What is DNS Recursive Lookup? How Does it Compare to Iterative Lookup?

Domain Name System (DNS) is a fundamental part of networking we have all interacted with, whether we know it or not. Every time you type an address into a URL bar, you’re seeing DNS in action. DNS, to put it simply, takes a URL address (like www.cbtnuggets.com) and translates it into an IP address to be routed by nodes on the network. Since it is a cornerstone of networking, you can bet it will show up on the Network+ Exam. 

Theoretically, we could all type IP addresses to navigate the internet. However, we would also have to remember the IP addresses for every website, which quickly becomes unmanageable—especially with DHCP.

Every web address has a name that maps to an IP address. However, your computer does not know all of them. Instead, the name is looked up on a DNS server which provides the IP address for routing purposes. If the IP address cannot be found on the closest DNS server, it checks the next one in the hierarchy until the domain name is finally found. Once it is located, it is cached on lower levels.

Two methods can be used to execute a DNS lookup: iterative or recursive. Both have the same end goal, but their execution is significantly different. Let’s explore each in more depth, starting with recursive.

What is Recursive DNS Lookup?

A recursive DNS lookup refers to a type of DNS lookup initiated by a client to resolve a particular domain name. The DNS client sends the domain name to a DNS lookup server, and if the DNS lookup server cannot find the IP addresses, it sends a request on behalf of the originating client to fulfill the request. 

Let’s go over that process step-by-step:

Initiation

The DNS client sends a query to a DNS resolver, requesting the resolution of a domain name (e.g., www.cbtnuggets.com) into an IP address.

Resolution Process

The DNS resolver, acting on behalf of the client, performs all necessary steps to resolve the query. This includes querying other DNS servers hierarchically, starting from the root DNS servers down to the authoritative DNS servers for the queried domain.

Complete Answer

The DNS resolver continues the resolution process until it obtains a complete answer to the query, which includes the IP address associated with the domain name.

Response

Once the IP address is found, the DNS resolver responds to the client with the complete answer.

What is Iterative DNS Lookup?

On the flip side, an iterative DNS lookup is when a DNS client queries several DNS servers sequentially, gradually narrowing down the search until it reaches the authoritative DNS server for the queried domain. The client sends iterative queries, relying on DNS servers to provide referrals or direct responses until it obtains the desired DNS resolution.

As we did for recursive DNS lookup, let’s take a deeper view into that process step-by-step.

Initiation

A DNS client sends a query to a DNS resolver, requesting the resolution of a domain name into an IP address.

Root DNS Servers

If the DNS resolver doesn't have the requested information cached, it initiates the lookup process by querying one of the root DNS servers. The root DNS servers respond with the IP addresses of the authoritative DNS servers for the top-level domain (TLD) of the queried domain.

TLD DNS Servers

The DNS resolver queries the authoritative DNS servers for the TLD of the queried domain. These servers respond with the IP addresses of the authoritative DNS servers for the next level of the domain hierarchy.

Authoritative DNS Servers

The DNS resolver queries the authoritative DNS servers for the specific domain name being looked up. These servers respond with the IP address associated with the domain name or, if they don't have the information, with referrals to other DNS servers that may have more specific information.

Iterative Resolution

If the authoritative DNS servers don't have the requested information, they provide referrals to other DNS servers that may have more specific information. The DNS resolver iteratively queries these referred DNS servers until it obtains a complete answer or exhausts all available options.

Response

Once the DNS resolver obtains a complete answer or exhausts all available options, it responds to the DNS client with the best information it has obtained during the iterative resolution process.

Recursive vs. Iterative: Key Differences

So far, we have covered both recursive DNS lookup and iterative DNS lookup. Yet, the key differences may still be unclear. Let’s first discuss the level of involvement of the DNS client in both scenarios. (The DNS client could be the user typing a URL into a search bar, for example.)

Level of Involvement from the DNS Client

Iterative DNS Lookup: In an iterative DNS lookup, the DNS client has far more involvement in the process of querying multiple DNS servers than recursive DNS lookup. It queries servers until it obtains a complete response or reaches the authoritative DNS server for the queried domain.

