Lightner, Jeff <jlight...@water.com> wrote:
>
> For example from my workstation if I search an internal domain we use I
> know which internal DNS server it goes to ask the question. That DNS
> server in turn may refer to a separate internal DNS server which is
> authoritative for the domain or has the record cached. A dig +trace is
> useless because the root servers know nothing about the domain. I’ve
> found various things that give me parts of the information but wonder if
> there isn’t something that would do something like trace so I can see
> each DNS server that was referred to in such lookups.
You can trace upwards. To find the zone within which a name lives, ask for
the SOA. You'll probably bet a NOERROR / NODATA response with the SOA in
the authority section, for example, (1)
You can then ask for the NS records at that name to find where the name is
hosted. (2)
You can work up the namespace by trimming off a label and repeating the
process. (3) (4)
Given the parent name servers you can then check the delegation NS RRset
for the child. (5)
However, for private zones, it is possible that the NS records do not tell
the truth - the hostmaster may be relying on static configuration of all
the servers instead.
*** (1)
; <<>> DiG 9.9.2-vjs197.15rc1 <<>> soa hermes.cam.ac.uk
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 14961
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;hermes.cam.ac.uk. IN SOA
;; AUTHORITY SECTION:
cam.ac.uk. 14400 IN SOA authdns0.csx.cam.ac.uk.
hostmaster.ucs.cam.ac.uk. 1347969556 14400 3600 604800 14400
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Sep 18 16:28:46 2012
;; MSG SIZE rcvd: 109
*** (2)
; <<>> DiG 9.9.2-vjs197.15rc1 <<>> ns cam.ac.uk
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28269
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;cam.ac.uk. IN NS
;; ANSWER SECTION:
cam.ac.uk. 86400 IN NS dns1.cl.cam.ac.uk.
cam.ac.uk. 86400 IN NS authdns0.csx.cam.ac.uk.
cam.ac.uk. 86400 IN NS ns2.ic.ac.uk.
cam.ac.uk. 86400 IN NS bitsy.mit.edu.
cam.ac.uk. 86400 IN NS dns0.eng.cam.ac.uk.
cam.ac.uk. 86400 IN NS dns0.cl.cam.ac.uk.
cam.ac.uk. 86400 IN NS authdns1.csx.cam.ac.uk.
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Sep 18 16:31:41 2012
;; MSG SIZE rcvd: 200
*** (3)
; <<>> DiG 9.9.2-vjs197.15rc1 <<>> soa ac.uk
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32406
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;ac.uk. IN SOA
;; ANSWER SECTION:
ac.uk. 86400 IN SOA ns0.ja.net. operations.ja.net.
2012091860 28800 7200 3600000 14400
;; Query time: 13 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Sep 18 16:32:00 2012
;; MSG SIZE rcvd: 91
*** (4)
; <<>> DiG 9.9.2-vjs197.15rc1 <<>> ns ac.uk
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41140
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 7, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;ac.uk. IN NS
;; ANSWER SECTION:
ac.uk. 7474 IN NS ns2.ja.net.
ac.uk. 7474 IN NS ns4.ja.net.
ac.uk. 7474 IN NS auth03.ns.uu.net.
ac.uk. 7474 IN NS ws-fra1.win-ip.dfn.de.
ac.uk. 7474 IN NS ns3.ja.net.
ac.uk. 7474 IN NS ns0.ja.net.
ac.uk. 7474 IN NS ns1.surfnet.nl.
;; Query time: 3 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Sep 18 16:32:16 2012
;; MSG SIZE rcvd: 202
*** (5)
; <<>> DiG 9.9.2-vjs197.15rc1 <<>> ns cam.ac.uk @ns0.ja.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48627
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 7, ADDITIONAL: 9
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;cam.ac.uk. IN NS
;; AUTHORITY SECTION:
cam.ac.uk. 86400 IN NS dns0.eng.cam.ac.uk.
cam.ac.uk. 86400 IN NS authdns1.csx.cam.ac.uk.
cam.ac.uk. 86400 IN NS ns2.ic.ac.uk.
cam.ac.uk. 86400 IN NS dns0.cl.cam.ac.uk.
cam.ac.uk. 86400 IN NS authdns0.csx.cam.ac.uk.
cam.ac.uk. 86400 IN NS dns1.cl.cam.ac.uk.
cam.ac.uk. 86400 IN NS bitsy.mit.edu.
;; ADDITIONAL SECTION:
ns2.ic.ac.uk. 86400 IN A 155.198.142.82
dns0.cl.cam.ac.uk. 86400 IN A 128.232.0.19
dns0.eng.cam.ac.uk. 86400 IN A 129.169.8.8
dns1.cl.cam.ac.uk. 86400 IN A 128.232.0.18
authdns0.csx.cam.ac.uk. 86400 IN A 131.111.8.37
authdns0.csx.cam.ac.uk. 86400 IN AAAA 2001:630:212:8::d:a0
authdns1.csx.cam.ac.uk. 86400 IN A 131.111.12.37
authdns1.csx.cam.ac.uk. 86400 IN AAAA 2001:630:212:12::d:a1
;; Query time: 4 msec
;; SERVER: 2001:630:0:8::14#53(2001:630:0:8::14)
;; WHEN: Tue Sep 18 16:33:45 2012
;; MSG SIZE rcvd: 352
Tony.
--
f.anthony.n.finch <d...@dotat.at> http://dotat.at/
Forties, Cromarty: East, veering southeast, 4 or 5, occasionally 6 at first.
Rough, becoming slight or moderate. Showers, rain at first. Moderate or good,
occasionally poor at first.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
