DNS

What’s the difference
between recursive and authoritative DNS?

What is DNS?

DNS stands for Domain Name System. This system operates like a translator, converting domain names from human-readable words into computer-readable numbers in the form of IP addresses. Every device that connects to the internet has its own unique IP address. Without DNS, you’d have to remember a complicated string of numbers for every website you wanted to visit.

This FAQ provides a more in-depth look at what DNS is and how it works.

What is recursive DNS?

“Recursive” refers to a procedure that can repeat itself indefinitely. Recursive DNS is used by every device or system that access the internet. When you type a website name into your browser, perform a web search or attempt to access an internet-based application, the request is sent from your machine to a recursive resolver.

What is authoritative DNS?

“Authoritative” refers to something that possesses authority or knowledge. Authoritative nameservers act as directories for web addresses, storing the most up-to-date information about domains and the IPs associated with them. Authoritative nameservers provide recursive resolvers with the final answer for user queries.

Where do recursive resolvers and authoritative nameservers fit within DNS?

When a request is received by a recursive resolver, the resolver first attempts to answer the query with information stored in its cache. If there’s no information available in cache, the resolver contacts a root server, which then refers the resolver to a TLD. The resolver is then sent by the TLD to an authoritative nameserver, which provides the final answer to the original request. This process repeats as many times as necessary until a final answer is received.

Who uses recursive DNS?

If you use any device or system to access the internet, you use recursive DNS. Recursive resolvers are typically provided by internet service providers (ISPs), and typical internet users don’t realize they can search for alternatives beyond what their ISP provides.

Who uses authoritative DNS?

Small and enterprise-level businesses use authoritative DNS, as do individuals who own domain names for any reason. Without authoritative DNS, a domain would not be reachable by anyone trying to visit the site.

Because enterprise-level authoritative DNS is more secure, better performing and has more features, it’s critical for businesses. Both free and paid authoritative DNS providers exist, but most organizations will be better served by the premium options offered by paid providers.

What are the main differences between recursive and authoritative DNS?

Recursive and authoritative DNS work together and depend on each other, but key differences exist between them:

  • Recursive servers temporarily store information they’ve previously retrieved, but when that information isn’t available in cache, they have to get it from another server. Authoritative nameservers always hold the most up-to-date information and can provide a final answer for new user queries.
  • Generally speaking, the recursive DNS provided by ISPs lacks the advanced features often offered by authoritative DNS providers, such as customization options and the use of EDNS client subnet.
  • Enterprise authoritative DNS provides users with increased security, faster speeds, better performance and higher uptime, making it a necessity for organizations and online businesses.