DNS Behavior

Mark Andrews Mark_Andrews at isc.org
Mon Oct 15 23:44:44 UTC 2007 

> > No, it is not.  K.GTLD-SERVERS.NET is not a root server. You can get
> > the list of root name servers with "dig NS ." (".", the dot, being the
> > root).
> >
> > > Why for google.com.ar (or any other .com.xx domain) the answer
> > > doesn't comes from "athea.ar" (country specific root server) for
> > > example?
> >
> > I do not see what could be a "country specific root server".
> >
> > Otherwise, the difference between the ".com" name servers and the
> > ".ar" name servers comes simply from the fact that the ".com" name
> > servers (wrongly) send the answer in the Answer section, while the
> > ".ar" name servers, like most of the sensible name servers put it in
> > the Authority section, since they are not authoritative for the
> > data. I would say "blame Verisign".
> >
> 
> I was referring to "country specific root servers" to the ones which handles
> this domains (.ar). Are they called Country top level domains servers? sorry
> the confusion.
>
> What I mean, for example:
> 
> for .ar domains, a dig google.com.ar NS +trace goes to the authoritative
> nameserver (ns1.google.com), which means that if the NS authoritative of
> google.com.ar are down, you won't get the NS records.
> for .com domains, a dig google.com NS +trace goes to the *.GTLD-SERVERS.NET,
> which means that if the NS authoritative for google.com are down, you'll get
> the NS anyway (configured in the registrar).
> 
> it only happens when you query the NS records for a domain name, if you
> query any other fqdn type, it goes to the authoritative nameserver.
> 
> I realize of this becase I was trying to do a small program to verify which
> NS a domain has configured in the registrar and compare them with the
> records configured in the auth servers.
> 
> As I can think, getting NS from the registrar is useful, but the question
> would be: How can I get NS records from the registry for .ar or any other
> ctld domains? (country top level domains?)
> 
> So the problem comes from Verisign sending its resposes in the answer
> section?
> 
> Do you know how can I workaround what I need?

	You code to handle both response types.

	Note the answers from the COM server are not authoritative.

	Mark
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

More information about the bind-users mailing list