difference between iterative and recursive dns query
DNS is the most critical infrastructure, that's publicly available for use to everybody out there. You can infact say that, its a single point of failure, that can take down the world wide web.
I have tried to explain the working of DNS in one of my post. However, its impossible to conclude the entire topic, in one or even multiple posts for that matter. So i will be posting, different topics related to DNS, separately for giving a better understanding to the reader.
Read: How Does DNS Work
In this post, we will walk through different types of queries that a client uses to get different types of information from the DNS server.
What are the different types of DNS queries?
DNS queries can be classified according the manner in which a complete request is processed. Generally queries can be classified as follows.
- recursive query
- iterative query OR Nonrecursive query
- Inverse queries
What is a recursive query?
A recursive query is a kind of query, in which the DNS server, who received your query will do all the job of fetching the answer, and giving it back to you. During this process, the DNS server might also query other DNS server's in the internet on your behalf, for the answer.
Lets understand the entire process of recursive queries by the following steps.
Suppose you want to browse www.example.com, and your resolve.conf file has got the following entry.
[root@myvm ~]# cat /etc/resolv.conf
nameserver 172.16.200.30
nameserver 172.16.200.31
How does the name server select one from the given list of servers to query?
In the above case, you might have seen that our DNS server 172.16.200.30, had to select one server, from the given list of servers to query, multiple times.
For example there are 13 root servers(Well when i say 13 root servers, 13 is the number of addresses that is universal. There are Hundreds of servers at different locations in the world. These 13 root server addresses are anycasted addresses.), which root server will be queried, for an answer?
Related: What is IP Anycast, and how it works?
Almost all DNS server's uses an algorithm, to select one from the list, in order to distribute the load and response time.
The most Famous DNS server software BIND uses a technique called as rtt metric(Round Trip Time metric). Using this technique, the server tracks the RTT of each root server, and selects the one,with lower RTT.
What is an iterative or Non-recursive query?
Before beginning the explanation for iterative query. An important thing to note is that, all DNS server's must support iterative(non-recursive)query.
In an iterative query, the name server, will not go and fetch the complete answer for your query, but will give back a referral to other DNS server's, which might have the answer. In our previous example our DNS server 172.16.200.30, went to fetch the answer on behalf of our resolver, and provided us with the final answer.
But if our DNS server 172.16.200.30 is not a recursive name server(which means its iterative), it will give us the answer if it has in its records. Otherwise will give us the referral to the root servers(it will not query the root server's and other servers by itself.).
Now its the job of our resolver to query the root server, .COM TLD servers, and authoritative name server's, for the answer.
Lets go through the steps involved.
STEP 1: You enter www.example.com in the browser. So the operating system's resolver will send a DNS query for the A record to the DNS server 172.16.200.30 .
STEP 2: The DNS server 172.16.200.30 on receiving the query, will look through its tables(cache) to find the IP address(A record) for the domain www.example.com. But it does not have the entry.
STEP 3: Now instead of querying the root server's, our DNS server will reply us back with a referral to root servers. Now our operating system resolver, will query the root servers for the answer.
Now the rest of the steps are all the same. The only difference in iterative query is that
- if the DNS server does not have the answer, it will not query any other server for the answer, but rather it will reply with the referral to DNS root server's
- But if the DNS server has the answer, it will give back the answer(which is same in both iterative and recursive queries)
- in an iterative query, the job of finding the answer(from the given referral), lies to the local operating system resolver.
It can be clearly noted from the above figure, that in an iterative query, a DNS server queried will never go and fetch the answer for you(but will give you the answer if it already has the answer). But will give your resolver a referral to other DNS server's(root server in our case).
We will be discussing inverse queries in another post. Hope this post was helpful in understanding iterative(non-recursive) & recursive DNS queries.
Comments
DNS Queries
Very good artical explaning minute details regarding DNS queries and clearling all doubts .
Thanks a ton
Nice and sleek Explanation
Very good and nicely explained article on DNS queries with proper steps and diagrams made my day.
Thanks a lot.
Qustion for resolver
It is a very good article. Bu tell me examples for resolvers under debian. I mean the last diagram where the resolver get a list of DNS and tries to query the DNS by yourself.
Is it a service? How can I find if it is running on my system?
Hi bbo,
Hi bbo,
We are happy to know that you liked the article. Resolver libraries in Linux are almost the same across distributions.
However udns library is the most commonly used while running commands such as "host"(the udns library is aviailable online for download.)
Regards
Sarath
Its!!! Very good article
Very good article about DNS, thnx
Great work!!!!!!
Great work!!!!!!
advantage & disadvantage of both queries
Hi Sir,
Very good documentation. what is advantage & disadvantage of both queries,which is one best &why? will iterative queries decrease load of DNS server? I am confuse. Both queries gives surely answer then what is advantages & disadvantages?
Hi Rupesh,
Hi Rupesh, Good to know that you liked the article. And a warm welcome to slashroot!! Lets get back to your question ! Recursive queries: these kind of queries are used most commonly when we set up an internal DNS server for a domain, or say for example a company. The client computers or say normal desktops that the employees are using in the company on a day to day basis generate huge amount of DNS requests. So those servers are mostly configured in recursive manner( because the question is asked by desktops which are normal internal clients ) and we need to provide our clients with an exact answer to the query correct. Another important fact to note about recursive queries is that you need to very carefully restrict which clients/subnets that are allowed to do a recursive query. You know why ? Because there is a dangerous risk involved if you configure publicly available DNS servers in a recursive model. Now lets say we have around 1 lakh DNS servers in the world which are available publicly and are able to do recursive queries, an attacker can change the source address to the target of his desire, and send junk DNS requests to those publicly available DNS servers which will cause the target server to be under attack ( because these 1 lakh servers will sit and reply to that incorrect source address, which the attacker forged to make it the target ). Such kind of an attack is called as DNS reflection attack !!! All authoritative name servers, root name servers, TLD servers are always iterative in nature ( ofcourse these servers are not made to go and fetch the answer for a query correct ! ) Hope that explains. Thanks & regards Sarath
This is the simplest way to
This is the simplest way to explain the differences of DNS query were as i have read the others post and their is lots of confusion to understand the actual concepts of DNS query hows it resolves but you have explain it thorougly which is very useful.
