What happens when a user types in a non-existent domain name? The host will still build a query and send the query to the recursive server. How the recursive server handles the query depends on whether the domain does not exist or the domain exists, but the requested service does not.
For instance, if a user tries to access doesnotexist.example.com:
• The recursive server queries the root server to discover where to ask about .com.
• The recursive server queries the TLD server to discover where to ask about example.com.
• The recursive server queries the authoritative server to discover how to reach doesnotexist.example.com.
• Because this domain does not exist, the authoritative server will respond with NXDOMAIN. This domain does not exist.
DNS servers can respond with NXDOMAIN—the root, the TLD, or the authoritative. Recursive servers will cache NXDOMAIN responses in the same way they cache other responses, based on the TTL in the response.
If a user tries to access www.example.com, and example.com exists but the www service does not exist:
• The recursive server queries the root server to discover where to ask about .com.
• The recursive server queries the TLD server to discover where to ask about example.com.
• The recursive server queries the authoritative server to discover how to reach www.example.com.
• The authoritative server will respond by stating the domain exists, but there is no record for the request type.
Only the authoritative server will respond with this no-record response because only the authoritative server will know about individual services available at a given domain or subdomain.
Recursive servers will also cache this kind of negative response.
Since no TTL is given with this kind of negative response, the recursive server relies on a local configuration to set the TTL.
Common DNS Records
DNS contains far more information than mappings between domain names and IP addresses. Table 16-2 lists a few of these record types and what they are used for.
Table 16-2 DNS Record Types
Some of these record types have been extended far beyond their original purpose. For instance, the TXT record can carry glue records, encryption information, policy, etc.
DNS Architecture and Operations
There are four kinds of DNS servers:
• Recursive servers accept the initial query, recursing through the domain name to resolve the query to an IP address
• Root servers know which server to ask about each TLD
• TLD servers know which authoritative server to ask about each domain name
• Authoritative servers map a domain name to an IP address Each of these kinds of servers must be purchased and operated.
All DNS servers must access the Internet, which means they use bandwidth. Who pays for all of this?
Recursive Servers
Recursive servers are often operated by
• Large-scale cloud providers, like Google, Microsoft, LinkedIn, IBM, Microsoft, etc. Almost every large-scale provider has a publicly accessible recursive server, although they do not always advertise the existence of these servers.
• DNS security service companies. For instance, OpenDNS operates commercial recursive DNS servers with additional security services.
• Equipment manufacturers, like Apple. These manufacturers often operate recursive servers with additional features to support their ecosystem.
• Access providers. They operate recursive servers as a part of their access services.
• Large companies. They operate recursive servers as part of their network operations. These servers are generally not public; they cannot be accessed outside the company’s network.
Recursive servers are the most common kind of DNS server.
Some widely used recursive servers include
• 8.8.8.8 & 2001:4860:4860::8888, operated by Google.
• 77.88.8.8 & 2a02:6b8::feed:0ff, operated by Yandex.
• 1.1.1.1 & 2606:4700:4700::1111, operated by Cloudflare.
• 9.9.9.9 & 2620:fe::fe, operated by Quad9.
• 208.67.222.222 & 2620:119:35::35, operated by OpenDNS.
Using a global recursive server (like those in the preceding list) rather than your local access provider’s DNS server could improve your DNS performance, give you a different “view” of the global Internet, or provide privacy or filtering services unavailable on your access provider’s recursive DNS server.