finding authoritative nameservers
Chris Buxton
cbuxton at menandmice.com
Mon May 19 22:48:16 UTC 2008
On May 19, 2008, at 3:09 PM, Ronald F. Guilmette wrote:
> In message <ADA073C8-E7F4-4144-ACDA-3CED0669470A at menandmice.com>,
> Chris Buxton <cbuxton at menandmice.com> wrote:
>
>> - Query the parent zone to retrieve the target zone's delegation NS
>> records.
>
> That would be one approach. But as I noted in my immediately prior
> post,
> I elected to just force a type `ANY' query (for the original FQDN I
> was
> interested in) to be sent to the primary name server, whose name I
> grabbed
> from the SOA record. Then I just grab the list of relevant NSes out
> of
> the AUTHORITY section of the response to that ANY query.
>
> This seems to work OK. Good enough for my purposes anyway.
Actually, many DNS server implementations don't return anything in the
Authority section for a positive answer. Such records are not required
by RFC. An example is MS DNS - not exactly an uncommon name server
version.
Therefore, you should actually query for the NS records, since any
standards-compliant authoritative name server will return those if
explicitly asked. (HTTP load balancers are notably not usually RFC-
compliant.)
Chris Buxton
Professional Services
Men & Mice
More information about the bind-users
mailing list