The difference between DNS recursive and iterative resolution

The DNS resolution process is divided into recursive queries and iterative queries, with recursive queries being local name server-centric queries.

Recursive queries are the default way, and iterative queries are DNS clients, that is, client machine-centric queries. In fact, DNS clients and local name servers are recursive, while local name servers and other name servers are iterative between them.

What is Recursive DNS?

A recursive DNS lookup is a process in which one DNS server communicates with several other servers to find an IP address and return the IP address to the client. This method is the opposite of an iterative DNS lookup, in which the client communicates directly with each DNS server involved in the lookup.

What is Iterative Query DNS?

Iterative queries mean that all the query work is done by the client itself, except that the entire query path and steps are not much different from recursive queries.

What are the advantages of recursive DNS?

Due to caching recursive DNS queries are typically resolved faster than iterative queries. A recursive DNS server will cache the final answer to each query it executes and keep that final answer for a certain amount of time (survival time).

When the recursive resolver receives a query for an IP address it already has in its cache, it can quickly serve the cached answer to the client without having to communicate with any other DNS servers. If a DNS server serves many clients and/or b the requested site is very popular, it is likely that the response will be served quickly from the cache.

What are the disadvantages of recursive DNS?

Unfortunately, allowing recursive DNS lookups on an open DNS server creates a security vulnerability, as this configuration can allow attackers to perform DNS amplification attacks and DNS cache poisoning.