DNS Behavior

Pablo L. Arturi parturi at bairesweb.com
Tue Oct 16 00:25:43 UTC 2007 

> > > No, it is not.  K.GTLD-SERVERS.NET is not a root server. You can get
> > > the list of root name servers with "dig NS ." (".", the dot, being the
> > > root).
> > >
> > > > Why for google.com.ar (or any other .com.xx domain) the answer
> > > > doesn't comes from "athea.ar" (country specific root server) for
> > > > example?
> > >
> > > I do not see what could be a "country specific root server".
> > >
> > > Otherwise, the difference between the ".com" name servers and the
> > > ".ar" name servers comes simply from the fact that the ".com" name
> > > servers (wrongly) send the answer in the Answer section, while the
> > > ".ar" name servers, like most of the sensible name servers put it in
> > > the Authority section, since they are not authoritative for the
> > > data. I would say "blame Verisign".
> > >
> >
> > I was referring to "country specific root servers" to the ones which
handles
> > this domains (.ar). Are they called Country top level domains servers?
sorry
> > the confusion.
> >
> > What I mean, for example:
> >
> > for .ar domains, a dig google.com.ar NS +trace goes to the authoritative
> > nameserver (ns1.google.com), which means that if the NS authoritative of
> > google.com.ar are down, you won't get the NS records.
> > for .com domains, a dig google.com NS +trace goes to the
*.GTLD-SERVERS.NET,
> > which means that if the NS authoritative for google.com are down, you'll
get
> > the NS anyway (configured in the registrar).
> >
> > it only happens when you query the NS records for a domain name, if you
> > query any other fqdn type, it goes to the authoritative nameserver.
> >
> > I realize of this becase I was trying to do a small program to verify
which
> > NS a domain has configured in the registrar and compare them with the
> > records configured in the auth servers.
> >
> > As I can think, getting NS from the registrar is useful, but the
question
> > would be: How can I get NS records from the registry for .ar or any
other
> > ctld domains? (country top level domains?)
> >
> > So the problem comes from Verisign sending its resposes in the answer
> > section?
> >
> > Do you know how can I workaround what I need?
>
> You code to handle both response types.
>
> Note the answers from the COM server are not authoritative.
>
> Mark

Excellent!

I doubt I get any responses writting to verisign, but anyway I will send
them a message.
It would be nice if there's someone from verisign in this list, able to
explain why they do what they do.

If someone else knows why, please instruct :)

Mark, Nial, Stephane
Many thanks for your time and help.

Pablo

More information about the bind-users mailing list