And for extra credit - Is it possible to find the origins of conflicting DNS records?
A:
An easy way is to use an online domain tool. My favorite is Domain Tools (formerly whois.sc). I'm not sure if they can resolve conflicting DNS records though. As an example, the DNS servers for stackoverflow.com are
NS51.DOMAINCONTROL.COM
NS52.DOMAINCONTROL.COM
Kyle Cronin
2008-09-01 15:01:25
+4
A:
You'll want the SOA (Start of Authority) record for a given domain name, and this is how you accomplish it using the universally available nslookup command line tool:
command line> nslookup
> set querytype=soa
> stackoverflow.com
Server: 217.30.180.230
Address: 217.30.180.230#53
Non-authoritative answer:
stackoverflow.com
origin = ns51.domaincontrol.com # ("primary name server" on Windows)
mail addr = dns.jomax.net # ("responsible mail addr" on Windows)
serial = 2008041300
refresh = 28800
retry = 7200
expire = 604800
minimum = 86400
Authoritative answers can be found from:
stackoverflow.com nameserver = ns52.domaincontrol.com.
stackoverflow.com nameserver = ns51.domaincontrol.com.
The origin (or primary name server on Windows) line tells you that ns51.domaincontrol is the main name server for stackoverflow.com.
At the end of output all authoritative servers, including backup servers for the given domain, are listed.
Antti Sykäri
2008-09-01 15:04:19
A:
I have a DNS propagation tool designed to answer these kind of questions.
Source is released under the AGPLv3.
(Yes, the interface is rather basic at the moment :) )
You could also find out the nameservers for a domain with the "host" command:
[davidp@supernova:~]$ host -t ns stackoverflow.com stackoverflow.com name server ns51.domaincontrol.com. stackoverflow.com name server ns52.domaincontrol.com.
David Precious
2008-09-01 15:05:51
A:
You can use the whois service. On a UNIX like operating system you would execute the following command. Alternatively you can do it on the web at http://www.internic.net/whois.html.
whois stackoverflow.com
You would get the following response.
...text removed here...
Domain servers in listed order: NS51.DOMAINCONTROL.COM NS52.DOMAINCONTROL.COM
You can use nslookup or dig to find out more information about records for a given domain. This might help you resolve the conflicts you have described.
cdv
2008-09-01 15:06:18
Nothing says that the information given by whois is up to date. Frequently, it is not because people update the NS records in the zone file without notifying the registry or the registrar.
bortzmeyer
2008-12-24 07:48:56
He asked for the name servers, not for the IPv4 address. So type (-t) should be NS, not A.
bortzmeyer
2008-12-24 07:41:25
+1
A:
The term you should be googling is "authoritative," not "definitive".
On Linux or Mac you can use the commands whois, dig, host, nslookup or several others. nslookup might also work on Windows.
An example:
$ whois stackoverflow.com
[...]
Domain servers in listed order:
NS51.DOMAINCONTROL.COM
NS52.DOMAINCONTROL.COM
As for the extra credit: Yes, it is possible.
aryeh is definitely wrong, as his suggestion usually will only give you the IP address for the hostname. If you use dig, you have to look for NS records, like so:
dig ns stackoverflow.com
Keep in mind that this may ask your local DNS server and thus may give wrong or out-of-date answers that it has in its cache.
hop
2008-09-01 15:10:24
These commands are **not** equivalent. Nothing says that the information given by whois is up to date. Frequently, it is not because people update the NS records in the zone file without notifying the registry or the registrar.
bortzmeyer
2008-12-24 07:51:03
I never said they were ;)You can change the NS records in your zone all you want, as long as the parent zone is not updated, nothing will change. And an update of the parent zone usually goes hand in hand with an update of the whois data (at least with my providers).
hop
2008-12-25 13:09:37
A:
I did what Antti Sykäri suggested. I got the following result.
RQD5:~ jon$ nslookup
> set querytype=soa
> r******s.co.uk
Server: 192.168.2.1
Address: 192.168.2.1#53
Non-authoritative answer:
r******ys.co.uk
origin = ns1.turbodns.co.uk
mail addr = hostmaster.r******s.co.uk
serial = 2008090115
refresh = 28800
retry = 7200
expire = 604800
minimum = 600
Authoritative answers can be found from:
>
The name server listed as origin is not what I expected to see there and is hopefully the source of the erroneous records.
Should I be concerned that I do not have Authoritative answers?
Binarytales
2008-09-01 15:16:03
The answer is non authoritative because you asked (this is the default behavior) your local resolver/cache, 192.168.2.1. Not, this is not a problem, except if the data changed recently.
bortzmeyer
2008-12-24 07:49:52
The "origin" field in the SOA is often meaningless. Since it is not used for real DNS working (except dynamic updates), people sometimes put anything in this field.
bortzmeyer
2008-12-24 07:50:32
A:
There are a number of free DNS tools out there that can check anything like this for you, (as long as you already have an internet connection of course).
My favourite at the moment is: http://mydnstools.info
+1
A:
You used the singular in your question but there are typically several authoritative name servers, the RFC 1034 recommends at least two.
Unless you mean "primary name server" and not "authoritative name server". The secondary name servers are authoritative.
To find out the name servers of a domain on Unix:
% dig +short NS stackoverflow.com
ns52.domaincontrol.com.
ns51.domaincontrol.com.
To find out the server listed as primary (the notion of "primary" is quite fuzzy these days and typically has no good answer):
% dig +short SOA stackoverflow.com | cut -d' ' -f1
ns51.domaincontrol.com.
To check discrepencies between name servers, my preference goes to the old check_soa tool, described in Liu & Albitz "DNS & BIND" book (O'Reilly editor). The source code is available in http://examples.oreilly.com/dns5/
% check_soa stackoverflow.com
ns51.domaincontrol.com has serial number 2008041300
ns52.domaincontrol.com has serial number 2008041300
Here, the two authoritative name servers have the same serial number. Good.
bortzmeyer
2008-12-24 07:47:25
A:
Unfortunately, most of these tools only return the NS record as provided by the actual name server itself. To be more accurate in determining which name servers are actually responsible for a domain, you'd have to either use "whois" and check the domains listed there OR use "dig [domain] NS @[root name server]" and run that recursively until you get the name server listings...
I wish there were a simple command line that you could run to get THAT result dependably and in a consistent format, not just the result that is given from the name server itself. The purpose of this for me is to be able to query about 330 domain names that I manage so I can determine exactly which name server each domain is pointing to (as per their registrar settings).
Anyone know of a command using "dig" or "host" or something else on *nix?
Simple. Let's assume the domain is example.org. First, you need to find the name servers of ".org" with 'dig +short NS org.'. Then you query one of them (anyone, they are all authoritative). Let's choose d0.org.afilias-nst.org. You query with 'dig @d0.org.afilias-nst.org NS example.org.'.
bortzmeyer
2009-02-12 07:56:02
The fact that the resolver returns, by default, the name servers listed by the domain itself is a good thing. That's the authoritative information. The delegation in the parent zone is NOT authoritative.
bortzmeyer
2009-02-12 07:56:58