In an iterative DNS architecture , local DNS servers have caches and can mostly skip contacting root and TLD servers.
In a recursive schema, the local DNS server contacts one DNS server which recursively fetches the result and replies with the requested resource.
What it is the difference between iterative and recursive DNS from a caching point of view?
Can the local DNS server still take a shortcut in a recursive architecture?
What it is the difference between iterative and recursive DNS from a caching point of view?
There is no difference. The time-to-live (TTL) from the authoritative server, together with local policies will indicate for how long the records will be kept in and served from the cache.
Can the local DNS server still take a shortcut in a recursive architecture?
If the local DNS is not a forwarding-only DNS then yes, and it happens all the time. Once you know how to get answer for a specific domain, you will not go again all the way to the root while the information is in the cache. Data can be removed from the cache because the original TTL expired, or because the local configuration set a limit on cache size or TTL. For bind for example that would be max-cache-ttl.
There is now a canonical document on DNS terminology:
Here are its relevant definitions, slightly abridged and reordered:
"Recursive resolver: A resolver that acts in recursive mode. [..] [RFC4697] tried to differentiate between a recursive resolver and an iterative resolver."
"Recursive mode: A resolution mode of a server that receives DNS queries and either responds to those queries from a local cache or sends queries to other servers in order to get the final answers to the original queries."
"Iterative resolution: A name server may be presented with a query that can only be answered by some other server. The two general approaches to dealing with this problem are "recursive", in which the first server pursues the query on behalf of the client at another server, and "iterative", in which the server refers the client to another server and lets the client pursue the query there. (See Section 2.3 of [RFC1034].)
In iterative resolution, the client repeatedly makes non-recursive
queries and follows referrals and/or aliases. The iterative
resolution algorithm is described in Section 5.3.3 of [RFC1034]."
The RFC 4697 quoted above says this:
This memo is concerned principally with the behavior of iterative
resolvers, which are typically found as part of a recursive name
server. This memo uses the more precise term "iterative resolver",
because the focus is usually on that component. In instances where
the name server role of this entity requires mentioning, this memo
uses the term "recursive name server". As an example of the
difference, the name server component of a recursive name server
receives DNS queries and the iterative resolver component sends
queries.
RFC 1034 seems to me even more unclear on this, or more precisely even more outdated:
- In any system that has a distributed database, a particular name server may be presented with a query that can only be answered by some other server. The two general approaches to dealing with this problem are "recursive", in which the first server pursues the query for the client at another server, and "iterative", in which the server refers the client to another server and lets the client pursue the query. Both approaches have advantages and disadvantages, but the iterative approach is preferred for the datagram style of access. The domain system requires implementation of the iterative approach, but allows the recursive approach as an option.
Back to your question of:
What it is the difference between iterative and recursive DNS from a caching point of view?
In my understanding on how things work in the wild (which is not exactly aligned with the definitions above), there are no differences as a recursive nameserver does iterative queries to resolve whatever names the client has asked for.
and for
Can the local DNS server still take a shortcut in a recursive architecture?
Basically anything not being authoritative can have a cache, and as long as it obeys the TTLs it got from previous replies it received, it is working inside the bounds of the protocol.
Note that in the future things may get more muddy: some proposals like ANAME and specific implementations may require an authoritative nameserver to also become recursive/iterative at the time a given query comes in order to be able to resolve the target.
