[dns-operations] Upcoming DNS behavior changes to .com/.net/.edu name servers

Phil Pennock dnsop+phil at spodhuis.org
Thu Mar 4 18:55:35 UTC 2010


On 2010-03-04 at 11:07 -0600, Ken A wrote:
> Simply using dig without +short seems to work.

+short only shows you RR data from the Answer section.  With the
changes, the NS records move into the Authority section, because the NS
records for a domain live within that domain.  So the gTLDs are now
providing authority-section pointers, instead of non-auth answers.

dig +noall +authority -t ns example.com @I.GTLD-SERVERS.NET
example.com.            172800  IN      NS      a.iana-servers.net.
example.com.            172800  IN      NS      b.iana-servers.net.

For compatibility with both old and new, provide both +answer and
+authority.

% dig +noall +answer +authority -t ns example.com @a.GTLD-SERVERS.NET
example.com.            172800  IN      NS      a.iana-servers.net.
example.com.            172800  IN      NS      b.iana-servers.net.
% dig +noall +answer +authority -t ns example.com @I.GTLD-SERVERS.NET
example.com.            172800  IN      NS      a.iana-servers.net.
example.com.            172800  IN      NS      b.iana-servers.net.

> Is there another recommended way to query the roots for a NS record, 
> bypassing local DNS?

dig +norec +answer +authority -t ns ZONE @SERVER ?

-Phil



More information about the dns-operations mailing list