Recursive and Iterative Queries

With a recursive name query , the DNS client requires that the DNS server respond to the client with either the requested resource record or an error message stating that the record or domain name does not exist. The DNS server cannot just refer the DNS client to a different DNS server.

Thus, if a DNS server does not have the requested information when it receives a recursive query, it queries other servers until it gets the information, or until the name query fails.

Recursive name queries are generally made by a DNS client to a DNS server, or by a DNS server that is configured to pass unresolved name queries to another DNS server, in the case of a DNS server configured to use a forwarder.

An iterative name query is one in which a DNS client allows the DNS server to return the best answer it can give based on its cache or zone data. If the queried DNS server does not have an exact match for the queried name, the best possible information it can return is a referral (that is, a pointer to a DNS server authoritative for a lower level of the domain namespace). The DNS client can then query the DNS server for which it obtained a referral. It continues this process until it locates a DNS server that is authoritative for the queried name, or until an error or time-out condition is met.

This process is sometimes referred to as "walking the tree," and this type of query is typically initiated by a DNS server that attempts to resolve a recursive name query for a DNS client.

Figure 5.4 shows an example of iterative and recursive queries. This example assumes that none of the servers have the requested information in their caches.

Cc961401.CNCC03(en-us,TechNet.10).gif

Figure 5.4 Iterative and Recursive Queries

In the example shown in Figure 5.4, a client somewhere on the Internet needs the IP address of noam.reskit.com. The following events take place:

  1. The client contacts NameServer1 with a recursive query for noam.reskit.com. The server must now return either the answer or an error message.

  2. NameServer1 checks its cache and zones for the answer, but does not find it, so it contacts a server authoritative for the Internet (that is, a root server ) with an iterative query for noam.reskit.com.

  3. The server at the root of the Internet does not know the answer, so it responds with a referral to a server authoritative for the .com domain.

  4. NameServer1 contacts a server authoritative for the .com domain with an iterative query for noam.reskit.com.

  5. The server authoritative for the .com domain does not know the exact answer, so it responds with a referral to a server authoritative for the reskit.com domain.

  6. NameServer1 contacts the server authoritative for the reskit.com domain with an iterative query for noam.reskit.com.

  7. The server authoritative for the reskit.com domain does know the answer. It responds with the requested IP address.

  8. NameServer1 responds to the client query with the IP address for noam.reskit.com.