What Is a DNS Server? Recursive vs Authoritative Explained

A DNS server is a computer that stores DNS records and answers queries about domain names. When your browser needs to find the IP address for whatismyip.wiki, it asks a DNS server. But not just one server. DNS resolution typically involves multiple types of servers working together: recursive resolvers do the searching, authoritative servers hold the answers, root and TLD servers direct traffic, and caching servers speed everything up. Understanding these roles explains how DNS queries get answered in milliseconds despite the system’s massive scale.

Types of DNS Servers

Recursive Resolver

The recursive resolver is the server your device actually talks to. It’s the research librarian of DNS: when you ask it a question, it goes and finds the answer by querying other servers on your behalf.

When your computer needs to resolve whatismyip.wiki, it asks your configured recursive resolver (usually your ISP’s or a public one like 1.1.1.1). If the resolver doesn’t have the answer cached, it starts the resolution process: query the root servers, then the TLD servers, then the authoritative servers.

Popular public recursive resolvers:

Cloudflare: 1.1.1.1 and 1.0.0.1
Google: 8.8.8.8 and 8.8.4.4
Quad9: 9.9.9.9 and 149.112.112.112
OpenDNS: 208.67.222.222 and 208.67.220.220

Your ISP also runs recursive resolvers, and they’re what you use by default unless you’ve changed your DNS settings.

Authoritative Nameserver

The authoritative nameserver is the final source of truth for a domain’s DNS records. It’s where the actual records (A, AAAA, MX, TXT, etc.) are configured and stored.

When you set up DNS for your domain through Cloudflare, Namecheap, or Route 53, you’re configuring records on authoritative nameservers. These servers respond to queries about your domain with definitive answers (not cached data from somewhere else).

Major authoritative DNS providers: Cloudflare DNS, AWS Route 53, Google Cloud DNS, Azure DNS, NS1.

Root Nameservers

There are 13 root nameserver addresses (A through M), operated by organizations including ICANN, NASA, the US Army, and Verisign. They’re the starting point for resolving any domain name.

Root servers don’t know the IP for whatismyip.wiki, but they know where to find the .wiki TLD nameservers. They’re the first step in the resolution chain.

Despite having only 13 addresses, root servers are distributed across over 1,500 physical locations worldwide using anycast routing. The root server system processes approximately 50 billion queries per day and has never experienced a complete outage since its creation.

TLD Nameservers

TLD (Top Level Domain) nameservers are responsible for everything under a specific TLD. The .wiki TLD nameserver knows about all .wiki domains and can direct resolvers to each domain’s authoritative nameserver.

Each TLD has its own nameserver infrastructure operated by the TLD registry. Verisign operates the .com and .net nameservers, handling the query load for over 170 million registered domains.

Caching: Why DNS Is Fast

Without caching, every DNS query would require multiple round trips to different servers. The internet would grind to a halt. Caching makes DNS fast:

Browser cache: Your browser remembers recent lookups
OS cache: Your operating system maintains its own DNS cache
Router cache: Many routers cache DNS responses
Resolver cache: Recursive resolvers cache millions of records

Each cached record has a TTL (Time to Live) that determines how long it’s valid. When the TTL expires, the next query triggers a fresh lookup. This system means most DNS queries are answered from cache, with actual recursive resolution only happening when caches are empty or expired.

Changing Your DNS Server

Windows

Settings → Network & Internet → Change adapter options → Right-click your connection → Properties → Internet Protocol Version 4 → “Use the following DNS server addresses”

Mac

System Preferences → Network → Advanced → DNS → + button to add servers

Linux

Edit /etc/resolv.conf or configure through NetworkManager

Router (all devices on your network)

Log into your router’s admin panel (usually 192.168.1.1) → WAN or Internet settings → DNS settings

Changing DNS at the router level applies to all devices on your network automatically. This is the recommended approach for protecting your entire household.

Test It Yourself

DNS Lookup

Query any domain and see which DNS servers respond. Test resolution from multiple locations.

Open Tool →

Frequently Asked Questions

For most people, Cloudflare (1.1.1.1) offers the best combination of speed and privacy. Google (8.8.8.8) is reliable and fast. Quad9 (9.9.9.9) adds malware blocking. Your ISP's default DNS works fine but may be slower and logs more data.

Yes. Software like Pi-hole, Unbound, and BIND let you run a local DNS server. Pi-hole is popular for ad blocking at the network level. Unbound acts as a recursive resolver that queries authoritative servers directly, bypassing public resolvers entirely.

If your configured DNS server is unreachable, domains won't resolve and websites will appear to be down even though the actual servers are fine. This is why configuring a secondary DNS server is important. Most DNS settings have fields for both a primary and secondary server.