Need info about a NSLOOKUP NON-Authoritative response.

[WoundedWallet]

I'm running a DNS server on a DSL line.

When I type nslookup and my IP number I get the name(I think) that my ISP gives me on his machine.

Then when I type nslookup and my domain name I get my domain name, and something about a non-authoritative answer.

Like this:

C:\>nslookup XXX.XXX.XXX.XXX (MY ip)
Server: DNS.SERVER.COM (ISP DNS server)
Address: XXX.XXX.XXX.XXX (ISP DNS Server IP)

Name: MY-IP.MY-ISP.COM (Name my ISP gave to me?)
Address: XXX.XXX.XXX.XXX (My IP)


C:\>nslookup mydomain.com
Server: DNS.SERVER.COM (ISP DNS server)
Address: XXX.XXX.XXX.XXX (ISP DNS Server IP)

Non-authoritative answer:
Name: mydomain.com
Address: XXX.XXX.XXX.XXX (My IP)

So I'm puzzled in two areas:

- Is the name that my ISP gave to me supposed to appear? If not, did I forget to do something on my DNS server or is my ISP doing something that makes it respond like that?

- Is this non-authoritative answer harmless? What am I losing (besides authority ) by having the world see me this way? Why am I beeing seen this way?

I know these questions seem to re-enforce my sig, but what I really want is to learn how to do this right.

Thanks,
WW

 

[barebottoms]

To get an authoratative answer, you'll need to find out the authorative DNS server.

do :

whois mydomain.com@whois.whereveritsbeenregisteredat.com

From that you'll get the Authoratative Name Servers

do a
nslookup
server <the authortative name server from above>

XX.XX.XX.XX


There you have it.. The authoratavtive answer.


As for:

- Is the name that my ISP gave to me supposed to appear? If not, did I forget to do something on my DNS server or is my ISP doing something that makes it respond like that?

If you're using server <ip >
of your ISP's name server and no name appears,
then your ISP didn't put an entry for your IP

If you're doing a server <ip of your dns server>
and a name appears (then you've configured it right) but, it doesn't do any good since your ISP didn't have an entry for you. Follow my How DNS works below and you'll see that unless I'm using your DNS server or your ISPs if they do have your name there, then I'll never see your name.


How a DNS query works.

I type www.yahoo.com

I first check to see if my DNS servers (as configured in my /etc/resolv.conf (or host file or nis) or whatever is the equivalent in winbloze)

That DNS then checks its cache to see if that exist (non authorative)
if not then it...

queries the ROOT DOMAIN servers (heheh.. sun is not the dot com any more.. Root Domain Servers are RS6000s now.. Go Blue!!!)
The Root Domain server returns the Authorative DNS server for me to the &quot;A&quot; entry for www.yahoo.com. In this case the A entry would be www, also a CNAME too, since there are multiple www host at yahoo.

So next I query the Authoratative Server (yahoo's name servers)
for www.

-----------------------------

What you might want to do, if you do want to have your own DNS server is to have your ISP create you as a zone for that domain. Or have them put your NS record to point to your DNS server if you do own a domain.

 

[CTR]

Also, you will get a non-authoritative response if there are multiple PTR records associated with the IP address. The nameserver will return the first record in the database.

 

[WoundedWallet]

barebottons, thanks for the lenghty explanation. I'm still trying to digest it.

I have my server name and IP correct with internic if that's what you meant by finding out the authoritative DNS server.

And I think what you meant about the query is that if I go to someonelse's computer and do a lookup for my domain name then I'll probably see something different than when I check it through my ISP. It makes sense, and I have learned this in a different way, a way that ties to CTR answer like a charm.

I DO have other domains pointed to the same IP(reason for non-authoritative message?). And whenever I install a new domain and I'm waiting for the tables(?) to propagate, I always have to ask my friends to check to see if the new domain is working already since it works for me immediately after I finish setting it up on my network (DNS query way of working explanation).

Geez, I need to learn to write shorter sentences

Anyway, the combination of both of you guys answer seem to explain the whole problem to me. Thanks so much. I wish my ISP had said 1/100 of what you guys said when I asked him the same thing.

Now if I understood right what CTR said, is there any draw back to have many domains pointed to the same IP? Is there any loss for having a non-authoritative server?

I could get more IPs relatively cheap, but I don't see why bother yet since most of the other domains are mine anyway. And the few that aren't haven't asked much to justify a unique IP for them.

Thanks,
WW

 

[CTR]

Actually, my above post should have read &quot;multiple A records&quot; instead of &quot;multiple PTR.&quot; Oops. If you have multiple PTR's, then you have a problem. I ran into this last week so that is probably why I typoed it. If two IP addresses have a PTR to the same hostname, then only one will ever resolve: the first one in the database.

I don't see any drawback to the multiple A record situation. It is not uncommon at all.

 

[WoundedWallet]

CTR, I'm not too good at the terminology, but what I have is many domains registered to the same IP address.

I know this makes multiple A records but they are in different domains.

I do not have two IP addresses pointing to the same domain name tough.

Is that what you meant?

Thanks.

 

[warcleric]

I currently have 14 domains pointed to a single IP, for their SOA. That should not cause any problems. As I read your post it seems you are still using your isp's DNS server to do your dns lookups. Why not point the lookups at your own server? May fix alot of your problems. Also alot of isp's have problems letting you do your own PTR's they do own the ip's after all.

 

[WoundedWallet]

Thanks warcleric,

I had &quot;me&quot; as my secondary. Did the switch and the result was what you had in mind.

Now I know it doesn't matter much, but it was a good learning experience. I still need to have a friend check it from another ISP to put the final nail tough.

Thanks again.

WW