edit-icon download-icon

Authoritative and recursive DNS servers

Last Updated: Oct 10, 2017

When visiting a website, you typically enter its domain name. However, a domain name is not what a computer uses to service your request. Instead, the domain name you used to visit a website (for example, www.abc.com) is mapped with a corresponding IP address (for example,

The system that maps domain names and IP addresses is called Domain Name System (DNS). DNS is a globally distributed database designed to convert domain names to IP addresses. DNS is classified by function into authoritative DNS and recursive DNS.

Recursive DNS

Recursive DNS (also known as local DNS or cache DNS) iterates the response from the authoritative server, returns the final IP address to clients, and caches the request result locally.

After receiving a domain name resolution request, recursive DNS must return a final IP address to the user to access the IP address over the Internet. In the complete query process of recursive DNS, the DNS server must perform recursive query starting from the root name (“.”) server, top-level domain name (such as “.com”) server, and first-level domain name (such as “abc.com”) server to the authoritative server. By doing this, the recursive DNS server obtains and then returns the IP address to the client. Besides, the server also caches the IP address locally for future use based on the time to live (TTL) of the domain name. See the following figure.

website access

Recursive DNS is typically deployed at the carrier end to provide DNS query services for a terminal that connects to the Internet. Your device is configured with the IP address of a DNS server. Recursive DNS must find the IP address corresponding to the domain name entered by each user.

Authoritative DNS

Authoritative DNS is the DNS server used by the domain name registrar to maintain a specific domain name. Authoritative DNS is used for domain name management (with support for the Add, Delete, and Modify operations). Domain names may be maintained by different authoritative DNSs.

Unlike the recursive DNS, the authoritative DNS does not perform general domain name query. Authoritative DNS only resolves the domain name maintained by itself and rejects access for other domain names. For example, if recursive DNS queries the abc.com domain name on the authoritative DNS that maintains another domain name, the query will fail.

Recursive DNS built by carriers query domain name resolution results on authoritative DNS when users access the Internet. The resolution results have direct impact on all Internet users.

Authoritative DNS is built by DNS providers and used by customers who buy the DNS service for domain name management. Alibaba Cloud DNS provides the authoritative DNS service. Because authoritative DNS handles the query requests of recursive DNS, the domain name resolution results of authoritative DNS have a direct impact on customers, but indirect impact on Internet users.

Thank you! We've received your feedback.