DNS Behavior
Pablo L. Arturi
parturi at bairesweb.com
Mon Oct 15 17:33:14 UTC 2007
Hello everyone. It's probably a common behavior, but I cound't find any answer to this, even reading all RFC docs.
If I query google.com for NS records (and only NS records), the AA answer comes from a root server
If I query google.com for NS records (or any other country specific domain), the AA answer comes from the AA NS of that domain.
As you will see, this are both results:
;; Received 177 bytes from 216.239.36.10#53(ns3.google.com) in 160 ms < this is google's NS server
;; Received 164 bytes from 192.52.178.30#53(K.GTLD-SERVERS.NET) in 206 ms < this is a root server
See this examples: (I removed all unrelated information from the output)
QUERYING google.com.ar
[root at postfix root]# dig google.com.ar -t NS +trace
; <<>> DiG 9.2.2-P3 <<>> google.com.ar -t NS +trace
;; global options: printcmd
. 513960 IN NS B.ROOT-SERVERS.NET.
. 513960 IN NS C.ROOT-SERVERS.NET.
. 513960 IN NS D.ROOT-SERVERS.NET.
. 513960 IN NS E.ROOT-SERVERS.NET.
. 513960 IN NS F.ROOT-SERVERS.NET.
. 513960 IN NS G.ROOT-SERVERS.NET.
. 513960 IN NS H.ROOT-SERVERS.NET.
. 513960 IN NS I.ROOT-SERVERS.NET.
. 513960 IN NS J.ROOT-SERVERS.NET.
. 513960 IN NS K.ROOT-SERVERS.NET.
. 513960 IN NS L.ROOT-SERVERS.NET.
. 513960 IN NS M.ROOT-SERVERS.NET.
. 513960 IN NS A.ROOT-SERVERS.NET.
;; Received 276 bytes from 190.2.55.4#53(190.2.55.4) in 0 ms
ar. 172800 IN NS UUCP-GW-1.PA.DEC.COM.
ar. 172800 IN NS UUCP-GW-2.PA.DEC.COM.
ar. 172800 IN NS NS.UU.NET.
ar. 172800 IN NS NS1.RETINA.ar.
ar. 172800 IN NS ATHEA.ar.
ar. 172800 IN NS CTINA.ar.
ar. 172800 IN NS NS-AR.RIPE.NET.
ar. 172800 IN NS MERAPI.SWITCH.CH.
;; Received 388 bytes from 192.228.79.201#53(B.ROOT-SERVERS.NET) in 182 ms
com.ar. 86400 IN NS athea.ar.
com.ar. 86400 IN NS ctina.ar.
com.ar. 86400 IN NS merapi.switch.ch.
com.ar. 86400 IN NS relay1.mecon.gov.ar.
com.ar. 86400 IN NS ns.UU.NET.
com.ar. 86400 IN NS ns1.retina.ar.
;; Received 244 bytes from 204.123.2.18#53(UUCP-GW-1.PA.DEC.COM) in 189 ms
google.com.ar. 14400 IN NS ns3.google.com.
google.com.ar. 14400 IN NS ns4.google.com.
google.com.ar. 14400 IN NS ns1.google.com.
google.com.ar. 14400 IN NS ns2.google.com.
;; Received 113 bytes from 200.16.98.2#53(athea.ar) in 6 ms
google.com.ar. 345600 IN NS ns4.google.com.
google.com.ar. 345600 IN NS ns1.google.com.
google.com.ar. 345600 IN NS ns2.google.com.
google.com.ar. 345600 IN NS ns3.google.com.
;; Received 177 bytes from 216.239.36.10#53(ns3.google.com) in 160 ms
QUERYING google.com.ar
[root at postfix root]# dig google.com -t NS +trace
; <<>> DiG 9.2.2-P3 <<>> google.com -t NS +trace
;; global options: printcmd
. 513884 IN NS B.ROOT-SERVERS.NET.
. 513884 IN NS C.ROOT-SERVERS.NET.
. 513884 IN NS D.ROOT-SERVERS.NET.
. 513884 IN NS E.ROOT-SERVERS.NET.
. 513884 IN NS F.ROOT-SERVERS.NET.
. 513884 IN NS G.ROOT-SERVERS.NET.
. 513884 IN NS H.ROOT-SERVERS.NET.
. 513884 IN NS I.ROOT-SERVERS.NET.
. 513884 IN NS J.ROOT-SERVERS.NET.
. 513884 IN NS K.ROOT-SERVERS.NET.
. 513884 IN NS L.ROOT-SERVERS.NET.
. 513884 IN NS M.ROOT-SERVERS.NET.
. 513884 IN NS A.ROOT-SERVERS.NET.
;; Received 292 bytes from 190.2.55.4#53(190.2.55.4) in 0 ms
com. 172800 IN NS K.GTLD-SERVERS.NET.
com. 172800 IN NS L.GTLD-SERVERS.NET.
com. 172800 IN NS M.GTLD-SERVERS.NET.
com. 172800 IN NS A.GTLD-SERVERS.NET.
com. 172800 IN NS B.GTLD-SERVERS.NET.
com. 172800 IN NS C.GTLD-SERVERS.NET.
com. 172800 IN NS D.GTLD-SERVERS.NET.
com. 172800 IN NS E.GTLD-SERVERS.NET.
com. 172800 IN NS F.GTLD-SERVERS.NET.
com. 172800 IN NS G.GTLD-SERVERS.NET.
com. 172800 IN NS H.GTLD-SERVERS.NET.
com. 172800 IN NS I.GTLD-SERVERS.NET.
com. 172800 IN NS J.GTLD-SERVERS.NET.
;; Received 488 bytes from 192.228.79.201#53(B.ROOT-SERVERS.NET) in 182 ms
google.com. 172800 IN NS ns1.google.com.
google.com. 172800 IN NS ns2.google.com.
google.com. 172800 IN NS ns3.google.com.
google.com. 172800 IN NS ns4.google.com.
;; Received 164 bytes from 192.52.178.30#53(K.GTLD-SERVERS.NET) in 206 ms
Any exaplanation on why DNS behavies this way? I mean:
Why for google.com.ar (or any other .com.xx domain) the answer doesn't comes from "athea.ar" (country specific root server) for example?
Thank you!
Pablo
More information about the bind-users
mailing list