DNS vs WHOIS for Domain Availability Checking
Published: March 20, 2026
When checking whether a domain name is available to register, there are two primary data sources: DNS and WHOIS (or its modern replacement, RDAP). Each method answers a different question, operates at different speeds, and has distinct failure modes. Understanding when to use which — and why combining both produces the most reliable results — is essential for building accurate domain availability tools.
How DNS-based availability checking works
The Domain Name System maps domain names to IP addresses and other records. When you query DNS for a domain, the response tells you whether that domain has any active records configured.
The lookup process
A recursive DNS resolver queries the authoritative nameservers for a domain. The key responses are:
- NXDOMAIN — the domain does not exist in DNS. This is a strong signal that the domain is available for registration.
- NOERROR with records — the domain has active DNS records (A, AAAA, NS, MX, etc.). The domain is registered and in use.
- SERVFAIL or timeout — the DNS infrastructure is not responding. The result is inconclusive.
Advantages of DNS
- Speed — DNS lookups typically complete in 5-50 milliseconds, making them practical for checking many domains quickly.
- No rate limiting — unlike WHOIS servers, DNS resolvers do not impose strict per-client query limits. You can check thousands of domains per minute.
- Universal coverage — DNS works for every TLD. You do not need to know which WHOIS server to query for each registry.
Limitations of DNS
- False positives — a registered domain with no DNS records configured (parked, expired but in grace period, or simply not set up yet) returns NXDOMAIN. DNS would incorrectly indicate it is available.
- Wildcard DNS — some registries respond to queries for unregistered domains with a wildcard record instead of NXDOMAIN. This makes all domains under that TLD appear registered.
- No registration metadata — DNS tells you nothing about when the domain was registered, when it expires, or who the registrar is.
How WHOIS-based availability checking works
WHOIS is a protocol for querying registration databases maintained by domain registries and registrars. It returns detailed information about a domain's registration status.
The lookup process
A WHOIS client connects to the appropriate WHOIS server for the domain's TLD (e.g., whois.verisign-grs.com for .com) and sends a text query.
The server returns a free-text response containing registration data, or a "not found" message if the domain is not registered.
RDAP (Registration Data Access Protocol) is the modern replacement. It returns structured JSON instead of free-text, making it easier to parse programmatically. Not all registries support RDAP yet, so WHOIS remains necessary for full coverage.
Advantages of WHOIS
- Authoritative — WHOIS data comes directly from the registry database. If a domain is registered, WHOIS knows about it regardless of DNS configuration.
- Rich metadata — returns registrar name, creation date, expiry date, updated date, and nameservers.
- Catches DNS blind spots — domains that are registered but have no DNS records are correctly identified as taken.
Limitations of WHOIS
- Rate limiting — most registries limit queries to roughly 43 per minute per IP address. Exceeding this results in temporary bans.
- Speed — WHOIS lookups take 200-2000 milliseconds, significantly slower than DNS.
- Inconsistent formats — every registrar formats WHOIS responses differently. Parsing "creation date" from hundreds of different text formats is an ongoing maintenance burden.
- Incomplete coverage — some newer TLDs only support RDAP, while some older TLDs have unreliable or unavailable WHOIS servers.
Side-by-side comparison
DNS
- 5-50ms per lookup
- No rate limiting
- Universal TLD coverage
- Misses parked/unconfigured domains
- No registration metadata
- Best for: fast initial screening
WHOIS / RDAP
- 200-2000ms per lookup
- ~43 queries/min limit
- Varies by TLD/registrar
- Catches all registered domains
- Returns registrar, dates, nameservers
- Best for: authoritative confirmation
Why combining DNS and WHOIS is the answer
Neither method alone is sufficient. DNS is fast but can miss registered domains without records. WHOIS is authoritative but too slow and rate-limited for bulk checking. The optimal strategy uses a two-stage pipeline:
- DNS first — query DNS for every domain. Domains with active records are definitively taken. Domains returning NXDOMAIN are probably available.
- WHOIS confirmation — for domains where DNS returned NXDOMAIN, query WHOIS to confirm they are genuinely unregistered. This catches the false positives from parked or unconfigured domains.
This combined approach gives you the speed of DNS for the majority of lookups (most domains are registered and have DNS records) while using WHOIS only for the smaller subset that needs confirmation.
How canyougrab.it implements this
The canyougrab.it API runs exactly this pipeline. Each domain lookup goes through:
- Cache check — recently looked-up domains are served from a Valkey cache, avoiding redundant queries.
- DNS resolution — an Unbound recursive resolver queries authoritative nameservers. Domains with active records are immediately marked as taken with high confidence.
- WHOIS/RDAP fallback — domains where DNS is inconclusive are checked via WHOIS or RDAP for authoritative confirmation.
Every result includes a confidence score ("high", "medium", or "low") and a source field ("dns", "whois", "rdap", or "cache") so you know exactly how the determination was made.
Try it now
Get your free API key and check domain availability using combined DNS + WHOIS lookups. No credit card required.
Further reading
- How to Check Domain Availability with an API — code examples and integration walkthrough
- Bulk Domain Checking: A Developer's Guide — strategies for checking domains at scale
- API Reference — full endpoint documentation