Domain Name Service  «Prev  Next»
Lesson 7 Recursive queries
Objective List the steps required when a name server sends a query up the DNS hierarchy.

DNS Recursive Queries

The distributed DNS database is bound together into a single unit by the process of recursive queries. Whenever a name server receives a query it cannot directly answer (for example, if the query pertains to a zone for which the server is neither authoritative nor secondary), it generates a query of a name server higher in the DNS hierarchy. Suppose that a user at the UNIX machine clicks on a link in his or her Web browser pointing at the machine The following SlideShow shows what happens.

  1. The browser makes a system call to the resolver library asking for the IP address of the machine
  2. The resolver library looks up the address of the DNS server in /etc/resolv.conf. Suppose this server is
  3. The name server at is not authoritative for the zone. It therefore generates a query directed at a randomly chosen root server
  4. The root server replies with the IP address of the authoritative name server for
  5. The name server now generates a query of the name server at
  6. The server at replies with the IP address of The name server at caches this response for a while
  7. The name server at sends the IP address of back to the machine, where the resolver library is listening for it.
  8. The resolver library passes the IP address back to the browser process.
  9. The browser process opens a TCP connection to port 80 on, using the IP address it obtains from the resolver library.

Recursive Queries

Recursive DNS Query

A recursive DNS query happens when the DNS server you asked for the address of, say, does not know the answer itself, so it has to check with another server.
Normally this is actually how DNS works. The DNS server of your ISP does not have the entire internet's domain records permanently memorized.
Now bear in mind that there are actually two types of name servers queried here:
  1. authoritative DNS servers (the so called "root" servers that told your ISP's DNS server where to find the DNS server, and authoritative DNS server) and
  2. recursing or forwarding DNS servers (your ISP's DNS server).

Normally, the former type is not supposed to respond to recursive queries, especially not from outside their own domain. Smaller ISPs sometimes save on costs by having their primary authoritative name server be the same server as their primary forwarding nameserver, but that is somewhat unsafe policy. Particularly if you do not configure your server to refuse recursive queries from outside your own IP range.