<div dir="ltr"><div class="gmail_default" style="font-family:courier new,monospace">Dave,</div><div class="gmail_default" style="font-family:courier new,monospace"><br></div><div class="gmail_default" style="font-family:courier new,monospace">
You might just use adnshost to query the ns records from the parent TLDs. it free and fast and authortative. There are also perl and python bindings to adnslib.</div><div class="gmail_default" style="font-family:courier new,monospace">
<br></div><div class="gmail_default" style="font-family:courier new,monospace">best,</div><div class="gmail_default" style="font-family:courier new,monospace"><br></div><div class="gmail_default" style="font-family:courier new,monospace">
-rick</div><div class="gmail_default" style="font-family:courier new,monospace"><br></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Sat, Mar 8, 2014 at 2:08 PM, Paul Vixie <span dir="ltr"><<a href="mailto:paul@redbarn.org" target="_blank">paul@redbarn.org</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">in general, delegations have to meet only two conditions. first, every<br>
name server that's designated by an NS RR above or below a delegation<br>
point has to be authoritative. second, the set of NS RR's below a<br>
delegation point (so, at the zone apex) has to be equal to or a superset<br>
of the set of NS RR's above that delegation point (so, the parent's<br>
zone-leaf).<br>
<br>
note that scraping the TLD's isn't a reliable way to find all the<br>
invocations of your NS RR name, partly because not all TLD's have ZFA,<br>
and partly because not all delegations are in TLD's. passive DNS is your<br>
better answer here. i looked at the NS RRset for your "<a href="http://hireahit.com" target="_blank">hireahit.com</a>"<br>
domain, chose one at random, and asked the Farsight DNSDB about it. my<br>
second example below turns off DNS output conversion and shows the raw<br>
JSON, in case that inspires you to consider ways to automate this kind<br>
of auditing.<br>
<br>
---<br>
<br>
vixie@linux1:~/work/dnsdb_c$ ./dnsdb_query -n <a href="http://anyns1.hireahit.com/ns" target="_blank">anyns1.hireahit.com/ns</a><br>
;; record times: 2014-03-06 09:15:40 .. 2014-03-08 19:09:04<br>
;; count: 26<br>
<a href="http://coaxial.ca" target="_blank">coaxial.ca</a>. NS <a href="http://anyns1.hireahit.com" target="_blank">anyns1.hireahit.com</a>.<br>
<br>
;; record times: 2014-03-06 15:44:49 .. 2014-03-08 18:53:29<br>
;; count: 26<br>
<a href="http://roidology.ca" target="_blank">roidology.ca</a>. NS <a href="http://anyns1.hireahit.com" target="_blank">anyns1.hireahit.com</a>.<br>
<br>
;; record times: 2014-03-06 21:23:19 .. 2014-03-08 05:11:04<br>
;; count: 10<br>
<a href="http://djw.biz" target="_blank">djw.biz</a>. NS <a href="http://anyns1.hireahit.com" target="_blank">anyns1.hireahit.com</a>.<br>
<br>
;; record times: 2014-03-06 06:44:07 .. 2014-03-08 19:53:15<br>
;; count: 2689<br>
<a href="http://hireahit.com" target="_blank">hireahit.com</a>. NS <a href="http://anyns1.hireahit.com" target="_blank">anyns1.hireahit.com</a>.<br>
<br>
;; record times: 2014-03-07 03:43:59 .. 2014-03-08 03:34:22<br>
;; count: 4<br>
<a href="http://djwhosting.com" target="_blank">djwhosting.com</a>. NS <a href="http://anyns1.hireahit.com" target="_blank">anyns1.hireahit.com</a>.<br>
<br>
;; record times: 2014-03-06 07:21:24 .. 2014-03-08 20:43:57<br>
;; count: 3791<br>
<a href="http://neverhost.net" target="_blank">neverhost.net</a>. NS <a href="http://anyns1.hireahit.com" target="_blank">anyns1.hireahit.com</a>.<br>
<br>
;; record times: 2014-03-06 07:43:12 .. 2014-03-08 19:26:12<br>
;; count: 259<br>
<a href="http://devilsplayground.net" target="_blank">devilsplayground.net</a>. NS <a href="http://anyns1.hireahit.com" target="_blank">anyns1.hireahit.com</a>.<br>
<br>
---<br>
<br>
vixie@linux1:~/work/dnsdb_c$ ./dnsdb_query -n <a href="http://anyns1.hireahit.com/ns" target="_blank">anyns1.hireahit.com/ns</a> -j<br>
{"count": 26, "time_first": 1394097340, "rrtype": "NS", "rrname":<br>
"<a href="http://coaxial.ca" target="_blank">coaxial.ca</a>.", "rdata": "<a href="http://anyns1.hireahit.com" target="_blank">anyns1.hireahit.com</a>.", "time_last": 1394305744}<br>
{"count": 26, "time_first": 1394120689, "rrtype": "NS", "rrname":<br>
"<a href="http://roidology.ca" target="_blank">roidology.ca</a>.", "rdata": "<a href="http://anyns1.hireahit.com" target="_blank">anyns1.hireahit.com</a>.", "time_last": 1394304809}<br>
{"count": 10, "time_first": 1394140999, "rrtype": "NS", "rrname":<br>
"<a href="http://djw.biz" target="_blank">djw.biz</a>.", "rdata": "<a href="http://anyns1.hireahit.com" target="_blank">anyns1.hireahit.com</a>.", "time_last": 1394255464}<br>
{"count": 2689, "time_first": 1394088247, "rrtype": "NS", "rrname":<br>
"<a href="http://hireahit.com" target="_blank">hireahit.com</a>.", "rdata": "<a href="http://anyns1.hireahit.com" target="_blank">anyns1.hireahit.com</a>.", "time_last": 1394308395}<br>
{"count": 4, "time_first": 1394163839, "rrtype": "NS", "rrname":<br>
"<a href="http://djwhosting.com" target="_blank">djwhosting.com</a>.", "rdata": "<a href="http://anyns1.hireahit.com" target="_blank">anyns1.hireahit.com</a>.", "time_last": 1394249662}<br>
{"count": 3791, "time_first": 1394090484, "rrtype": "NS", "rrname":<br>
"<a href="http://neverhost.net" target="_blank">neverhost.net</a>.", "rdata": "<a href="http://anyns1.hireahit.com" target="_blank">anyns1.hireahit.com</a>.", "time_last": 1394311437}<br>
{"count": 259, "time_first": 1394091792, "rrtype": "NS", "rrname":<br>
"<a href="http://devilsplayground.net" target="_blank">devilsplayground.net</a>.", "rdata": "<a href="http://anyns1.hireahit.com" target="_blank">anyns1.hireahit.com</a>.", "time_last":<br>
1394306772}<br>
<br>
===<br>
<br>
vixie<br>
_______________________________________________<br>
dns-operations mailing list<br>
<a href="mailto:dns-operations@lists.dns-oarc.net">dns-operations@lists.dns-oarc.net</a><br>
<a href="https://lists.dns-oarc.net/mailman/listinfo/dns-operations
dns-jobs" target="_blank">https://lists.dns-oarc.net/mailman/listinfo/dns-operations<br>
dns-jobs</a> mailing list<br>
<a href="https://lists.dns-oarc.net/mailman/listinfo/dns-jobs" target="_blank">https://lists.dns-oarc.net/mailman/listinfo/dns-jobs</a><br>
</blockquote></div><br></div>