An authoritative Domain Name System (DNS) server is where your computer or browser will find the Internet Protocol (IP) address of the website or application you want to visit. It serves as a phonebook containing the machine-readable IP address equivalent of a human-readable domain name. This function is central to what is an authoritative DNS server.
For example, if you type google[.]com, your browser has to find the domain’s IP address by performing a DNS query. Your computer first contacts your Internet service provider (ISP) for that.
Sometimes, your ISP’s DNS resolver, the server tasked to perform DNS queries, has the IP address cached. In this case, your computer can obtain the IP address without contacting the authoritative nameserver. In most instances, the DNS resolver would need to query other DNS servers until it is finally directed to Google’s authoritative DNS server (e.g., ns1[.]google[.]com) and obtains Google’s IP address (e.g., 8[.]8[.]8[.]8).
Read More about “Authoritative DNS Server”
To better understand what is an authoritative DNS server, you need a basic grasp of what a DNS query looks like.
How Does a DNS Query Work?
An authoritative DNS server is the final destination of a typical DNS query. You can see that in the image below. Authoritative DNS servers do not query other servers but instead provide the necessary information.
The typical flow would be:
- DNS resolver: Your computer sends the DNS query to the DNS resolver when you type a domain name.
- Root nameserver: If the DNS resolver doesn’t have the domain’s IP address cached, it forwards the request to the root nameserver.
- Top-level domain (TLD) nameserver: The root nameserver would then provide the TLD nameserver.
- Authoritative nameserver: The TLD nameserver provides the authoritative nameserver. Finally, the authoritative DNS server provides the domain name’s IP address.
What Is the Role of an Authoritative Nameserver in the DNS?
Now that you know what is an authoritative DNS server, you may think that there is no need for authoritative DNS servers as long as your ISP’s DNS resolver stores IP addresses. However, IP address assignments constantly change. New websites also pop up every second. The IP address stored in a DNS resolver would eventually become obsolete, requiring the resolver to contact the authoritative DNS server again.
Hence, the role of an authoritative nameserver is to keep track of all changes in IP addresses and other DNS resource records. We likened the server to a phonebook before, which is still a true representation of what is an authoritative DNS server, but it’s more like a dynamic phonebook as it constantly gets updated.
What’s the Difference between Authoritative and Recursive DNS Servers?
Authoritative DNS servers hold the necessary information about a domain name. It is where the DNS query gets sent last. On the other hand, recursive DNS servers communicate with other DNS servers to obtain the required IP address. Among the DNS servers it communicates with is the authoritative DNS server.
DNS resolvers can be recursive DNS servers as they act on behalf of your computer to find a domain’s IP address.
What Information Does an Authoritative DNS Server Hold?
We talked about authoritative DNS servers providing the IP address of the website you want to visit. Aside from the IP address, which we refer to as an “A record,” authoritative nameservers also hold other DNS records, including:
- Canonical name (CNAME) record: When the domain name you want to access on your computer is forwarded to another domain, this is reflected in the CNAME record. For example, if you type www[.]google[.]com, the authoritative DNS server will tell your computer through the CNAME record to look for the IP address of google[.]com. That will kick off another DNS query.
- Start of Authority (SOA) record: This DNS record contains important administrative information about the domain, including the primary master server, serial number, and email address of the zone administrator.
Authoritative nameservers (and DNS servers, in general) play a critical role in our online experience. Now that you understand what is an authoritative DNS server, you know that without them, we would have to memorize all the IP addresses of the websites we want to visit.