What is a Resolving Nameserver?

A resolving nameserver, also known as a “Domain Name System (DNS) resolver,” is programmed by Internet service providers (ISPs) to act as a middleman to other DNS servers. It usually sits between your computer and a top-level domain (TLD) nameserver.

DNS servers, like a resolving nameserver, translate domain names into Internet Protocol (IP) addresses. Why? Computers can’t understand domain names, so they need these translated into something they recognize—IP addresses—so you can visit a website.

You can liken a resolving nameserver to an office phone operator. If you don’t know the person’s (domain name) direct line number (IP address), the operator can connect you.

Other interesting terms…

• What is an NXDOMAIN Attack?
• What is a Secondary DNS Server?

Read More about “Resolving Nameserver”

It takes a maximum of four DNS servers—a resolving nameserver, a TLD nameserver, a root nameserver, and an authoritative nameserver—to direct your computer to the site you wish to access.

How Does a Resolving Nameserver Work?

Watch this video to see how a DNS resolver lets you access any website using your browser.

The video showed that if your browser doesn’t have the IP address resolution of a domain name in its cache, such as when you visit a site for the first time, your computer talks to a resolving nameserver to get that information.

If the resolving nameserver has that data cached, it sends that back to your computer, thus taking you to the website. If it doesn’t have the answer, it talks to a TLD nameserver (for the domain’s TLD, such as the .com server for https://microsoft[.]com), which then talks to the Microsoft root nameserver, and finally to the microsoft[.]com authoritative nameserver. The authoritative nameserver finds the site then delivers the IP address to your computer, allowing you to see the Microsoft home page.

When Do You Need a Resolving Nameserver?

You need a DNS resolver if you often need to know more information about domains, root servers, and authoritative nameservers. People who work in the IT sector, including cybersecurity, require resolving nameservers. Law enforcement agencies, particularly those specializing in cybercrime investigations, also need them.

You can get information from a resolving nameserver using specially crafted DNS lookup tools.

What Information Can You Get from a Resolving Nameserver?

A resolving nameserver tool will provide using a domain name as a search term:

• Types of DNS records that the queried domain has
• Domain’s creation and last updated dates
• More detailed information on each of the domain’s available DNS records

Here’s a sample result from a resolving nameserver lookup tool.

What Types of DNS Records Does a DNS Resolver Retrieve Information For?

Resolving nameservers obtain data about a domain of interest from several records. We discussed the ones we saw for our microsoft[.]com query below.

• A record: “A” stands for “address.” This record gives the domain name’s IP address resolution or equivalent. The resolving nameserver told us that microsoft[.]com resolves to the IP addresses 104[.]215[.]148[.]63, 40[.]76[.]4[.]15, 40[.]112[.]72[.]205, 40[.]113[.]200[.]201, and 13[.]77[.]161[.]179.

• SOA record: “SOA” stands for “Start of Authority,” which tells a DNS server what authoritative nameserver gave us the domain information. The resolving nameserver told gave us microsoft[.] com’s time-to-live (TTL), administrator, host, and more.

• TXT record: “TXT” is short for “text.” This record lets website administrators add human- and machine-readable notes about the domain for email validation, site ownership verification, and more. While it doesn’t require a specific format, its characters may be limited. For example, the resolving nameserver gave us information from 16 TXT records for microsoft[.]com.

• MX record: “MX” stands for “mail exchanger.” This record tells computers which mail server to use to deliver emails meant for users of a particular domain. In microsoft[.] com’s case, the resolving nameserver identified the MX server named microsoft-com[.]mail[.]protection[.]outlook[.]com[.].

—

As you’ve seen, you can’t access websites without the help of resolving nameservers. But they have more specific applications, specifically in the cybersecurity realm.