On 3/28/23 16:39, Go Canes wrote:
On Tue, Mar 28, 2023 at 7:00 PM ToddAndMargo via users
<users@xxxxxxxxxxxxxxxxxxxxxxx> wrote:
I was just wanting to see what DNS I was actually using.
dig and nslookup both display the IP address of the DNS resolver that
you are querying. But if you are asking for which DNS resolver
actually provided the answer, that would be more difficult as prior
posts have indicated.
For example, if I do a DNS lookup of lists.fedoraproject.org, and
assuming none of the DNS resolvers have the data cached, my local DNS
server (my ISP router) will forward the request to a DNS resolver it
has configured, that DNS server will do the same, etc., until we
either get a cached answer, or we go all the way up to one of the root
DNS servers which can forward to the authoritative DNS server for the
domain. So if you are trying to determine which of the servers in the
forward chain provided the answer, that is difficult (again as per
prior answers).
You've got a good grasp of what it going on. Here are the missing bits.
This is a representation of a some url:
WWW.GOOGLE.COM.
SUBDOMAIN.DOMAIN.TLD. (TLD = top level domain, beneath . )
Note the dot at the very end. All searches begin there. To make this
easier we'll use google's name servers to start. Since dig is in wide
use we'll use it for dns searches. (As for options to dig: the only one
of use to any but very advanced, specialized users is +short --
+nssearch is of no use to us. Forget you ever heard of it.)
There are only a few types of dns records:
SOA start of authority - primary ns, contact email, timestamp,
various ttls (I'm not going to include timestamps and ttls here)
NS name servers
MX mail exchangers
A ipv4 IP addresses
AAAA ipv6 IP addresses
CNAME aliases for domain names
TXT text records used for all sorts of things, even random comments
There are others that, for the most part, are irrelevant to mere mortals.
Who is the Start Of Authority for "." ?
dig +short @8.8.8.8 . SOA
a.root-servers.net. nstld.verisign-grs.com.
Ask the SOA who their name servers are
dig @a.root-servers.net. root-servers.net. NS
a.root-servers.net. 3600000 IN A 198.41.0.4
a.root-servers.net. 3600000 IN AAAA 2001:503:ba3e::2:30
( + 12 more )
Ask a root-server who are the name servers for COM.
dig @k.root-servers.net. com. NS
a.gtld-servers.net. 172800 IN A 192.5.6.30
a.gtld-servers.net. 172800 IN AAAA 2001:503:a83e::2:30
( + 12 more )
Ask a gtld-server who are the name servers for GOOGLE.COM.
dig @f.gtld-servers.net. google.com. NS
ns1.google.com. 172800 IN A 216.239.32.10
ns1.google.com. 172800 IN AAAA 2001:4860:4802:32::a
( + 3 more )
Ask a google name server for the IP for www.google.com.
dig @ns3.google.com. www.google.com. A
www.google.com. 193 IN A 142.250.189.228
And that is the AUTHORITATIVE answer provided by google's dns authority.
As you can see, in every case, from the top down, each level points to
the authority for the next level down by answering a request for an NS
record. It isn't random. Those are the facts on the ground at the time
the request was made.
And that's how you find out who the authoritative name server for a
domain is.
PS. There is a special top level domain (arpa.) that handles lookups
for IP addresses. Its domain is in-addr.arpa. It matches IPs to the
associated host name by returning a PTR (pointer) record. This is how
mailservers prove they are not fraudulent. Look up the MX record, it
gives a host name. Lookup the host name, get an IP. Lookup up the PTR
for that IP. It should match the original MX host name lookup.
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
