Resolution

DNS
Tristan Self2 Comments on Recursive vs Iterative DNS Name Resolution

You’ll use DNS all day everyday, but did you know there are two different forms of DNS query, recursive and iterative. Understanding how these work ensures that you understand how clients will be using your DNS server(s) and what access they might need to external DNS servers and therefore how that would affect things like firewall configuration. So let’s explore the two types:

recursive DNS query is a type of query where the DNS server who recieved your query will do all the leg work needed to get you the answer (i.e. go off and ask other DNS servers) and then give you the result.

An iterative DNS query is a type of query where the DNS server who recieved your query won’t do the leg work, but will give you a referral to a DNS server that might have the answer; in this case your DNS client would need to do all the leg work needed to get you the answer, which basically means following all the referrals.

Related Posts

How to add Lync 2010 SRV records to Ja.net DNS via admin.dns.ja.net

Tristan Self

Dell Openmanage DNS Records for Server Initiated Discovery (with Microsoft DNS)

Tristan Self

Create or Update TXT Record in InfoBlox API using Python Libraries

Tristan Self

2 thoughts on “Recursive vs Iterative DNS Name Resolution

  1. Let’s take a look at an example query first starting at the root. First of all we need the root hints, so in this case we’re going to just pick one at random, say c.root-servers.net 192.33.4.12.

    We are going to query for the geekmungus.co.uk domain for example.

    > nslookup
    > server 192.33.4.12

    Now we go and query the root domain:
    > geekmungus.co.uk
    > geekmungus.co.uk
    Server: c.root-servers.net
    Address: 192.33.4.12

    Name: geekmungus.co.uk
    Served by:
    – dns1.nic.uk
    213.248.216.1
    2a01:618:400::1
    uk
    – nsa.nic.uk
    156.154.100.3
    uk
    – dns3.nic.uk
    213.248.220.1
    2a01:618:404::1
    uk
    – nsd.nic.uk
    156.154.103.3
    2610:a1:1010::3
    uk
    – nsb.nic.uk
    156.154.101.3
    uk
    – nsc.nic.uk
    156.154.102.3
    2610:a1:1009::3
    uk
    – dns2.nic.uk
    103.49.80.1
    2401:fd80:400::1
    uk
    – dns4.nic.uk
    43.230.48.1
    2401:fd80:404::1
    uk

    As you can see this has returned the IP addresses of the .uk namespace, which is Nominet UK, so we now go and query them.

    > server 156.154.102.3
    > geekmungus.co.uk
    > server 156.154.102.3
    Default Server: [156.154.102.3]
    Address: 156.154.102.3

    > geekmungus.co.uk
    Server: [156.154.102.3]
    Address: 156.154.102.3

    Name: geekmungus.co.uk
    Served by:
    – ns1.phase8.net
    geekmungus.co.uk
    – ns0.phase8.net
    geekmungus.co.uk
    – ns2.phase8.net
    geekmungus.co.uk

    So now we can see the nameservers of my domain, we now finally can go and query that and finally get the root A record for my domain, which is where my site is made available from:
    > server ns0.phase8.net
    > geekmungus.co.uk

    > geekmungus.co.uk
    Server: ns0.phase8.net
    Address: 81.88.63.114

    Name: geekmungus.co.uk
    Addresses: 2a00:13b7::983:6e7a
    178.18.126.4

    And there you have it, you’ve followed from the root all the way down the DNS “tree”.

    Reply

  2. To do the name thing with Linux (or MacOS):

    > dig geekmungus.co.uk @192.33.4.12

    then using this result, find the next server:

    > > dig geekmungus.co.uk @213.248.216.1

    and so on…

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *