When a client or DNS server requests a DNS server to resolve a domain name it can use a recursive or non recursive query.

Recursive queries are generally used by clients i.e. PCs and they tell DNS server to respond only with an answer and not a referral.

A referral is essentially a response that says I don’t know the answer, but try this server it may know the answer.

Non recursive or Iterative queries are used by DNS servers and essentially instruct the other DNS server to return an answer or return the address of another DNS server that may know the answer.

Root Servers

The Domain name structure is an inverted tree like structure starting at the root.


You can consider it a parent child type relationship with the root being the parent.

The way in which it is constructed is that parents know about their children, but children don’t necessary know about their parents.

Therefore you can only traverse down the tree from the root and not up the tree.

The Root servers are responsible for the Root, and know all of the domain name servers that are responsible for all of the second level domain names. e.g. .com, .net, .org etc

So if you contact a root server looking to resolve the name www.mydomain.com it might not know the IP address itself, but it would know the IP address of a server that knows about the .com domain name.

Because almost all domain name queries need to use the root server there are many of them and they are busy.


Caching

DNS clients and DNS server both use caching to speed up the domain name lookup process and to ease traffic on the root servers.

A cache is a temporary store

If a client queries domain server A looking to resolve www.mydomain.com, and in turn domain server A queries domain server B etc then the result will be stored in a cache on

  • the client ( windows only)
  • domain server A
  • domain server B

If another client needs to resolve the same domain name using server A then server A can respond using the cached result.

You can check the DNS cache on a Windows machine with the command:

ipconfig /displaydns


Questions

  1. What would happen if client 1 makes a request for www.mydomain.com followed by ftp.mydomain.com
  2.  After about 1 minute Client 1 makes another request for www.mydomain.com .

Answers

  1. The first request would need to go to the root and work down the tree. The second request goes direct to the server responsible for the mydomain domain as the local server already knows who it is.
  2. If the client2 uses Windows then it uses it’s local DNS cache. If client2 is Linux machine then it will need to go the local DNS server, which will return it from it’s cache.