Home / Industry

What's in a Name Server?

With the domain name space continuing to expand and new service providers entering the market, there has been a lot of discussion about the different types of DNS services available today. While on the surface, many of these DNS services sound similar, in reality, the technology and name servers behind these services are vastly different in terms of functions, scale and complexity. One of the most important differentiators is whether the name server in question is authoritative or recursive.

How DNS Resolution Works

The Internet is made up of two major name spaces: The domain name hierarchy and the Internet Protocol (IP) addressing system. The DNS maintains the domain name space and provides translation services between the two name spaces.

A DNS name server stores the DNS records, such as address records, name server records, and mail exchanger (MX) records, for a domain name and responds with answers to queries against this data.

Every computer on the Internet has an IP address. Usually this is a series of four decimal numbers from 0 to 255 separated by dots, although in some cases, you may see a larger (IPv6) address of up to eight hexadecimals from 00 to FF separated by colons. The DNS resolves, that is, translates, computers' names into IP addresses and vice versa.

When you use your Internet browser to navigate to a website, the DNS supports you in multiple ways. First, a DNS stub resolver, a software application on your computer (or Internet enabled device such as a smartphone), looks into local memory to see if it has recently found and cached an IP address for the domain name of the website. If it does not find the address in its cache, it sends a DNS query to a recursive name server. The recursive name server has a cache as well. If it has looked up that exact domain name before, it will find the answer in its cache and respond at once. If not, it will need to send its own DNS queries to obtain the answer. It sends its queries to one or more of the authoritative name servers. These name servers maintain the domain data about specific portions of the name space (called zones) and thus can provide definitive answers.

Recursive Name Servers

A recursive name server performs domain name lookups on behalf of end-user devices, such as PCs, smartphones, etc., and is typically located on the network to which the device is attached. If you are using an Internet Service Provider (ISP), your recursive name server is typically at your ISP. If you are using the network at your office or school, the recursive server is usually located in a server room somewhere close by.

If a recursive name server does not find the answer to an end user's query in its cache, it will send one or more queries to authoritative name servers that chase down the answer using a process called recursion. The recursive name server repeats the query to one server after another. By default it starts with a query to a root name server, which is the authoritative server for TLDs. If it already has information in its cache for a more specific authoritative name server than root, the recursive name server will query the more specific authoritative server. For example, because queries for domain names in .com occur frequently, the recursive name server often already has information about the authoritative name servers for .com in its cache.

Recursive name servers cache DNS query results for a period of time determined in the configuration of each domain name record. DNS caching improves the efficiency of DNS by reducing DNS traffic across the Internet, and by reducing load on authoritative name servers. Because caching often allows a name server to answer questions quickly, end-user applications also see increased DNS performance.

Recursive name servers resolve any query they receive, by ultimately consulting the server or servers that are authoritative for the question being asked. The recursive server's queries to authoritative servers either result in a referral, directing the recursive server to a different authoritative server, or the final answer to the question.

Authoritative Name Servers

Authoritative name servers primarily answer queries from recursive name servers. In order to do so, they maintain accurate, up-to-date domain information for specific zones. Every domain name appears in a zone served by one or more authoritative name servers.

When a domain is registered with a domain name registrar, an administrator provides a list of name servers that are authoritative for the zone corresponding to that domain. The registrar in turn conveys these server names to the domain registry for the TLD that is authoritative for the corresponding zone, e.g. .com for VerisignInc.com. The domain registry updates its authoritative name servers to include the new domain information.

Authoritative name servers both respond to queries and act as maintainers of the domain name data, while recursive name servers only respond to queries, and do not have roles of registering, updating and maintaining the domain data.

Public DNS Services vs. Domain Registries

One type of public DNS service is provided by outsourced, publicly available recursive name servers. When using a public DNS service, an end-user computer sends its initial queries to the public DNS instead of sending to the recursive name server operated by its ISP, school, or company. Public DNS services thus receive queries from global locations, in common with authoritative name servers. As already noted, authoritative name servers answer queries from recursive name servers, while public DNS services are recursive servers that answer queries from end-user computers, and domain registries additionally create and maintain the authoritative domain databases. Because they differ in roles, the two server types have different resource requirements in terms of memory consumption, CPU usage, and network bandwidth and usage patterns. Despite their differences, the two types of server work together to enhance the performance of the Internet and enable the world to connect online with reliability and confidence.

About Verisign

Verisign

As the global leader in domain names, Verisign powers the invisible navigation that takes people to where they want to go on the Internet. For more than 15 years, Verisign has operated the infrastructure for a portfolio of top-level domains that today include .com, .net, .tv, .edu, .gov, .jobs, .name and .cc, as well as two of the world's 13 Internet root servers. Verisign's product suite also includes Distributed Denial of Service (DDoS) Protection Services, iDefense Security Intelligence Services and Managed DNS. (Learn More)

Related topics: DNS, DNSSEC, Domain Names, Registry Services, Security

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Related Blogs

Related News

Topics

Industry Updates – Sponsored Posts

Minds + Machines in 2014 and 2015

DNW Podcast Interview with Antony Van Couvering

TLD Registry and Right of the Dot Establish a Domain Name Industry "Dream Team"

TLD Registry Ltd Welcomes New Board Members

"Chinese Domaining Masterclass" to be Presented at NamesCon Las Vegas in January 2015

Auction and Sales Channel Update

Radix Set to Launch .SITE TLD in 2015

Annual Manthan Award Event This Week

Join Paul Vixie & Robert Edmonds at the Upcoming Distinguished Speaker Series

Q3 2014 DDoS Trends: Attacks Exceeding 10 Gbps on the Rise

LogicBoxes Announces Automation Solutions for ccTLD

TLD Registry Wins Best Marketing Award at China New gTLD Roadshow

Update on Minds + Machines' Top-Level Domain Launches

ICANN Los Angeles Recap Webinar

TLD Registry Appoints First China General Manager, Mr Jin Wang

TLD Registry Opens China Headquarters in "China's Silicon Valley"

.nyc Goes Public to Brand the Big Apple

pink.host: Breast Cancer Awareness by Bluehost

3 Questions to Ask Your DNS Host About DDoS

Introducing Our Special Edition Managed DNS Service for Top-Level Domain Operators

Sponsored Topics

Minds + Machines

Top-Level Domains

Sponsored by
Minds + Machines
Afilias

DNSSEC

Sponsored by
Afilias
Verisign

Security

Sponsored by
Verisign
dotMobi

Mobile

Sponsored by
dotMobi