Solved

DNS/DIG lookup questions and GTLD servers question

Posted on 2003-12-05
2
1,278 Views
Last Modified: 2010-05-18
I have a question about the G-TLD servers.  Do they cache dns information?

When I do a dig on for  microsoft.com (dig microsoft.com +trace) the final answer is:

microsoft.com.          3600    IN      A       207.46.245.214
microsoft.com.          3600    IN      A       207.46.245.222
;; Received 63 bytes from 207.46.138.20#53(dns1.cp.msft.net) in 65 ms

If I am reading this correctly it is saying that  dns1.cp.msft.net gave the answer of 207.46.245.214 and 222....

What does it mean if I do a dig and it says that  (dig example.com +trace) the GTLD gave the answer????

example.com.      172800  IN      A       XXX.XXX.XXX.225
example.com.      172800  IN      NS      ns1.example.com.
;; Received 124 bytes from 192.5.6.30#53(A.GTLD-SERVERS.NET) in 33 ms


0
Comment
Question by:atebit
2 Comments
 
LVL 18

Expert Comment

by:chicagoan
ID: 9885041
>G-TLD servers.  Do they cache dns information?
If a DNS server is authoritative for a domain, the zone record is read and cached when BIND is loaded.
If a DNS server is not authoritative, it queries the authoritative server and caches the record until the TTL expires.
When tracing is enabled, dig makes iterative queries to resolve the name being looked up. It will follow referrals from the root servers, showing the answer from each server that was used to resolve the lookup.
Your query led dig to dns1.cp.msft.net, which is the authority for microsoft.com

>What does it mean if I do a dig and it says that  (dig example.com +trace) the GTLD gave the answer????
It means A.GTLD-SERVERS.NET is authoritative for example.com

When tracing is disabled (the default), dig queries the default name server or the server specified in the command line.

0
 
LVL 55

Accepted Solution

by:
andyalder earned 500 total points
ID: 9888055
>G-TLD servers.  Do they cache dns information?

No, the root servers just look after "." and .com, they don't cache or resolve for anything else, the problem is that dig returns additional information that you may be misinterpreting as coming from them when it has resolved it by doing additional queries to the authoritative server.

>If I am reading this correctly it is saying that  dns1.cp.msft.net gave the answer of 207.46.245.214 and 222....
Yes.


What does it mean if I do a dig and it says that  (dig example.com +trace) the GTLD gave the answer????

example.com.      172800  IN      A       XXX.XXX.XXX.225
example.com.      172800  IN      NS      ns1.example.com.
;; Received 124 bytes from 192.5.6.30#53(A.GTLD-SERVERS.NET) in 33 ms

It means example.com's DNS registration is well screwed up!
The root servers have returned ns1.example.com as being the authoratitive nameserver for that domain but haven't returned the IP address of ns1.example.com presumably because someone filled a form in wrong. Nobody will be able to get to ns1.example.com so www.example.com, mail.example.com etc won't be resolvable.

dig has also returned any A records it can find for that domain (through a zone-file transfer) and it's had an A record returned, not for the nameserver, but just for example.com so if you put a webserver at xx.xx.xx.225 that could just work.

Example.com need to get the example.com A record off the root servers and ns1.example.com put in it's place, probably using the same IP address. Can't do that change through DNS but only through the registrar's website.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Comparing Internet speeds via throughput 3 40
cant ping a windows 10 computer 12 56
Adding switches as opposed to running cables 4 95
network error 8 35
Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now