The client sends queries to DNS servers and interprets their responses, potentially making additional queries based on the information received. Thus, the DNS client's level of involvement in an iterative lookup is high since it actively participates in the resolution process.

Recursive DNS Lookup: In recursive DNS lookup, the role of the DNS client is straightforward. The DNS client initiates the query, and all DNS discovery activities are delegated to the DNS servers. It relies extensively on recursive operations executed by servers to retrieve the correct domain name.

DNS Caching in Recursive and Iterative Lookups

Caching plays a vital role in both recursive and iterative lookups. While the authoritative name server holds the definitive record for a domain name and its associated address, DNS information is frequently cached on various other servers after being queried by nodes on the network. This caching helps improve performance and reduce the load on authoritative servers by providing quicker responses to subsequent queries for the same domain.

Let’s discuss a couple of key differences between caching a recursive lookup vs. iterative lookup.

Iterative DNS Lookup:

• Client queries multiple servers sequentially.

• Caching primarily occurs at the resolver or server level.

• Responses may be cached temporarily at client-side for efficiency.

Recursive DNS Lookup:

• DNS resolver performs the entire lookup process for clients.

• Caches responses locally to speed up future requests.

• Reduces load on authoritative servers by storing frequently accessed records.

Security Considerations in Recursive and Iterative Lookups

DNS lookups are considered safe operations, but there are a few security issues to consider. One issue to think about is cache poisoning. Cache poisoning is a malicious attack aimed at corrupting the cache data in the DNS servers. Let’s go over the steps needed to execute a proper cache poisoning:

Unauthorized Cache Entries

Attackers inject false DNS information into a DNS resolver's cache. This false information typically involves mapping legitimate domain names to malicious IP addresses controlled by the attacker.

Redirecting Traffic

When users attempt to access the affected domain names, they are directed to the malicious IP addresses instead of the legitimate servers. This can lead to various types of cyber attacks, such as phishing, malware distribution, or interception of sensitive information.

Trick the End User

DNS cache poisoning exploits the trusted relationship between DNS resolvers and authoritative DNS servers. By corrupting a resolver's cache, attackers can deceive it into providing incorrect responses to DNS queries. Then, the end user is redirected to a faulty web address.

Luckily, there are several ways to neutralize cache poisoning. For one, implement DNSSEC (Domain Name System Security Extension. This will add a cryptographic signature to each DNS record and ensure nothing has been tampered with. Next, regularly update DNS software on your servers. Lastly, firewall rules should be implemented to block DNS traffic from untrusted ports and IP addresses.

Troubleshooting Recursive and Iterative Lookup Issues

As with everything in life, it is important to know what to do when things don't go as planned. Let’s review some tried and true troubleshooting steps when things go awry:

Check Network Connectivity

Verify the client initiating the DNS lookup has a stable network connection and can communicate with the DNS resolver without any issues.

Verify DNS Resolver Configuration

Check the configuration of the DNS resolver to ensure it is correctly set up and operational. Ensure that the resolver is configured to handle recursive queries if necessary.

Test DNS Resolver Reachability

Use tools like ping or traceroute to verify connectivity to the DNS resolver from the client machine. Ensure that no network issues or firewalls are blocking DNS traffic.

Check DNS Cache

If you are using a caching DNS resolver, check the cache for stale or incorrect entries that could affect DNS resolution. Clear the cache if necessary and retry the lookup.

Verify DNSSEC Configuration

Finally, ensure DNSSEC is configured correctly. 

Final Thoughts

Whew! We covered a lot of good information regarding iterative DNS lookup and recursive DNS lookup. Recall that iterative DNS lookup involves the DNS client querying multiple DNS servers directly, potentially receiving referrals until it finds the requested information.

Recursive DNS lookup involves the DNS server querying other DNS servers on behalf of the client, recursively, until it obtains a complete answer, which it then returns to the client.

This concept often appears on the Network+ Exam, so make sure you have a solid understanding of the difference. 

Want to learn more about becoming a Network Engineer? Consider this Network+ online training.