I understand how I can change the dns settings for my domains by editing my bind configs, when I run my own nameservers. I know that I can define the nameservers with my registrar via their online control panels. But I have no idea how that part works...
How does my registrar store the data about the nameservers? Is it something clever, like them having the authority to store NS records in the root nameservers?
I'm confused by this part, can anyone explain?
The registrar is responsible for setting the Root DNS entry that says, "When someone asks for stackoverflow.com, tell them that the authoritative DNS is xxx.xxx.xxx.xxx". They have an interface that allows them to make changes to the records they own.
Then the requester must go to the authoritative DNS (Which is the one you specified to your registrar was your DNS) to find the IP for stackoverflow.com, any subdomain of it, email server, and other DNS records pertaining to that domain.
I've just been shown this:
# dig +trace ns stackoverflow.com
; <<>> DiG 9.2.4 <<>> +trace ns stackoverflow.com
;; global options: printcmd
. 269431 IN NS B.ROOT-SERVERS.NET.
. 269431 IN NS C.ROOT-SERVERS.NET.
. 269431 IN NS D.ROOT-SERVERS.NET.
. 269431 IN NS E.ROOT-SERVERS.NET.
. 269431 IN NS F.ROOT-SERVERS.NET.
. 269431 IN NS G.ROOT-SERVERS.NET.
. 269431 IN NS H.ROOT-SERVERS.NET.
. 269431 IN NS I.ROOT-SERVERS.NET.
. 269431 IN NS J.ROOT-SERVERS.NET.
. 269431 IN NS K.ROOT-SERVERS.NET.
. 269431 IN NS L.ROOT-SERVERS.NET.
. 269431 IN NS M.ROOT-SERVERS.NET.
. 269431 IN NS A.ROOT-SERVERS.NET.
;; Received 504 bytes from 83.138.151.80#53(83.138.151.80) in 3 ms
com. 172800 IN NS A.GTLD-SERVERS.NET.
com. 172800 IN NS B.GTLD-SERVERS.NET.
com. 172800 IN NS C.GTLD-SERVERS.NET.
com. 172800 IN NS D.GTLD-SERVERS.NET.
com. 172800 IN NS E.GTLD-SERVERS.NET.
com. 172800 IN NS F.GTLD-SERVERS.NET.
com. 172800 IN NS G.GTLD-SERVERS.NET.
com. 172800 IN NS H.GTLD-SERVERS.NET.
com. 172800 IN NS I.GTLD-SERVERS.NET.
com. 172800 IN NS J.GTLD-SERVERS.NET.
com. 172800 IN NS K.GTLD-SERVERS.NET.
com. 172800 IN NS L.GTLD-SERVERS.NET.
com. 172800 IN NS M.GTLD-SERVERS.NET.
;; Received 495 bytes from 192.228.79.201#53(B.ROOT-SERVERS.NET) in 145 ms
stackoverflow.com. 172800 IN NS ns51.domaincontrol.com.
stackoverflow.com. 172800 IN NS ns52.domaincontrol.com.
;; Received 119 bytes from 192.5.6.30#53(A.GTLD-SERVERS.NET) in 156 ms
Does this tell me that the stackoverflow.com nameservers have been stored in the .com name servers?
Or is it just that they happen to be there now?
Sorry I can't help toooooo much, but go to http://twit.tv, and find the Security Now podcast - they did one a couple of weeks ago on DNS - get the first one. It has a good explanation of how it works etc (which may help).
The second one on that site is about how it's been "hacked" - the first one is the how it works.
To kinda answer it:
The "root servers" (for .com for eg) hold a record for stackoverflow.com. But they can't hold all the details, so they have an NS record (name server record) saying "if you want more info, go look over there". So your machine asks that target machine (ns1.stackoverflow.com) for www.stackoverflow.com, and gets back the A record (IP address), or MX (mail etc)
So, your domain register will store it in a database or whatever they chose, and when you do an update, they SOMEHOW (I dont know, but I guess it's published by NIC, but they DO have to pay to be a registrar, and be checked out etc) push that change to the (cluster of) root name servers. They would then push the changes for your domain (eg where www goes, where your mail goes etc) to their local server, which actually serves the domain info.
Hope that makes SOME sense :)
Does this tell me that the stackoverflow.com nameservers have been stored in the .com name servers?
Yes and no.
Its like you going calling directory assistance for everything ending in .com. You ask for stackoverflow - they tell you "if you want SO, call this number, and they can tell you how to get Jeff (www), Joel (mail), etc.".
The root server is the first directory assistance. Your register's name server is the one on the end of the second call (assuming you called it :) )
It may be helpful to understand the difference between a "registrar" and a "registry" to begin with. A registrar is a company that sells domain names (ie. godaddy) to buyers. Anyone can be a registrar. You can become a registrar.
A registry is an entity (chosen by ICANN) that maintains the master database of domain names. There are several registries out there. The Internet Society (ISOC) is the registry for all .org names, Verisign is the registry for all .com and .net domain names. There are others and each country has one for their domain. All the registrars access and update the registry databases.
A registry is responsible for maintaining the top level domain (TLD) which is the ultimate DNS server. A request to resolve a domain name, if it can't be resolved by any other DNS server will filter up to the TLD. Think of it as a hierarchy like a tree where the TLD is the trunk. At that point it will be resolved into an IP address or an error will be returned.
There are some mistakes in the answers so far (and I have not yet sufficient reputation to comment on them).
The ".com" name servers are in no way related with the root name servers. When you change the name servers of stackoverflow.com, through your registrar, the change is made in the ".com" name servers. Root name servers are unaffected.
It is not true that the registries are all choosen by ICANN. The ccTLD registries (country-code TLD like ".jp" or ".ca"), for instance, are choosen locally, by a process which depends on the country.
Not all TLD use a registry/registrar system.