Home / Industry

What's in a Name Server?

With the domain name space continuing to expand and new service providers entering the market, there has been a lot of discussion about the different types of DNS services available today. While on the surface, many of these DNS services sound similar, in reality, the technology and name servers behind these services are vastly different in terms of functions, scale and complexity. One of the most important differentiators is whether the name server in question is authoritative or recursive.

How DNS Resolution Works

The Internet is made up of two major name spaces: The domain name hierarchy and the Internet Protocol (IP) addressing system. The DNS maintains the domain name space and provides translation services between the two name spaces.

A DNS name server stores the DNS records, such as address records, name server records, and mail exchanger (MX) records, for a domain name and responds with answers to queries against this data.

Every computer on the Internet has an IP address. Usually this is a series of four decimal numbers from 0 to 255 separated by dots, although in some cases, you may see a larger (IPv6) address of up to eight hexadecimals from 00 to FF separated by colons. The DNS resolves, that is, translates, computers' names into IP addresses and vice versa.

When you use your Internet browser to navigate to a website, the DNS supports you in multiple ways. First, a DNS stub resolver, a software application on your computer (or Internet enabled device such as a smartphone), looks into local memory to see if it has recently found and cached an IP address for the domain name of the website. If it does not find the address in its cache, it sends a DNS query to a recursive name server. The recursive name server has a cache as well. If it has looked up that exact domain name before, it will find the answer in its cache and respond at once. If not, it will need to send its own DNS queries to obtain the answer. It sends its queries to one or more of the authoritative name servers. These name servers maintain the domain data about specific portions of the name space (called zones) and thus can provide definitive answers.

Recursive Name Servers

A recursive name server performs domain name lookups on behalf of end-user devices, such as PCs, smartphones, etc., and is typically located on the network to which the device is attached. If you are using an Internet Service Provider (ISP), your recursive name server is typically at your ISP. If you are using the network at your office or school, the recursive server is usually located in a server room somewhere close by.

If a recursive name server does not find the answer to an end user's query in its cache, it will send one or more queries to authoritative name servers that chase down the answer using a process called recursion. The recursive name server repeats the query to one server after another. By default it starts with a query to a root name server, which is the authoritative server for TLDs. If it already has information in its cache for a more specific authoritative name server than root, the recursive name server will query the more specific authoritative server. For example, because queries for domain names in .com occur frequently, the recursive name server often already has information about the authoritative name servers for .com in its cache.

Recursive name servers cache DNS query results for a period of time determined in the configuration of each domain name record. DNS caching improves the efficiency of DNS by reducing DNS traffic across the Internet, and by reducing load on authoritative name servers. Because caching often allows a name server to answer questions quickly, end-user applications also see increased DNS performance.

Recursive name servers resolve any query they receive, by ultimately consulting the server or servers that are authoritative for the question being asked. The recursive server's queries to authoritative servers either result in a referral, directing the recursive server to a different authoritative server, or the final answer to the question.

Authoritative Name Servers

Authoritative name servers primarily answer queries from recursive name servers. In order to do so, they maintain accurate, up-to-date domain information for specific zones. Every domain name appears in a zone served by one or more authoritative name servers.

When a domain is registered with a domain name registrar, an administrator provides a list of name servers that are authoritative for the zone corresponding to that domain. The registrar in turn conveys these server names to the domain registry for the TLD that is authoritative for the corresponding zone, e.g. .com for VerisignInc.com. The domain registry updates its authoritative name servers to include the new domain information.

Authoritative name servers both respond to queries and act as maintainers of the domain name data, while recursive name servers only respond to queries, and do not have roles of registering, updating and maintaining the domain data.

Public DNS Services vs. Domain Registries

One type of public DNS service is provided by outsourced, publicly available recursive name servers. When using a public DNS service, an end-user computer sends its initial queries to the public DNS instead of sending to the recursive name server operated by its ISP, school, or company. Public DNS services thus receive queries from global locations, in common with authoritative name servers. As already noted, authoritative name servers answer queries from recursive name servers, while public DNS services are recursive servers that answer queries from end-user computers, and domain registries additionally create and maintain the authoritative domain databases. Because they differ in roles, the two server types have different resource requirements in terms of memory consumption, CPU usage, and network bandwidth and usage patterns. Despite their differences, the two types of server work together to enhance the performance of the Internet and enable the world to connect online with reliability and confidence.

About Verisign

Verisign

As the global leader in domain names, Verisign powers the invisible navigation that takes people to where they want to go on the Internet. For more than 15 years, Verisign has operated the infrastructure for a portfolio of top-level domains that today include .com, .net, .tv, .edu, .gov, .jobs, .name and .cc, as well as two of the world's 13 Internet root servers. Verisign's product suite also includes Distributed Denial of Service (DDoS) Protection Services, iDefense Security Intelligence Services and Managed DNS. (Learn More)

Related topics: DNS, DNS Security, Domain Names, Registry Services, Security

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Related Blogs

Related News

Topics

Industry Updates – Sponsored Posts

.nyc Goes Public to Brand the Big Apple

pink.host: Breast Cancer Awareness by Bluehost

3 Questions to Ask Your DNS Host About DDoS

Introducing Our Special Edition Managed DNS Service for Top-Level Domain Operators

Afilias Partners With Internet Society to Sponsor Deploy360 ION Conference Series Through 2016

Infographic: Where in the World Do Chinese People Live?

Public Interest Registry Seeks Leaders to Serve on its NGO Community Advisory Council

Neustar to Build Multiple Tbps DDoS Mitigation Platform

Auctions Update: MMX Wins .law and .vip

LogicBoxes Partners with I-Content to Implement Vertical Integration for .RICH and .ONL

The Latest Internet Plague: Random Subdomain Attacks

Digging Deep Into DNS Data Discloses Damaging Domains

New .ORGANIC Top-Level Domain Welcomes Leading Brands As .ORGANIC Pioneers

Dot Chinese Online and Dot Chinese Website Featured in EURid's World Report on IDNs 2014

New .ORGANIC Top-Level Domain Opens to Serve the Organic Community

Independent Endorsement of Dot Chinese Online & Dot Chinese Website by by FiarWinds Partners

New gTLDs and Best Practices for Domain Management Policies (Video)

.Host Announces Top Global Players As Pioneer Partners

Public Interest Registry Releases Bi-Annual Report, .Org Domain Registrations Pass 10.4 Million

Public Interest Registry to Speak About Upcoming Launch of .ngo and .ong Domains for NPOs

Sponsored Topics