finding authoritative nameservers

Ronald F. Guilmette rfg at
Mon May 19 23:26:20 UTC 2008

In message <AFB3CCEB-9310-4CD2-89B3-EE302AF0B850 at>, 
Chris Buxton <cbuxton at> wrote:

>On May 19, 2008, at 3:09 PM, Ronald F. Guilmette wrote:
>> In message <ADA073C8-E7F4-4144-ACDA-3CED0669470A at>,
>> Chris Buxton <cbuxton at> wrote:
>>> - Query the parent zone to retrieve the target zone's delegation NS
>>> records.
>> That would be one approach.  But as I noted in my immediately prior  
>> post,
>> I elected to just force a type `ANY' query (for the original FQDN I  
>> was
>> interested in) to be sent to the primary name server, whose name I  
>> grabbed
>> from the SOA record.  Then I just grab the list of relevant NSes out  
>> of
>> the AUTHORITY section of the response to that ANY query.
>> This seems to work OK.  Good enough for my purposes anyway.
>Actually, many DNS server implementations don't return anything in the  
>Authority section for a positive answer. Such records are not required  
>by RFC. An example is MS DNS - not exactly an uncommon name server  

Yeabut even in those (degenerate?) cases, I still do at least have the
name of the primary... which is something.  (And for my purposes, it is
more than enough to hang my hat on.)

>Therefore, you should actually query for the NS records, since any  
>standards-compliant authoritative name server will return those if  
>explicitly asked.

OK, sorry, I've lost context.  Can you run this part by me again please?
How exactly do I do what you're saying I should do?

Assume that I stared with  Now assume that I've already
learned (from some SOA record) that the primary NS for that is called  Tell me what to do next.

Are you saying that I should send a type NS query to for
the name

Won't that only produce useful results in cases where
itself has one or more NS records associated with that specific and complete

More information about the bind-users mailing list