DNS Server Info...

Kevin Darcy kcd at daimlerchrysler.com
Sat Jun 10 01:07:40 UTC 2000


nate_yuri at yahoo.com wrote:

> Quick question RE: DNS servers..
>
> Is there a way to find out which DNS server you connect to when connecting
> to a webserver??
>
> I understand that it *SHOULD* (correct me if I'm wrong) hit the primary DNS
> server first (listed with InterNIC) then if it doesn't answer it then
> proceeds to connect to the 2nd DNS server (listed with InterNIC)..

The InterNIC data only shows what is in the root or certain TLD nameservers,
and that data, in turn, is really only useful to other nameservers. For a
*client* (like a desktop PC, for instance), the nameserver used for resolution
is configured in its resolver configuration, which is typically either built
dynamically on bootup from DHCP, or consists of a file (/etc/resolv.conf for
most Unix platforms) or registry settings (for WinTel).

> Is there a command line I can use to trace which DNS server it hits to get
> the website info ??

I believe Dan Bernstein's "dnscache" package has a tracing tool like that. But
this is a BIND list, so you didn't hear that from me  :-)

Assuming you have full Internet DNS connectivity, it's possible to mimic the
way nameservers talk to each other: turn recursion off -- and, in the case of
"nslookup", debugging on -- and send your query explicitly to servers listed
in the "Authority" sections of the responses you get, starting with a root
server, until you get the answer, an NXDOMAIN response, or an authoritative
answer with an empty "Answer" section (all 3 of which mean that there's no
more referrals to follow). What you're doing is working down the domain
namespace "tree" until you can get to the last "branch" whereupon the
nameserver responding to you can answer definitively whether the name, or the
name/type combination you queried, exists or not. Bear in mind that this
mimics a "worst case" for Internet query-resolution: most nameservers will at
any given moment already have some of the higher-level-domain referral data
cached in memory and therefore can skip some of the initial steps.

The "dig" utility is much better at this kind of thing than "nslookup", by the
way.

> I mean aside from pinging the Primary DNS server Myself (if it responds - I
> can assume that it's up and will answer to any website query for the zones
> it hosts).
>
> When I try NSLOOKUP www.whatever.com , it hits my ISP's server then returns
> the website address.. it never showed the DNS Server info (Pri or Sec) for
> the website www.whatever.com

Right. Because your *resolver* configuration points at your ISP's server. Not
only that, but most client resolvers are "recursive", meaning that they tell
the nameserver "do all of the work to resolve this name and then just give me
back the answer". Since your ISP's nameserver is doing all of the work behind
the scenes, you never see all of the queries it is generating to resolve the
name for you. All you see is the completed response coming back.

> (I'm thinking my ISP's server is replicating
> the DNS info for the website but the DNS servers for the site ONLY allows
> access to certain DNS servers in it's NOTIFY list).

It has nothing to do with replication or NOTIFY lists. It's just a simple
function of how resolvers and recursive queries work.


- Kevin








More information about the bind-users mailing list