When asked about DNS, we think of a pair of different yet intertwined pieces of technology. The Domain Name System is comprised of two parts - Authoritative and Recursive. While often confused by many, this short article should help explain each.
Authoritative DNS is the system that takes an address, like google.com, and provides an answer about the resources in that zone.
The typical transaction looks something like this:
- User types an address into a web browser, or an application calls out to a given name of a resource on the Internet.
- The request is sent out for an answer
- ns1.google.com is asked where google.com is, points to 126.96.36.199.
- .com doesn’t know where google.com is, but it does know that it has an authoritative server at ns1.google.com.
- If it’s not cached, the first stop is the root name server for the given TLD - in this example .com.
- First to the recursive server, to see if there are any cached answers for the hostname.
- The answer, 188.8.131.52, is returned to the client.
- TCP transaction to the given server is made and user is given the resource they requested.
The purpose of Recursive DNS, as we saw in step 2.1 above, is to hold information about a host for the given amount of time specified by that record’s Time To Live (TTL) Value. Recursion can happen at a number of different levels, depending on the network.
Recursive DNS exists primarily to help reduce authoritative lookups, and increase the speed at which Internet users are able to access the resources they most frequently use. While ISPs provide this as a free service, there are a number of public DNS recursives that can be used as an alternative. OpenDNS and Google DNS are examples of free, public recursive servers - because they are more widely used, the recursion is aggregated globally and may result in an increase in performance when browsing the web.
There are other types which do a bit more specialized work such as content filtering, like the one the team at Cisco Umbrella have spun up. In addition to acting as a DNS cache, the content filtering recursive uses live data from a number of sources to keep traffic away from objectionable content. This comes in handy for local network operators like schools or businesses.