[dns-operations] aws.amazon.com zone has only one nameserver

Yonghua Peng pyh at cloud-china.org
Tue Dec 8 12:54:52 UTC 2015


Yes, dig +trace we got,

aws.amazon.com.         7200    IN      NS      ns-923.amazon.com.
aws.amazon.com.         7200    IN      NS      ns-911.amazon.com.
aws.amazon.com.         7200    IN      NS      ns-921.amazon.com.
aws.amazon.com.         7200    IN      NS      ns-912.amazon.com.
aws.amazon.com.         7200    IN      NS      ns-932.amazon.com.
aws.amazon.com.         7200    IN      NS      ns-931.amazon.com.

But the auth nameserver returns non above all.

$ idig aws.amazon.com ns @ns-923.amazon.com
aws.amazon.com.         600     IN      NS      ns-924.amazon.com.

That looks strange.

Thanks.


On 2015/12/8 星期二 20:35, Valentin Bud wrote:
> Hello Yonghua,
>
> Fom where I am standing (.ro) things look differently, as it follows.
>
>   ~$ dig +short aws.amazon.com <http://aws.amazon.com> ns in
> ns-932.amazon.com <http://ns-932.amazon.com>.
>
> ~$ dig +short ns-932.amazon.com <http://ns-932.amazon.com>. a in
> 52.16.221.207
>
> I guess that Amazon has geo aware DNS configuration in place.
>
> Also I can find the A IN for ns-911.amazon.com
> <http://ns-911.amazon.com/> and it matches yours.
>
> ~$ dig +short ns-911.amazon.com <http://ns-911.amazon.com>. a in
> 207.171.178.6
>
> Best,
> Valentin
>
> On Tue, Dec 8, 2015 at 2:10 PM Yonghua Peng <pyh at cloud-china.org
> <mailto:pyh at cloud-china.org>> wrote:
>
>     Hi,
>
>     As you see,
>
>     ~$ idig aws.amazon.com <http://aws.amazon.com> ns
>     aws.amazon.com <http://aws.amazon.com>.         587     IN      NS
>     ns-911.amazon.com <http://ns-911.amazon.com>.
>
>     ~$ idig aws.amazon.com <http://aws.amazon.com> soa
>     aws.amazon.com <http://aws.amazon.com>.         60      IN      SOA
>     ns-911.amazon.com <http://ns-911.amazon.com>.
>     root.amazon.com <http://root.amazon.com>. 1449536989 3600 900 7776000 60
>
>     ~$ idig ns-911.amazon.com <http://ns-911.amazon.com>
>     ns-911.amazon.com <http://ns-911.amazon.com>.      197     IN
>     A       207.171.178.6
>
>     Do you know why this well known domain has only one nameserver, and it
>     seems the nameserver has only one IP?
>
>     Thx.
>     _______________________________________________
>     dns-operations mailing list
>     dns-operations at lists.dns-oarc.net
>     <mailto:dns-operations at lists.dns-oarc.net>
>     https://lists.dns-oarc.net/mailman/listinfo/dns-operations
>     dns-jobs mailing list
>     https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
>



More information about the dns-operations mailing list