DNS forwarder vs DNS resolver
I'm having a little bit confused between DNS forwarder and DNS resolver.
To me, they are somehow similar to each other. Upon receiving a query, both will check cache to see if it can answer right away to the client before forwarding query to other DNS server.
For example, is my SOHO router considered to be a forwarder or resolver? If it is a forwarder, then is there anyway to know what DNS resolver my router use to forward queries?
Hope for best explain as I'm not really a tech savvy.
Thanks!
Solution 1:
A DNS forwarder will forward requests to another DNS resolver, and if it gets a result it will store this in a cache so that subsequent requests can use the cached result up until the TTL (time-to-live) expires. A DNS resolver stores a database of records that it is authorised to resolve and these records can be edited by an administrator. Most DNS resolvers will also act as forwarders so that if they can't resolve a record they will forward on to another DNS server for resolution. However, you may want a DNS resolver to only resolve names it is authoritative for, in which case you can configure it to not forward on to another DNS resolver.
A home router typically acts as a DNS forwarder, storing a cache of results for as long as they are valid (based on the TTL). But some home routers also have the ability to keep a database of local records - e.g. it may keep a record of your computer name mapped to the local IP address - to enable local name resolution. In this case, the router is acting as a resolver and a forwarder.
Solution 2:
You may want to use the current document from IETF on DNS terminology: https://www.rfc-editor.org/rfc/rfc8499
It says the following:
Forwarder: Section 1 of [RFC2308] describes a forwarder as "a nameserver used to resolve queries instead of directly using the authoritative nameserver chain". [RFC2308] further says "The forwarder typically either has better access to the internet, or maintains a bigger cache which may be shared amongst many resolvers." That definition appears to suggest that forwarders normally only query authoritative servers. In current use, however, forwarders often stand between stub resolvers and recursive servers. [RFC2308] is silent on whether a forwarder is iterative-only or can be a full-service resolver.
Resolver is a too generic word, so I think you want to do your comparison with "DNS recursive server". Which is also defined, as such:
Recursive resolver: A resolver that acts in recursive mode. In general, a recursive resolver is expected to cache the answers it receives (which would make it a full-service resolver), but some recursive resolvers might not cache.
Also "forwarder" have nuances. There are various modes of operations. For example you can have a forwarder doing forward only and keeping the results in cache, or another trying forwarding first and if it fails, doing it itself.
For example for bind
software, look at §4.2.14.2. on https://ftp.isc.org/isc/bind9/cur/9.17/doc/arm/html/reference.html which defines the forward
directive as such:
This option is only meaningful if the forwarders list is not empty. A value of first is the default and causes the server to query the forwarders first; if that does not answer the question, the server then looks for the answer itself. If only is specified, the server only queries the forwarders.
Note also this, showing the feature is per zone, not global:
Forwarding can also be configured on a per-domain basis, allowing for the global forwarding options to be overridden in a variety of ways. Particular domains can be set to use different forwarders, or have a different forward only/first behavior, or not forward at all;