Recursive DNS provides DNS resolution or lookup services to clients, known as resolvers.
A recursive DNS server receives a request from a client for a DNS lookup and performs the entire lookup before returning an answer. The recursive DNS server first contacts a root or “.” server. The root server refers the recursive DNS server to a server that answers queries for the top level domain in the request, such as com, org, or net. These servers may refer the recursive DNS server to a more specific authoritative DNS server that might be authoritative for the zone, and thus the record being resolved. The authoritative server returns an IP address for the record being resolved and the recursive DNS server returns this address in its answer to the DNS client.
To configure recursive DNS, you must set DNS deployment roles and DNS deployment options. The server used for recursive DNS must have recursive DNS capabilities.
- Allow Recursion—lets users make recursive queries to the server. A list of clients that can perform recursive queries is associated with the server. To add addresses that are managed by Address Manager, click the Add IPv4 Block/Network link and use the popup to select addresses for the ACL. Individual addresses from inside or outside the Address Manager-managed address space can be added to the ACL using the Add Address field.
- Root Hints—required to implement DNS recursion and defined at the view level for an entire view. When configuring this option, you have two options for Root Servers: Auto and Specify. If the Auto radio button is selected, the DNS server uses the Internet root servers when performing recursive queries. If the Specify radio button is selected, you can specify the names and IP addresses of one or more Custom Root Servers. These custom root servers are used to create a new root hints file for the DNS server to which this option is deployed.