Gyaan

DNS Deep Dive (Recursive vs Iterative, Records)

intermediate dns resolver records caching networking

DNS (Domain Name System) is the phonebook of the internet. We type gyaan.pman47.cc, DNS turns it into an IP like 144.24.126.230, and the browser knows where to connect.

In simple language: humans like names, computers like numbers. DNS bridges the two.

The Players

  • Stub resolver — the tiny client on our OS that asks questions.
  • Recursive resolver — does the legwork on our behalf (e.g., 8.8.8.8, 1.1.1.1, our ISP’s resolver).
  • Root servers — 13 logical servers that know where to find TLD servers.
  • TLD servers — handle a top-level domain like .com, .cc, .in.
  • Authoritative servers — the actual owners of a domain’s records.

Recursive vs Iterative

Recursive query: the client asks one server “give me the answer,” and that server does whatever it takes to find it. This is what we do when we ask 1.1.1.1.

Iterative query: the server replies “I don’t have it, but ask this other server.” The asker keeps following the trail. This is what the recursive resolver does on the backend.

How gyaan.pman47.cc Resolves

Browser
→ "What's the IP of gyaan.pman47.cc?"
Resolver
recursive (1.1.1.1) — checks cache first
Root
→ "Don't know, ask the .cc TLD server"
TLD .cc
→ "Ask pman47.cc's authoritative NS"
Authoritative
→ "gyaan.pman47.cc = 144.24.126.230"
Resolver
caches answer, returns to browser
Browser
opens TCP connection to 144.24.126.230

The browser → resolver hop is recursive. The resolver → root → TLD → authoritative chain is iterative.

Common Record Types

RecordWhat it points to
AIPv4 address
AAAAIPv6 address
CNAMEAlias to another domain (wwwexample.com)
MXMail exchange server (priority + hostname)
TXTArbitrary text (SPF, DKIM, domain verification)
NSAuthoritative nameservers for the domain
PTRReverse DNS — IP back to a hostname
SRVService location (host + port for things like SIP)

TTL & Caching

Every record has a TTL (time-to-live, in seconds). It tells resolvers how long to cache the answer.

  • Low TTL (60s) — fast propagation, more queries, more load.
  • High TTL (86400s = 1 day) — fewer queries, slow updates if we move servers.

Caching happens at multiple layers: browser, OS stub resolver, recursive resolver. That’s why a DNS change might take hours to “propagate” — old caches are still alive.

Tools to Inspect DNS

# Quick lookup
dig gyaan.pman47.cc

# Specific record type
dig pman47.cc MX

# Trace the full iterative resolution
dig +trace gyaan.pman47.cc

# Use a specific resolver
dig @1.1.1.1 gyaan.pman47.cc

# nslookup — older but available everywhere
nslookup gyaan.pman47.cc

Interview Tip

When asked “what happens when we type a URL,” DNS is the first major step. Be ready to draw the resolver/root/TLD/authoritative chain and mention caching at every layer. Bonus points for talking about DNS over HTTPS (DoH) and DNSSEC for security.

References