What Is a DNS Resolver? Recursive vs Authoritative

Q: What is a DNS resolver?

A DNS resolver is the service that takes a human-readable domain name like example.com and finds its IP address on your behalf. The most common type is the recursive resolver, which does the work of querying other servers until it gets an answer. Your device stub resolver simply hands the request to a recursive resolver, such as your ISP one or a public one like 1.1.1.1.

Q: What is the difference between a recursive and authoritative DNS resolver?

A recursive resolver receives a query and chases down the answer by asking other servers in turn, then returns the final result. An authoritative name server is the source of truth that actually holds the DNS records for a domain and answers questions about it. In short, the recursive resolver asks and the authoritative server answers definitively.

Q: How does the DNS resolution process work step by step?

The query travels through a chain: your device stub resolver to a recursive resolver, then a root name server, then the relevant TLD name server such as the one for .com, then the domain authoritative name server. Each step narrows the search, and the authoritative server returns the final IP address, which the recursive resolver passes back to you. Answers are cached along the way to speed up repeat lookups.

Q: What is DNS caching and TTL?

Caching means a resolver stores answers it has already fetched so it does not repeat the full lookup chain. TTL, or Time To Live, is a value set by the domain owner that tells resolvers how long, in seconds, they may keep a cached record before re-fetching it. A short TTL means changes propagate faster, while a long TTL means fewer lookups and faster responses.

Q: What are some examples of public DNS resolvers?

Widely used public recursive resolvers include Cloudflare (1.1.1.1), Google Public DNS (8.8.8.8 and 8.8.4.4), and Quad9 (9.9.9.9). They are operated as free, openly accessible alternatives to your ISP default resolver. You can see which resolver answers for a domain, and inspect its records, with a DNS lookup tool.

~/sheets/what-is-a-dns-resolver.md

The Service That Turns Names Into Addresses
A DNS resolver is the service that takes a human-readable domain name like example.com and finds its IP address on your behalf. Without it, your device would have no way to translate the names you type into the numeric addresses computers actually connect to. The most common type is the recursive resolver, and when you set a DNS server such as 1.1.1.1 or 8.8.8.8 on your device, you are choosing which recursive resolver to use.
You can inspect the records any resolver returns for a domain with our DNS Lookup tool, and confirm which resolver is actually answering your queries with the DNS Leak Test. To pick a fast, private resolver, see our best DNS servers guide.
Recursive vs Authoritative Resolvers
A recursive resolver receives a query and does the legwork of asking other servers in turn until it has the final answer, then returns it to you. An authoritative name server is the source of truth that actually holds the DNS records for a given domain and answers questions about it definitively. In short: the recursive resolver asks, and the authoritative server answers. Your own device runs a tiny stub resolver that simply hands requests to a recursive resolver rather than doing the work itself.
How DNS Resolution Works, Step by Step
A lookup travels through a chain. Your device stub resolver passes the query to a recursive resolver, which then asks a root name server, then the relevant TLD name server (for example the server for .com), then the domain authoritative name server, which returns the final IP address. The recursive resolver passes that answer back to you. Each step narrows the search, and results are cached along the way so repeat lookups are far faster than the full chain.
Caching and TTL
Caching means a resolver stores answers it has already fetched so it does not have to repeat the whole lookup chain every time. TTL (Time To Live) is a value, in seconds, set by the domain owner that tells resolvers how long they may keep a cached record before fetching it again. A short TTL means changes propagate quickly but causes more lookups, while a long TTL means fewer lookups and faster responses but slower propagation when a record changes. This is also why a DNS change can take time to be seen everywhere.
Public DNS Resolvers
Public recursive resolvers are free, openly accessible alternatives to your ISP default resolver. Widely used ones include Cloudflare (1.1.1.1), Google Public DNS (8.8.8.8 and 8.8.4.4), and Quad9 (9.9.9.9), which validates DNSSEC and blocks known-malicious domains. Switching to one is a quick, reversible privacy and security upgrade. See DNS over HTTPS for how to also encrypt those queries.
Frequently Asked Questions
What is a DNS resolver?
A DNS resolver is the service that takes a human-readable domain name like example.com and finds its IP address on your behalf. The most common type is the recursive resolver, which does the work of querying other servers until it gets an answer. Your device stub resolver simply hands the request to a recursive resolver, such as your ISP one or a public one like 1.1.1.1.
What is the difference between a recursive and authoritative DNS resolver?
A recursive resolver receives a query and chases down the answer by asking other servers in turn, then returns the final result. An authoritative name server is the source of truth that actually holds the DNS records for a domain and answers questions about it. In short, the recursive resolver asks and the authoritative server answers definitively.
How does the DNS resolution process work step by step?
The query travels through a chain: your device stub resolver to a recursive resolver, then a root name server, then the relevant TLD name server such as the one for .com, then the domain authoritative name server. Each step narrows the search, and the authoritative server returns the final IP address, which the recursive resolver passes back to you. Answers are cached along the way to speed up repeat lookups.
What is DNS caching and TTL?
Caching means a resolver stores answers it has already fetched so it does not repeat the full lookup chain. TTL, or Time To Live, is a value set by the domain owner that tells resolvers how long, in seconds, they may keep a cached record before re-fetching it. A short TTL means changes propagate faster, while a long TTL means fewer lookups and faster responses.
What are some examples of public DNS resolvers?
Widely used public recursive resolvers include Cloudflare (1.1.1.1), Google Public DNS (8.8.8.8 and 8.8.4.4), and Quad9 (9.9.9.9). They are operated as free, openly accessible alternatives to your ISP default resolver. You can see which resolver answers for a domain, and inspect its records, with a DNS lookup tool.
Last updated: April 2026