[AusNOG] Are domain name server pointers reliant on registrar name server?

Mark Delany g2x at juliet.emu.st
Mon Oct 29 13:00:25 EST 2018 

> From my understanding, this is how it works:
> 
> 
>   1.  Your PC is browsing to http://www.ventraip.com.au
>   2.  The DNS looks at the root nameservers for . (yes, a single period) who then
>   3.  Forwards the request on to the .au nameservers (operated by Afilias) who then
>   4.  Forwards the request on to the .com.au nameservers (also operated by Afilias) who then

Not quite sure which "who" you're referring to here, but authoritative
servers such as the roots and .au servers only ever return whatever
info they have that's relevant to the query. They never "forward"
anything.

A DNS cache is responsible for taking the authoritative response and
initiating new queries to ultimately resolve the initial question. So
if by "who" above you mean the PC's DNS cache and if by "forwards the
request" you mean a cache taking each authoritative response to
resolve the answer, then yes, you are roughly correct, but otherwise
your description misleading.

Assuming an empty cache it roughly goes:

PC -> Cache "Can you resolve www.ventraip.com.au?"
        Cache -> roots "Can you resolve www.ventraip.com.au?"
        Cache <- Roots "No, but here are some .au name servers"
        Cache -> au NS "Can you resolve www.ventraip.com.au?"
        Cache <- au NS "No, but here are some com.au servers"
        Cache -> com.au NS "Can you resolve www.ventraip.com.au?"
        Cache <- com.au NS "No, but here are some ventraip.com.au servers"
        Cache -> ventraip.com.au NS "Can you resolve www.ventraip.com.au?"
        Cache <- ventraip.com.au NS "Yes, here are some A RRs"
PC <- Cache "Yes, here are some A RRs"

You can see each step of this resolution in action by going:

dig @m.root-servers.net www.ventraip.com.au
dig @a.au www.ventraip.com.au www.ventraip.com.au
dig @q.au www.ventraip.com.au www.ventraip.com.au
dig @ns1.corp.ventraip.net.au www.ventraip.com.au

I've skipped the stalling that occurs at ns1.corp.ventraip.net.au and
yes the arrangement with the .au and .com.au NS is a bit unusual but
entirely legit.


Mark.

More information about the AusNOG mailing list