What is the purpose of the Authoritative DNS server?

What is an Authoritative DNS server?

An authoritative DNS server (also known as an authoritative nameserver) holds the zone file containing DNS records (for A, AAAA, CNAME, TXT, etc.). It could be a domain registrar or a DNS hosting provider’s server.

Several authoritative servers cover various locations. They only respond to queries for the DNS zones they have set up.

Different answers from the Authoritative DNS server

They have two primary missions in general. The first is to keep track of domain names and their IP addresses in a database. The second objective is to respond to recursive DNS servers by supplying the correct IP address for each user’s domain.

An authoritative server does not save any cache query results. Instead, it works with original data that has been saved directly in its system.

How to check it? 

The Nslookup command, which is available on Windows, macOS, and Linux, is the simplest way to check the authoritative DNS servers.

To begin, Open the Command Prompt on Windows or the Terminal on macOS and Linux. And after that, run the Nslookup command:

nslookup -type=ns example.net

You will see a list of the domain’s nameservers as well as their IP addresses. It looks like this: 



Non-authoritative answer:

example.net nameserver = ns2.pq.hosting.

example.net nameserver = ns1.pq.hosting.

* You can replace “example.net” for the domain name you want to test.

Different types of Authoritative DNS servers

Primary and secondary authoritative DNS servers are the two types of authoritative DNS servers. But, first, let’s have a look at the distinctions between them.

  • Primary or Master Authoritative DNS server stores the zone file and DNS records. It is the only server that allows DNS record changes. As a result, the primary server must notify and provide updates containing all changes made to its zone file. So, it includes a “notify” feature in its functionality. It allows a primary server to notify a secondary server of a new update so that the latter can request it. We use the zone transfer to distribute an update to all secondary servers.
  • Secondary DNS server, also known as a Slave DNS server is a copy of the primary server that cannot be edited. Redundancy is essential and always welcome to avoid risking critical processes and information. Having a secondary server means having a useful backup as well as other benefits. The traffic load can be distributed among servers using these copies to avoid stress. The more nameservers you have to respond to DNS requests, the faster you can serve traffic. Secondary servers are transformed into points of presence (PoPs) where recursive servers can locate the information that users all over the world require.

Authoritative DNS server vs. Recursive DNS server

Imagine the following situation – you are trying to connect to a website (example.net). This query will pass through authoritative and recursive DNS servers, also known as DNS resolvers. They respond to the request and store the canonical information that tells you which IP address corresponds to that domain. For example, the domain example.net fits to Internet Protocol

So, we can say that the recursive DNS servers communicate directly with the end-user, while authoritative DNS servers authority DNS records and maintain DNS record information. This is the main difference between them. In addition, the recursive DNS server reads a user’s DNS request and responds with cached data or finds the answer before responding. So, DNS resolvers can get the answer by looking at what is stored on the authoritative DNS servers.

Suggested article: List with most popular Managed DNS service providers