( User Level: Basic / Layman )
The best way to understand the difference between DNS servers is to think of them in three groups which correspond to three basic aspects of the domain naming system:
1) Authoritative Nameservers
3) Root Servers
Authoritative Nameservers handle name-to-number translation for a specific set of domain names. If you are an easyDNS customer and use our DNS, then our name servers are the authoritative name servers for your domain. In other cases your web hosting provider may run your name servers for you.
Resolvers come at this from the other direction: they handle name-to-number translation for every domain name you would ever want to know about. As you are surfing the web or sending email, it’s your resolvers that are going out to various authoritative name servers and getting the IP addresses of whatever hostnames you are after. Resolvers are transparent to most internet users. They are set automatically by your operating system, often via DHCP from your connectivity provider. Most of the time, your ISP is operating resolvers that their customers end up using.
Root Servers are the final piece. How does a resolver know *which* authoritative name server to send a query to? By asking the root servers. All the root servers do is maintain a list of what authoritative name servers are responsible for each domain name and top-level-domain.
Why You Should Know This
Once you understand the role of authoritative, resolver and root servers you can begin to debug certain issues by sending the appropriate queries to the relevant servers.
For example, if you cannot reach a given webserver, your browser is throwing a “hostname not found” error you would like to know why.
If the domain’s authoritative DNS servers are not answering for it, it’s a problem with the domain itself. It could be specific to the domain, or affect all domains served by those nameservers.
If you can’t get anywhere or most places are throwing the same error, then it is your local resolvers that are failing or having issues.
If the domain is not present in the relevant root servers, that domain name may have expired.
There is also a reason why we posted this today, as our next mailing will have important security alert about Resolvers that everybody should be aware of.
This article was sent to the Domain Insights by the easyDNS Guy mailing list. Feel free to join below.