[dns-operations] aws.amazon.com zone has only one nameserver
Andrew Boling
aboling at gmail.com
Tue Dec 8 15:15:50 UTC 2015
Mark has the right idea. The initial lookup will pull in multiple NS
records (from the glue), but when the glue expires or the conditions for a
NS record refresh are otherwise met, the number of records will drop down
to one. Less than ideal.
# dig @pdns1.ultradns.net +norecurse +noall +authority aws.amazon.com NS
aws.amazon.com. 7200 IN NS ns-932.amazon.com.
aws.amazon.com. 7200 IN NS ns-923.amazon.com.
aws.amazon.com. 7200 IN NS ns-931.amazon.com.
aws.amazon.com. 7200 IN NS ns-912.amazon.com.
aws.amazon.com. 7200 IN NS ns-921.amazon.com.
aws.amazon.com. 7200 IN NS ns-911.amazon.com.
# dig @ns-932.amazon.com +norecurse +short aws.amazon.com NS
ns-932.amazon.com.
# dig @75.75.75.75 +short aws.amazon.com NS # Comcast
ns-921.amazon.com.
# dig @8.8.8.8 +short aws.amazon.com NS # Google
ns-924.amazon.com.
On Tue, Dec 8, 2015 at 7:58 AM, Mark Jeftovic <markjr at easydns.com> wrote:
> I believe this is the entire set:
>
> $ dig +trace aws.amazon.com
>
> [snip]
>
> aws.amazon.com. 7200 IN NS ns-932.amazon.com.
> aws.amazon.com. 7200 IN NS ns-923.amazon.com.
> aws.amazon.com. 7200 IN NS ns-931.amazon.com.
> aws.amazon.com. 7200 IN NS ns-912.amazon.com.
> aws.amazon.com. 7200 IN NS ns-921.amazon.com.
> aws.amazon.com. 7200 IN NS ns-911.amazon.com.
> ;; Received 261 bytes from 204.74.108.1#53(pdns1.ultradns.net) in 170 ms
>
>
> but each nameserver is only returning it's own RR (I think)
>
> - mark
>
> On 2015-12-08 7:35 AM, Valentin Bud wrote:
> > Hello Yonghua,
> >
> > Fom where I am standing (.ro) things look differently, as it follows.
> >
> > ~$ dig +short aws.amazon.com <http://aws.amazon.com> ns in
> > ns-932.amazon.com <http://ns-932.amazon.com>.
> >
> > ~$ dig +short ns-932.amazon.com <http://ns-932.amazon.com>. a in
> > 52.16.221.207
> >
> > I guess that Amazon has geo aware DNS configuration in place.
> >
> > Also I can find the A IN for ns-911.amazon.com
> > <http://ns-911.amazon.com/> and it matches yours.
> >
> > ~$ dig +short ns-911.amazon.com <http://ns-911.amazon.com>. a in
> > 207.171.178.6
> >
> > Best,
> > Valentin
> >
> > On Tue, Dec 8, 2015 at 2:10 PM Yonghua Peng <pyh at cloud-china.org
> > <mailto:pyh at cloud-china.org>> wrote:
> >
> > Hi,
> >
> > As you see,
> >
> > ~$ idig aws.amazon.com <http://aws.amazon.com> ns
> > aws.amazon.com <http://aws.amazon.com>. 587 IN NS
> > ns-911.amazon.com <http://ns-911.amazon.com>.
> >
> > ~$ idig aws.amazon.com <http://aws.amazon.com> soa
> > aws.amazon.com <http://aws.amazon.com>. 60 IN SOA
> > ns-911.amazon.com <http://ns-911.amazon.com>.
> > root.amazon.com <http://root.amazon.com>. 1449536989 3600 900
> 7776000 60
> >
> > ~$ idig ns-911.amazon.com <http://ns-911.amazon.com>
> > ns-911.amazon.com <http://ns-911.amazon.com>. 197 IN
> > A 207.171.178.6
> >
> > Do you know why this well known domain has only one nameserver, and
> it
> > seems the nameserver has only one IP?
> >
> > Thx.
> > _______________________________________________
> > dns-operations mailing list
> > dns-operations at lists.dns-oarc.net
> > <mailto:dns-operations at lists.dns-oarc.net>
> > https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> > dns-jobs mailing list
> > https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
> >
> >
> >
> > _______________________________________________
> > dns-operations mailing list
> > dns-operations at lists.dns-oarc.net
> > https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> > dns-jobs mailing list
> > https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
> >
>
> --
> Mark Jeftovic, Founder & CEO, easyDNS Technologies Inc.
> Company Website: http://easydns.com
> Read my blog: http://markable.com
> +1-416-535-8672 ext 225
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-jobs mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20151208/4f4c9303/attachment.html>
More information about the dns-operations
mailing list