Recursive and Iterative Queries

Recursive and Iterative Queries


Welcome to the ITFreeTraining video on recursive
and iterative DNS queries. When a request is made to a DNS server to resolve a name,
it is done using one of these query types. By the end of this video you will understand
the difference between the two and why two types of queries are required in DNS in order
to help with scalability and availability. In this example, if a desktop computer attempts
to resolve a DNS name, it will first check its local cache to see if it has been resolved
previously. If the DNS name is not in the cache, the desktop computer will contact its
locally configured DNS server or servers in order to try and have the DNS name resolved. In order to resolve the request, the desktop
will send what is called a recursive query to the DNS server. A desktop will normally
have two DNS servers configured for redundancy. More can be configured. However, if you have
a large number of DNS servers configured locally, this can slow down resolution time. This is
because each time a DNS name cannot be resolved, each DNS server needs to be contacted before
the computer will report that the DNS request could not be resolved. A DNS server that is configured to respond
to recursive queries take responsibility for the request and will attempt to contact other
DNS servers if it cannot answer the DNS request itself. That is, if it is not holding the
answer to the query in a zone file or in its cache. The first step in this process is to contact
a root hint server – assuming this information does not already exist in the cache of the
DNS server. You can see that caching is used in every step of the DNS process in order
to reduce the number of DNS queries that need to be resolved. This request is different from the first request
in that it is an iterative query. An iterative query works like this: If the DNS server does
not know the answer but has information that may help resolve the query, it will respond
back with this information. In this case, the root hints sever does not known how to
resolve the address ITfreeTraining.com; but what it does know is the addresses of a .com
DNS server that may be able to help find the answer. If the DNS server attempts to send a recursive
query to a root hints server, this request would be rejected. Since a root hints server
forms the top of the hierarchy of DNS, it is important they are always available. For
this reason, they cannot afford to get overloaded resolving DNS requests and thus you can see
why two types of DNS queries are required. If the root hints servers were configured
to resolve recursive DNS requests, you could imagine how many requests the DNS servers
could potentially receive as everyone on the internet could use the root hints server to
resolve DNS names. Because of this system of recursion, iterative queries, and DNS server
caching, the root hints server only receives a small percentage of the overall DNS traffic
on the internet -ensuring that they are always available. Now that the DNS server has the addresses
of the .com servers, it will send a second iterative query to the .com servers asking
if they know how to resolve ITFreeTraining.com. These DNS servers will also not know how to
resolve ITFreeTraining.com. However they will return the addresses of the authority DNS
servers for ITFreeTraining.com. Using this information, the DNS server can send a 3rd
and final iterative query to the ITFreeTraining DNS server and obtain the IP Address for ITFreeTraining.com You can see that the whole process took four
queries. One recursive query to the desktop’s DNS server, a 2nd one to a root hints server,
a 3rd to a .com server and 4th to the ITFreeTraining authority DNS server. This may seem like a
lot of queries for one address, but once the initial work is done the results are stored
in cache for each step. So if the client was now to asks for the IP Address of google.com
from it local DNS server, the .com servers would already be stored in the cache. The
DNS server does not need to contact a root hints server a second time, and this time
will contact the .com server to obtain the address of the authority servers for google.com. When DNS servers are deployed on a network,
some companies will choose to switch off recursion on certain DNS servers. For example, if a
DNS server is on a protected secured network. A DNS server in this case should never be
contacting the internet directly. For this reason recursion is disabled for additional
security. Another common example is if a DNS server is holding authority zones. The companies
want to maximize the responsiveness for answers from the DNS server for those authority zones.
For this reason, recursion is switched off. This means the recursion queries will go to
DNS servers that are dedicated for that particular purpose. For example, all ISP’s should have
DNS servers that are dedicated to resolving DNS queries. To sum up what was covered in this video,
recursion is when the DNS servers take responsibility for name resolution. This means that, if required,
a DNS server will contact other DNS servers in order to find out the answer. In contrast, iterative querying is when the
DNS server responds to the request with the best information it has – either from its
zone files or its cache. If it does not know the answer it will respond back with any DNS
servers that it knows of that may be able to help answer the query. If the DNS server
does not know the answer and does not know of any other DNS servers that can help, it
will respond saying the DNS query cannot be resolved. It does not attempt to contact other
DNS servers in order to obtain the result. That covers it for Recursive and Iterative
Queries. By using the two together, this allows DNS to have a hierarchical nature while ensuring
that DNS servers holding the answers are not overloaded and, thus, helps with reliability
and scalability. Thanks for watching this video from ITFreeTraining.
This video is only one of the free videos available in the DNS course. Other courses
are available for free on our web page or YouTube channel. Thanks for watching and see
you next time.

About the author

Comments

  1. Hello Sir,What is the difference between the zone file and the cache of the DNS server? If there is a location for cache ,please do let me know the path of it .Thank you

  2. does not show the flow of recursive query just says. It is like

    https://upload.wikimedia.org/wikibooks/en/b/ba/Recursive.jpg

  3. Very good video. But can you lease clarify this on the time line 1:10 on this video you mentioned each DNS server will be contacted if the name cannot be resolved. I thought the DNS query only goes to the secondary DNS server if the first server is not available.
    Please clarify

  4. Hate to complain, because on the whole the videos you produce are excellent, but, in watching this DNS series, I've noted there are segments of audio – such as in this one – where the audio quality drops; sounds like a really narrow, telephone bandwidth and you struggle to hear it.

Leave a Reply

Your email address will not be published. Required fields are marked *