What is a Recursive DNS server?

When you browse the internet, you don’t write IP addresses to go to the pages you want; you just write the domain. In the “backstage”, every request that you do, passes through a DNS query. It first goes to your internet provider’s recursive DNS server. If it can’t find in the cache, the information needed, it will continue to other recursive servers until it gets to an authoritative DNS server who can give the IP address of the required domain. Basically, it is a name server, that is a middle-man between you, the user, and the authoritative DNS server.

Tasks of the recursive DNS server:

1. Checks if the IP address is stored in the cache memory. There is a certain period of time, pre-defined by the domain’s owner called Time to Live or TTL. It says for how long the recursive server can hold the information. If it is still there, it will return the answer fast and won’t take further actions.
2. Searches for the IP address elsewhere. If it is not in the cache, it will continue the searching process until it gets to an authoritative server which has the information.
recursive DNS server

Recursive DNS servers and the amplified attacks

DNS Amplified Attacks are a very common threat on the Internet. They exploit the public recursive DNS servers to generate high traffic and to damage the target.

Public (Open) recursive DNS

To leave your recursive DNS server public is dangerous. Such devices are with minimum security and visible IP address. This means that anyone, including cyber-criminal, can easily access it and later use it as a botnet device to amplify their next attack.
Many of the network administrators don’t know their recursive servers are open, and this can lead to severe problems. If you doubt about your DNS server, you can check it on this page: http://openresolverproject.org

Oversized packets

A second threat that some of the attackers take advantage of is manipulating the query packets. They send multiple queries to recursive servers, but with a modified IP addresses, directing all of the generated traffic towards the victims. They use many servers, and if the traffic is high, they can crush the victims’ servers.

Can you have safe recursive DNS servers?

Yes, it is possible to secure your servers. We recommend you to use our Private DNS servers. They are hidden from the public eye and still have all of the premium features like TTL management, Cloud domains, Secondary DNS, SOA Settings and Hourly statistics
You don’t need to get all of them. You can strategically choose just a few of them where you most need them.
For best security options you can select our DDoS protected servers in France and Canada.

Enjoy this article? Don't forget to share.

Leave a Reply

Your email address will not be published. Required fields are marked *

*