What Is Recursive DNS & How It Differs from Authoritative DNS

What Is Recursive DNS & How Does It Differ From Authoritative DNS?

Recursive DNS is a process where a DNS resolver queries multiple DNS servers to retrieve the IP address of a domain name, ensuring the client receives the correct IP address for their requested website.

The recursive DNS server continues this process, querying from the root server down to the authoritative server, until it finds the specific IP address for the domain.

In this article, we will discuss what recursive DNS is, how it works, and the differences between authoritative and recursive DNS.

Takeaways
  • Recursive DNS servers request answers from all records and return with a “not found” response if records aren’t found
  • Authoritative DNS servers request answers from existing records and refer you to another server if records aren’t found
  • Recursive DNS servers offer users improved performance and better control, but they also present security risks

What Is a Recursive Query in DNS?

Recursive queries are a type of DNS (Domain Name System) query that retrieves DNS records for a client from a specific domain or subdomain.

When making a recursive query, it is up to the name server to determine if it has enough information available in its cache or from other authoritative sources before responding with an answer.

If it cannot find what was requested, then a “not found” message will be returned instead.

Iterative vs Recursive DNS Queries

Iterative queries are a type of DNS query that allows the client to request an answer from the name server. The name server may either respond with the requested information or refer the client to another authoritative source for more information.

Recursive queries are different from iterative ones because they require the name server to provide an answer if one is available, or else return a “not found” message if it cannot find what was requested.

Recursive DNS Query Example 

Let’s say you are trying to find the IP address for a website called “example.com”.

The first step would be to send out a request to your local name server asking it if it is aware of the domain in question.

If not, the name server will then check its cache and see if there is any record that matches what was requested.

If nothing can be found, then the name server will start sending requests upstream until it finds either an authoritative answer or a “not found” message from another source further up in the hierarchy (such as the root name server).

Authoritative vs Recursive DNS Servers

AuthoritativeRecursive
Type of QueryIterativeRecursive
Answers RequestedExisting RecordsAll Records
Action if Record Not FoundRefer to Another ServerReturn “Not Found” Response
  • Authoritative DNS servers contain information about a domain, including IP addresses. They respond to requests for this information from clients and other name servers.
  • Recursive DNS is a type of query where the server must provide DNS records or come back empty-handed. It does not refer the client to another server as with iterative queries. Instead, it searches through its records until it finds an answer or determines that the requested record does not exist.

Who Uses a Recursive DNS Server?

Recursive DNS servers are usually used by large organizations that need to be able to quickly and reliably resolve domain names.

By using a recursive server, they can provide fast and accurate answers to clients without having to rely on other name servers or wait for replies from multiple sources.

Who Uses an Authoritative DNS Server?

Authoritative DNS servers are typically used by ISPs, web hosting companies, and domain registrars. They provide answers to queries about a specific domain name from their records.

Advantages of Recursive DNS

  • Improved performance as the name server does not need to refer the client to another name server
  • Reduced latency due to faster responses from recursive queries
  • Increased security as the end user can be sure of their connection’s authenticity
  • Greater control over content delivery by allowing organizations to cache answers from authoritative sources and serve them directly without referring clients elsewhere

Risks Associated with Recursive DNS

Recursive queries are used when a client wants an answer from a name server and does not want to wait for another name server to respond.

This can lead to potential security issues, as attackers may be able to take advantage of a vulnerable system by spoofing answers or using malicious software.

Recursive DNS Servers and DNS Amplification Attacks

A recursive DNS server will always respond to a query, regardless of whether it has the answer or not. This can lead to potential problems, as attackers may use this feature to initiate what is known as a “DNS amplification attack”.

In this type of attack, an attacker sends out multiple requests for information from vulnerable name servers, and the resulting responses are amplified in size due to the number of requests sent.

This can overwhelm the target system with traffic and cause it to become unresponsive or crash altogether.

Recursive DNS Servers and DNS Cache Poisoning Attacks

A recursive DNS server can receive and process requests from multiple clients. It does this by caching the responses, which are then sent to the client as an answer.

This means that if a malicious user poisons the cache with incorrect information, it can disrupt any clients using the affected name server.

Final Word: Find the DNS That’s Right for You

So, what is recursive DNS? Recursive DNS is a type of Domain Name System query that requires the name server to provide an answer or not.

It contrasts with an iterative and authoritative DNS query, where the name server will either respond with the answer, or it will refer the client to another name server that may have more information.

The Best Website Builders and Best Web Hosting services are here to help you with whatever DNS you use, so make sure you use one when setting up your website.

Next Steps: What Now?

Learn More About DNS

Frequently Asked Questions

Is 8.8 8.8 a recursive DNS server?

No, 8.8.8.8 is an authoritative DNS server run by Google that can respond to recursive queries from any client on the internet. It is not a dedicated recursive DNS server and is not designed for this purpose.

Should I disable recursive DNS?

No, you should not disable recursive DNS. Recursive DNS is an important component of the internet and helps ensure smooth operation for users worldwide. Disabling it could have unforeseen consequences that could disrupt your web browsing experience or other services on the network.

What does disable recursion in DNS mean?

This means that the DNS server will not perform recursive queries. This is done to protect against malicious requests from outside sources, as well as to limit the amount of resources used by a given server. To accomplish this, all requests must be made directly to authoritative name servers which are configured with records for the domain being queried.

What is a Disadvantage of the recursive method for DNS cache snooping?

The primary disadvantage is that it can be slow, as each request must traverse the entire chain of DNS servers until a response is returned. In addition, there’s an increased risk for malicious actors to intercept and manipulate requests or responses.

Why is recursive DNS bad?

Recursive DNS is not bad per se, but it can be vulnerable to malicious attacks. For instance, attackers may use recursive DNS to send large amounts of unsolicited traffic or conduct cache-poisoning attacks. To protect against these threats, administrators should ensure their networks are properly secured and monitored for any suspicious activity.

Sonja Vitas
Edited By:
Sonja Vitas
Content Editor

HostAdvice Speaks to ScalaHosting: An Interview with Chris Rusev

HostAdvice had the opportunity to speak with Chris Rusev, the CEO and co-founder of , a web hosting company that offers shared, cloud VPS, and...
8 min read
Eddie Segal
Eddie Segal
Digital Marketing Specialist

Email Deliverability: What Is It, Key Factors & Best Practices

What is Email Deliverability? Think of it like mailing a letter and making sure it lands right in the recipient's hands, not lost or thrown...
17 min read
Ela Gal-Kfir
Ela Gal-Kfir
Digital Marketing Specialist

Email Marketing vs. Social Media: Which is More Effective?

What is Email Marketing? Email marketing is a  that involves companies reaching out to potential and existing customers via email ...
10 min read
Ela Gal-Kfir
Ela Gal-Kfir
Digital Marketing Specialist

Email Engagement Metrics, Calculation & Best Practices

Email engagement tells us how interested recipients are in the content of emails they receive. It provides insights into what types of em...
12 min read
Ela Gal-Kfir
Ela Gal-Kfir
Digital Marketing Specialist
HostAdvice.com provides professional web hosting reviews fully independent of any other entity. Our reviews are unbiased, honest, and apply the same evaluation standards to all those reviewed. While monetary compensation is received from a few of the companies listed on this site, compensation of services and products have no influence on the direction or conclusions of our reviews. Nor does the compensation influence our rankings for certain host companies. This compensation covers account purchasing costs, testing costs and royalties paid to reviewers.
Click to go to the top of the page
Go To Top