What is a DNS Resolver?

A DNS resolver, often called a recursive resolver, is the server that turns a domain name into an IP address on your behalf. Your computer or phone is configured to use a particular resolver, and whenever an app needs to reach a domain, it asks that resolver rather than contacting the wider DNS system directly.

The resolver does all the heavy lifting of a DNS lookup: it figures out which servers to ask, walks the hierarchy until it has a definitive answer, hands that answer back to you, and remembers it for next time. From the client's point of view, one simple question goes out and one answer comes back.

When the answer is not already cached, the resolver works through the DNS hierarchy from the top down:

1. Check the cache — if the resolver already has a fresh answer, it returns it immediately and stops here.
2. Ask a root server — the resolver queries a root nameserver, which points it toward the servers for the relevant top-level domain, such as .com.
3. Ask the TLD servers — the .com servers respond with the authoritative nameservers for the specific domain.
4. Ask the authoritative nameservers — these hold the real records and return the definitive answer, such as the A record's IP address.
5. Return and cache — the resolver sends the answer back to your device and caches it for the length of the record's TTL.

This process is called recursion because the resolver keeps following referrals until it reaches a server that can answer authoritatively, rather than handing the partial work back to you.

By default, most devices use the recursive resolver run by their internet provider. You can also switch to a public resolver, which is a free service anyone may point their devices at:

• Cloudflare at 1.1.1.1 — focused on speed and privacy.
• Google Public DNS at 8.8.8.8 and 8.8.4.4 — widely used and highly reliable.
• Quad9 at 9.9.9.9 — adds blocking of known malicious domains.

People choose public resolvers for faster lookups, better uptime, privacy options, or built-in security filtering. They are functionally the same kind of recursive resolver as your provider's, just operated independently and often with large global footprints.

Caching is what makes resolvers fast. After a resolver fetches a record, it stores the answer for the length of that record's TTL and serves it from memory to every subsequent request, without bothering the authoritative servers again. The first lookup for a domain might take tens of milliseconds; the next thousand are essentially free.

The flip side is that a resolver keeps serving its cached copy until the TTL expires, even if you have already changed the record. That delay is the root of what people call propagation, and you can dig into the mechanics in our guides to DNS cache and TTL.

It is easy to lump resolvers and nameservers together, but they play opposite parts in a lookup. A recursive resolver is the asker: it queries on your behalf, follows referrals, and caches answers, yet it owns no records of its own. An authoritative nameserver is the answerer: it holds the real records for a domain and gives the definitive response.

Put simply, the resolver is the client side of DNS and the authoritative server is the source of truth. For a fuller comparison of these two roles, see authoritative vs recursive DNS. And because the records those authoritative servers hand out can be changed without warning, ZoneWatcher monitors them continuously and alerts you the moment anything changes.