The Domain Name System (DNS) is a fundamental part of the internet infrastructure, as it translates human-readable domain names into IP addresses. DNS servers are responsible for handling these translations and can be categorized into two types: authoritative and non-authoritative.
In this article, we will explain the differences between these two types of DNS servers and their roles in the DNS process.
What are the Authoritative DNS Server?
Authoritative DNS servers are the primary source of truth for a specific domain’s DNS records. They contain the official, up-to-date DNS records for a domain and are responsible for providing accurate information about that domain’s IP addresses, mail servers, and other associated resources.
When a domain is registered, the domain owner specifies the authoritative DNS servers responsible for managing the domain’s DNS records. Typically, the domain registrar or a third-party DNS hosting provider manages these servers.
For example: The domain tecadmin.net’s authoritative are alec.ns.cloudflare.com and athena.ns.cloudflare.com. If you directly query to these DNS servers, they will return authoritative answer because they have the original files of domain zone.
nslookup tecadmin.net alec.ns.cloudflare.com Server: alec.ns.cloudflare.com Address: 173.245.59.59#53 Name: tecadmin.net Address: 104.27.188.217 Name: tecadmin.net Address: 104.27.189.217
Role of Authoritative DNS Servers
The primary role of authoritative DNS servers is to store and manage DNS records for their respective domains. When a DNS query is made, and the requested information is not available in the cache of any intermediate DNS servers, the query eventually reaches the authoritative DNS server. The authoritative server then provides the requested DNS record, ensuring an accurate and up-to-date response.
What are the Non-authoritative DNS Server?
Non-authoritative DNS servers, also known as recursive or caching DNS servers, do not store the official DNS records for domains. Instead, they act as intermediaries between clients and authoritative DNS servers, forwarding DNS queries and caching the responses.
Most internet service providers (ISPs) and organizations operate their own non-authoritative DNS servers to handle DNS requests from their users. These servers store the DNS records they receive from authoritative servers in a cache for a specific period (determined by the time-to-live or TTL value of the DNS record) to improve performance and reduce latency for subsequent queries.
For example: we query for DNS records of domain tecadmin.net and Google’s open DNS server 8.8.8.8 responded for this query which doesn’t contain the original zone file. This answer is known as a Non-authoritative answer.
nslookup tecadmin.net Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: tecadmin.net Address: 104.27.189.217 Name: tecadmin.net Address: 104.27.188.217
Role of Non-Authoritative DNS Servers
The primary role of non-authoritative DNS servers is to process and forward DNS queries from clients (e.g., web browsers, email clients) to the appropriate authoritative DNS servers. Non-authoritative servers also cache the DNS records they receive from authoritative servers, allowing them to respond quickly to repeated queries for the same domain without contacting the authoritative server each time.
When a client sends a DNS query to a non-authoritative server, the server checks its cache for the requested DNS record. If the record is available and has not expired, the server responds to the query using the cached information. If the record is not in the cache or has expired, the non-authoritative server sends a query to the appropriate authoritative server, caches the response, and forwards the information to the client.
Conclusion
Authoritative and non-authoritative DNS servers play distinct yet complementary roles in the DNS process. Authoritative servers store and manage the official DNS records for domains, ensuring accurate and up-to-date information, while non-authoritative servers act as intermediaries, forwarding and caching DNS queries to improve performance and reduce latency.
Understanding the differences between these two types of DNS servers can help you better comprehend the DNS process, troubleshoot DNS issues, and optimize your domain’s DNS configuration.
4 Comments
this is not correct. non-authoritative server respond means that the original files exist on this server. authorative server respond means that your request look up the cache of the dns’ that you are using on the device which you send requests from.
Simplified precisely. Weldone!
Explained it very well, thank you for your time in doing this.
Very Helpful. Thank you