A DNS server that has
recursion=yes; will return the answer to any query by following the delegation path from the root name servers to the authoritative DNS server for that domain name.
A DNS server that has
recursion=no; will NOT return an answer, but simply a list of the root name servers; which as far as its concerned are authoritative. i.e. Any answer to this query would have to start at the root name servers.
A typical use for recursion=no is to stop someone on the internet from using your server as their DNS server.
Example: Using my XP box and nslookup, query my DNS Server (recursion=yes) running on my FC2 system.
Code:
E:\scowles>nslookup
Default Server: exclesior.mydomain.com
Address: 192.168.8.2
> www.example.com
Server: exclesior.mydomain.com
Address: 192.168.8.2
Non-authoritative answer:
Name: www.example.com
Address: 192.0.34.166
Now change nslookup to use another DNS server which has recursion=no configured.
Code:
> server ns4.myisp.net
Default Server: ns4.myisp.net
Address: xx.xx.xx.xx
> www.example.com
Server: ns4.myisp.net
Address: xx.xx.xx.xx
Name: www.example.com
Served by:
- G.ROOT-SERVERS.NET
- H.ROOT-SERVERS.NET
- I.ROOT-SERVERS.NET
- J.ROOT-SERVERS.NET
- K.ROOT-SERVERS.NET
- L.ROOT-SERVERS.NET
- M.ROOT-SERVERS.NET
- A.ROOT-SERVERS.NET
- B.ROOT-SERVERS.NET
- C.ROOT-SERVERS.NET
Note that the DNS server ns4.myisp.net did not return an answer section, but a list of the root name servers (served by). So any host configured to use the above name server would get a "Name not Found" type of error to any query for which this DNS server is not authoritative.