DNS Behavior

Stephane Bortzmeyer bortzmeyer at nic.fr
Tue Oct 16 07:40:04 UTC 2007

On Mon, Oct 15, 2007 at 06:30:21PM -0300,
 Pablo L. Arturi <parturi at bairesweb.com> wrote 
 a message of 46 lines which said:

> I was referring to "country specific root servers" to the ones which
> handles this domains (.ar). Are they called Country top level
> domains servers?

Yes, TLD servers or ccTLD servers if you want to be very specific.

> it only happens when you query the NS records for a domain name, if
> you query any other fqdn type, it goes to the authoritative
> nameserver.

[I suspect it would also happen for glue records.]

Yes, this is because NS records are the only records (with glue A and
AAAA and DS) which can be outside their zone, in the parent zone.
> I realize of this becase I was trying to do a small program to
> verify which NS a domain has configured in the registrar and compare
> them with the records configured in the auth servers.

The proper algorithm would be to send the request directly to the TLD
nameserver (and with recursion off, because some TLD servers are

With dig:

% dig +norecurse @athea.ar NS google.com.ar

; <<>> DiG 9.3.4 <<>> +norecurse @athea.ar NS google.com.ar
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44456
;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 0

;google.com.ar.                 IN      NS

google.com.ar.          14400   IN      NS      ns1.google.com.
google.com.ar.          14400   IN      NS      ns2.google.com.

More information about the bind-users mailing list