Thanks a lot for the nice post.
Regards,
Afzal Ashrafi.
System Administrator.
Hi Afzal Ashrafi,
Hi Afzal Ashrafi,
Thanks for your comment....And welcome to slashroot.
Very good
Greate explanation I was confused about iterative and recursive queries it helped me alot. thanks
named and linux resolver
One of our clients requests that we have a local DNS server on our linux host and this DNS server should be iterative, not recursive. So I left in the resolv.conf the only single string "nameserver 127.0.0.1" and insttalled bind. In the options section of named.cond I have "allow-recursion { 127.0.0.1; };" and in this case all works fine. But when I disable recursion completely (according to client's requierements) by removing "allow-recursion { 127.0.0.1; };" and adding instead "recursion no;" all the applications on the host cannot resolve anything, saying "unknown host" (not surprisingly though).
So the question is how to switch properly named from recursive to iterative mode and to preserve the linux resolver's ability of resolving any hostnames from local applications?
Hi,So you are trying to
Hi,
So you are trying to disable recursion completely and still enable your local LAN servers to successfully resolve requests. Unfortunately fullfilling your requirement with any BIND name server package later than version 9.5+ is not possible. This is because bind version later to 9.5+ are now not replying with a referral to DNS root servers for queries which it does not have an answer.
So try using an older version of bind (probably 9.4 or something) if you really need that feature.
I would like to make one more point here. Why dont you allow recursion for your local intranet or say trusted hosts with an argument like allow-recursion. Basically the idea behind disabling recursion is due to the following reasons.
But yeah if your dns server is not a publicly available one, then these threats are not on your radar. But yeah its better to make your dns server do recursive queries for your trusted subnets. Hope that answers your question.
Regards
Sarath
great post
very clear and concise. Thank you
Easy to understand
It's very very great to see your post because i doubt the recursive and the iterative dns for long time. Thank you
Perfect Explanation of Recursive and Iterative DNS Query :)
Perfect explanation. Thank you so much for providing such a nice explanation. :)
kalakiteenga thala
I would like to thank you for serving the people who are all in the complicated
situation in understanding the concepts in depth. this helps not only me but for all the basic networking learners, because DNS is very important for every thing.
Thank you
Saravanan
thanks
thanks sir.... wonderful answer.......
Question: Iterative lookup
First, thanks for this great article!
A question regarding iterative lookup: How will our configured (iterative) DNS server populate its cache if the resolver is responsible for doing the queries against the root DNS servers, TLD servers and the authoritative name servers?
From the article it seems like our iterative DNS server never "sees" the A records returned from the authoritative name servers, since the resolver does the query itself. Any help/clarification is highly appreciated.
DNS
awesome explanation which is in very easy terms ..which can be understand by a newbie
too good :)
understood clearly :) keep the good work going :) :)
awesome explanation, very
awesome explanation, very useful and easy to understand for beginners
Very useful, easy to
Very useful, easy to understand thanks a lot.
what is Inverse queries
Very nice post to understand the DNS cencept thanks sarath
could you explaine about Inverse queries as well
Query Types and excellant answer
Hi,
Big Thanks Bro.. for excellent write up..
using forwaders
Excellent article, I just have one question. If I am using a chain of DNS forwarders are those requests considered recursive? Say my client machine's primary DNS server is a domain controller configured to forward DNS requests to my ISP's DNS severs which in turn forwards requests to Google's public DNS recursors. Are the requests between those three DNS servers considered recursive?
re: using forwarders
To clarify if forwarded requests are considered recursive then would one expect the response to traverse backwards in the chain?
Client > Primary DNS > ISP DNS > Google DNS (found in cache) > ISP DNS > Primary DNS > Client.
However if forwarded requests are iterative, the request goes up the chain and when an answer is found it would go directly back to my client.
Client > Primary DNS > ISP DNS > Google DNS (found in cache) > Client
Great Work!!
Thanks a lot!!
Very Useful...!!!
Thanks a lott...
Please come up with the new articles on all the types of VPN fundamentals, Protocols and Firewall fundamentals with packet capture
Awesome explanation.
Awesome explanation.
excellent article
Thanks for writing this article. Very good explanation.
Wow dude,
Wow dude,
this is amazing - for the first time I clearly understand the machinery behind dns in very simple terms.
DNS- Type of Query
Thanks a lot for this easy and simple explanation of DNS. Really great.
Good explanation
Good explanation.. Directly on the point .....
Nyc Explanation
Thanks a lot for this easy and simple explanation of DNS. Really awesome.
Good Explanation
Good One. Can I get a similar kind of explanations on what exactly happens when you type google.com in browser and apply all the concept of ARP,TCP handshake,DNS. In each layer how the packet is carrier.
Kindly send to my mail vinodh.purushothaman@yahoo.com
good explanat
good explanationn
Excellent explanation
Excellent explanation
Easy, simple and great explantion
One of the best DNS queries explanations I've ever came through.
Well done.
Good
Good Explanation of Recursive and iterative query
JAVA code
please Give JAVA Code Examples particularly Iterative lookup
diffrence b/n recursive and iterative query
wonderful explanation with good example! it is relay what am looking for
Thanks
DNS server
its very helpful info
Nice explanation ..
Nice explanation ..
Add new comment