finding authoritative nameservers

Chris Buxton cbuxton at menandmice.com
Mon May 19 23:48:51 UTC 2008 

On May 19, 2008, at 4:26 PM, Ronald F. Guilmette wrote:
> In message <AFB3CCEB-9310-4CD2-89B3-EE302AF0B850 at menandmice.com>,
> Chris Buxton <cbuxton at menandmice.com> wrote:
>
>> On May 19, 2008, at 3:09 PM, Ronald F. Guilmette wrote:
>>> In message <ADA073C8-E7F4-4144-ACDA-3CED0669470A at menandmice.com>,
>>> Chris Buxton <cbuxton at menandmice.com> wrote:
>>>
>>>> - Query the parent zone to retrieve the target zone's delegation NS
>>>> records.
>>>
>>> That would be one approach.  But as I noted in my immediately prior
>>> post,
>>> I elected to just force a type `ANY' query (for the original FQDN I
>>> was
>>> interested in) to be sent to the primary name server, whose name I
>>> grabbed
>>> from the SOA record.  Then I just grab the list of relevant NSes out
>>> of
>>> the AUTHORITY section of the response to that ANY query.
>>>
>>> This seems to work OK.  Good enough for my purposes anyway.
>>
>> Actually, many DNS server implementations don't return anything in  
>> the
>> Authority section for a positive answer. Such records are not  
>> required
>> by RFC. An example is MS DNS - not exactly an uncommon name server
>> version.
>
> Yeabut even in those (degenerate?) cases, I still do at least have the
> name of the primary... which is something.  (And for my purposes, it  
> is
> more than enough to hang my hat on.)

You're assuming the SOA record actually contains the primary master  
server's name, or indeed the name of any of the authoritative name  
servers. This is not a safe assumption, since it's subject to user  
error and such an error often does not cause any operational problems  
for the zone.

>> Therefore, you should actually query for the NS records, since any
>> standards-compliant authoritative name server will return those if
>> explicitly asked.
>
> OK, sorry, I've lost context.  Can you run this part by me again  
> please?
> How exactly do I do what you're saying I should do?
>
> Assume that I stared with foobar.example.com.  Now assume that I've  
> already
> learned (from some SOA record) that the primary NS for that is called
> ns1.example.com.  Tell me what to do next.
>
> Are you saying that I should send a type NS query to ns1.example.com  
> for
> the name foobar.example.com?

Probably not. The query name should match the name of the SOA record  
you've previously discovered - the name of the containing zone.

> Won't that only produce useful results in cases where  
> foobar.example.com
> itself has one or more NS records associated with that specific and  
> complete
> FQDN?

Yes, it would. But the name of an SOA record is always the name of a  
zone, which ought to therefore have NS records.

Chris Buxton
Professional Services
Men & Mice

More information about the bind-users mailing list