how is a named resolved?

Thu Apr 6 17:27:38 UTC 2000

BIND provides recursive *service* by default, i.e. accepts recursive queries and
will do the work necessary to resolve the name and give the answer back to the
client. But the queries it generates to resolve those names are, in a default
configuration, exclusively *iterative*. Is that distinction clear enough? Just
because you *accept* recursive queries doesn't mean you *generate* them.

The root servers do not provide recursive service. One way to tell this is by the
fact that the RA (Recursion Available) bit is not set in their responses. Also, if
you query a root server for something it doesn't explicitly know about, such as
www.daimlerchrysler.com, then you'll get back a referral to daimlerchrysler.com.
The root server has declined to perform the extra work necessary to fully resolve
the name. You have to iterate to the daimlerchrysler.com servers to get the answer
you want.

- Kevin

Praveen Kumar Amritaluru wrote:

> Hi Kevin,
>
>         I was under the impression that nameserver delivered by IISC is
> recursive server by default. Are the root servers not running BIND on
> their machines, or they have made it iterative.    I checked it locally using
> three machines, and nameservers seem to work recursively.
>
>         Please correct me if I am wrong.
>
> Regards,
>
> Praveen
>
> Kevin Darcy wrote:
>
> > The flow would normally be Figure 2, which shows normal iterative resolution.
> > What is probably confusing you is that sometimes people set up their
> > nameservers to "forward" to other nameservers, which means they act as clients
> > and expect the forwarder to resolve the query for them. If B (a .com
> > server) and C (a server for bbb.com) were setup in a forwarding hierarchy
> > pointing towards the root, then Figure 1 would be correct. But such forwarding
> > hierarchies are not feasible on the Internet, since the root servers and the
> > .com servers do not perform recursion. Forwarding hierarchies are therefore
> > normally only found on intranets, and usually because the internal clients
> > need to resolve Internet names, but only certain nodes on the network (e.g.
> > firewalls or nameservers in the DMZ) have the necessary connectivity to
> > resolve those names.
> >
> > - Kevin
> >
> > flybird wrote:
> >
> > > Hi,all
> > > I have a question about how named is resolved.
> > > For example, there is a DNS server "A" which manage a domain and is a cache
> > > server for root domain. So while it get a query for aaa.bbb.com, it will
> > > query root DNS "B". And suppose DNS for com is "C", DNS for bbb.com is "D".
> > > And than will DNS "B" query the "C" for aaa.bbb.com or it just reply to "A"
> > > that DNS for com is "C" and then "A" query "C" for aaa.bbb.com ?
> > > There are tow figure below to help me express my question:
> > >
> > >  1    2    3
> > > ---> ---> --->
> > > A    B    C    D
> > > <--- <--- <---
> > >  6     5    4
> > >     Figure 1
> > >
> > > OR
> > >  1
> > > --->
> > > A    B
> > > <---
> > >  2
> > >
> > >  3
> > > --->
> > > A    C
> > > <---
> > >  4
> > >
> > >  5
> > > --->
> > > A    D
> > > <---
> > >  6
> > > Figure 2
> > >
> > > In my impression, the flow of DNS query is Figure 1. But After i saw the
> > > discuss "Private Public DNS question" in this group, it seems the flaw is
> > > Figure 2. Now i don't know which one is true.
> > > Thanx for any help,
> > >
> > > Pan Tao
>
> --
> -------------------------------------------------------------------------------
> Praveen Kumar A
> HP ISO(B)                               phone: 91-80-225 1554 x1306
> Bangalore, INDIA                        mailto:praveen at india.hp.com
> -------------------------------------------------------------------------------