Getting hold of serial numbers

[Bill Larson]

On Dec 16, 2004, at 5:43 AM, Johnathan Long wrote:

> In article <cpqprj$29cb$1 at sf1.isc.org>,
>  Barry Margolin <barmar at alum.mit.edu> wrote:
>
>> If you ever see a difference between WHOIS and a delegation, it's 
>> either
>> because you caught it during a change window (the WHOIS database has
>> updated, but the changes haven't propagated to the GTLD servers) or
>> something is broken in the process of feeding data from registrar to
>> registry to DNS.
>
> Yes, and that condition is far more common than one would hope.

There is also another issue here that is being missed.  The list of 
delegated name servers for a zone comes from the server itself, not the 
parent.  This means that the administrator of a zone can delegate more 
servers for a zone than the parent knows of.

Using the example that generated this topic, "totalflood.com", the GTLD 
servers identify four servers for this zone.  These are identical to 
the servers that "whois" identifies.  When you query one of these 
servers you obtain a list of nine servers, five more delegated servers 
than the parent, GTLD, servers know of.

Once a query for any "totalflood.com" DNS information is obtained from 
one of the servers identified in by the parent, then the complete list 
of servers identified by the delegated server will be known.  This list 
of delegated servers may NOT be the same as the list of servers known 
to either the whois system or the GTLD servers.  The GTLD and root 
servers are not authoritative for the second level domains, like 
"totalflood.com", only the top level domains.

So, to know what name servers to query to check the SOA records, you 
need to check all of the name servers that are listed by an 
authoritative name server for a zone, which are defined on those 
servers themselves, rather than just the servers identified by the 
parent or from whois.

Bill Larson