Search

Recursive and Iterative DNS Queries

Two terms are often referred related with DNS (Domain Name System) Queries; Recursion and Iteration.

Recursion in DNS (Domain Name System) is the process of a DNS Server, querying other DNS Server on behalf of original DNS Client.

Iteration is the process of a DNS Client, making repeated DNS (Domain Name System) Queries to different DNS Servers for name resolution.

Recursive DNS Query: In a Recursive DNS Query, the DNS Client sends a Query to a DNS Server for name resolution. The reply to the DNS Query can be an answer to the query or an error message.

In Recursive DNS Query, If the DNS Server doesn't know the answer to provide accurate answer to the DNS Client, DNS Server may query other DNS Servers on behalf of the DNS Client.

Iterative DNS Query: In Iterative DNS Query, when a DNS Client asks the DNS server for name resolution, the DNS Server provides the best answer it has. If the DNS Server doesn't know the answer to the DNS Query from Client, the answer can be a reference to another lower level DNS Server also. This lower level DNS Server is delegated at the higher level DNS Server to be Authoritative for the DNS namespace which the DNS Query is related with. Once the DNS Client get the referral from higher level DNS Server, it can then send a DNS Query to the lower level DNS server, got as referral.

To understand the concept clearly, let us consider below example.

I am sitting at my desk and want to open the website www.omnisecu.com, for learning networking. I entered the URL in my browser and hit "Enter".

Firefox DNS

Step 1: The DNS Resolver service running in DNS Client contacts the local DNS Server (Recursive DNS Server) with a Recursive DNS Query to resolve the Fully Qualified Domain Name (FQDN), www.omnisecu.com. The Local DNS Server must now answer the Query with the IP Address corresponding to the Fully Qualified Domain Name (FQDN) www.omnisecu.com. If the local DNS Server is the Authoritative DNS Server for DNS namespace omnisecu.com, it will check the related zone for Resource Records matching Fully Qualified Domain Name (FQDN) www.omnisecu.com, and will return answer for DNS Query.

If the local DNS Server is not the Authoritative DNS Server for the DNS namespace omnisecu.com, the local DNS Server will check its cache memory to provide an answer to the DNS Query. Cache memory holds recent name resolutions performed by the DNS Server.

Step 2: If the Local DNS Server (Recursive DNS Server) cannot find relevant information from zone or cache memory, it contacts a DNS Server at the highest level (which is a Root Level DNS Server) with an Iterative DNS Query for www.omnisecu.com.

Step 3: The Root Level DNS Servers are not the Authoritative DNS Servers for the DNS Namespace omnisecu.com, but a delegation to the Authoritative DNS Servers for the TLD .com is configured at the Root Level DNS Servers. So the Root Level DNS Servers responds to the Local DNS Server with a referral to a Authoritative DNS Server for the TLD .com Level DNS Namespace.

The Local DNS Server (Recursive DNS Server) now contacts TLD .com Level DNS Server with an Iterative DNS Query for www.omnisecu.com.

Step 4: The TLD .com. level DNS Servers are not the Authoritative name servers for namespace omnisecu.com. But a delegation to the Authoritative DNS Servers for the omnisecu.com. is configured at the TLD .com. Level DNS Servers. So the TLD .com. level DNS Servers responds to the Local DNS Server with a referral to a DNS Server Authoritative for the omnisecu.com., DNS Namespace.

The Local DNS Server now contacts the Authoritative DNS Server of the domain omnisecu.com with an Iterative DNS Query for FQDN www.omnisecu.com. omnisecu.com DNS Server's zone is configured with Resource Records for all Servers and Workstations inside omnisecu.com domain. omnisecu.com DNS Server now responds to the Local DNS Server with IP Address related to the FQDN www.omnisecu.com. Finally this information is passed down to the DNS Client as final DNS Reply. The TCP/IP protocol stack on DNS Client can now start communicating with www.omnisecu.com using its IP Address.

As you can see from the below image, the DNS Query 1 is a Recursive Query, and 8 is the reply for it. The DNS Queries 2, 4 and 6 are Iterative DNS Queries and 3, 5 and 7 are the replies for it respectively.

 

Recursive Iterative DNS query

Related Tutorials