DNS is perhaps one of the most frustrating aspects of web hosting services. It regularly confuses all parties associated in the process: domain owners, network administrators and registrar support departments. Those with shell access in a current Linux/Unix environment will have access to the dns lookup utility dig.
Lets take a look at a basic query:
dig @ns1.networkredux.net www.networkredux.com A
; <<>> DiG 9.2.4 <<>> @ns1.networkredux.net www.networkredux.com A
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1512
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;www.networkredux.com. IN A
;; ANSWER SECTION:
www.networkredux.com. 14400 IN CNAME networkredux.com.
networkredux.com. 14400 IN A 64.128.80.5
;; AUTHORITY SECTION:
networkredux.com. 14400 IN NS ns1.networkredux.net.
networkredux.com. 14400 IN NS ns2.networkredux.net.
;; ADDITIONAL SECTION:
ns1.networkredux.net. 14400 IN A 64.128.80.100
ns2.networkredux.net. 14400 IN A 64.128.82.100
dig @ns1.networkredux.net — indicates we are directly querying the ns1.networkredux.net nameserver for results.
www.networkredux.com A — indicates the hostname we want information on, and A indicates that we want A records associate with this hostname.
—
Now the results:
;; ANSWER SECTION:
www.networkredux.com. 14400 IN CNAME networkredux.com.
networkredux.com. 14400 IN A 64.128.80.5
This indicates that our question (www.networkredux.com) is a pointed CNAME record to networkredux.com. In turn, dig recursively determines the A record for networkredux.com to be 64.128.80.5.
14400 — This references the maximum time to live for this resource record in the zone file. Technically caching DNS servers (such as your ISP’s) should only cache this record for 4 hours.
The authority section references the authoritative nameservers listed for this domain in the zone file.
Ultimately the dig utility can be used to directly query nameservers for immediate answers, bypassing any irregular caching or latency issues you may be experiencing with your Internet Service Provider. If your web host tells you that the zone is correct within their nameservers, dig will be the recommended tool for verification.
For full details on this tool I would recommend the dig man pages. For additional resources on DNS/BIND I would recommend O’Reilley’s “DNS and BIND Fourth Addition.”
This entry was posted on May 30, 2006, 6:10 am and is filed under Comments. You can follow any responses to this entry through RSS 2.0.
You can leave a response, or trackback from your own site.
Basic DNS troubleshooting techniques
DNS is perhaps one of the most frustrating aspects of web hosting services. It regularly confuses all parties associated in the process: domain owners, network administrators and registrar support departments. Those with shell access in a current Linux/Unix environment will have access to the dns lookup utility dig.
Lets take a look at a basic query:
dig @ns1.networkredux.net www.networkredux.com A
; <<>> DiG 9.2.4 <<>> @ns1.networkredux.net www.networkredux.com A
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1512
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2
;; QUESTION SECTION:
;www.networkredux.com. IN A
;; ANSWER SECTION:
www.networkredux.com. 14400 IN CNAME networkredux.com.
networkredux.com. 14400 IN A 64.128.80.5
;; AUTHORITY SECTION:
networkredux.com. 14400 IN NS ns1.networkredux.net.
networkredux.com. 14400 IN NS ns2.networkredux.net.
;; ADDITIONAL SECTION:
ns1.networkredux.net. 14400 IN A 64.128.80.100
ns2.networkredux.net. 14400 IN A 64.128.82.100
;; Query time: 20 msec
;; SERVER: 64.128.80.100#53(ns1.networkredux.net)
;; WHEN: Mon May 29 23:03:26 2006
;; MSG SIZE rcvd: 152
—
Our query is broken down as follows:
dig @ns1.networkredux.net — indicates we are directly querying the ns1.networkredux.net nameserver for results.
www.networkredux.com A — indicates the hostname we want information on, and A indicates that we want A records associate with this hostname.
—
Now the results:
;; ANSWER SECTION:
www.networkredux.com. 14400 IN CNAME networkredux.com.
networkredux.com. 14400 IN A 64.128.80.5
This indicates that our question (www.networkredux.com) is a pointed CNAME record to networkredux.com. In turn, dig recursively determines the A record for networkredux.com to be 64.128.80.5.
14400 — This references the maximum time to live for this resource record in the zone file. Technically caching DNS servers (such as your ISP’s) should only cache this record for 4 hours.
The authority section references the authoritative nameservers listed for this domain in the zone file.
Ultimately the dig utility can be used to directly query nameservers for immediate answers, bypassing any irregular caching or latency issues you may be experiencing with your Internet Service Provider. If your web host tells you that the zone is correct within their nameservers, dig will be the recommended tool for verification.
For full details on this tool I would recommend the dig man pages. For additional resources on DNS/BIND I would recommend O’Reilley’s “DNS and BIND Fourth Addition.”
This entry was posted on May 30, 2006, 6:10 am and is filed under Comments. You can follow any responses to this entry through RSS 2.0. You can leave a response, or trackback from your own site.