3

I'm trying to set up a DNS to complement the DNS provided by my hoster (see also this related question). Now I don't seem to understand my domain's DNS record, which is this (some entries omitted for brevity):

econemon.com.       1800    IN  NS  ns.stratoserver.net.
econemon.com.       1800    IN  NS  ns2.stratoserver.net.
econemon.com.       1800    IN  A   85.214.92.48

Now, I don't really grok two things, despite reading up on DNS in Wikipedia:

  • Why does the nameserver, in addition to the A record, return an NS record pointing to itself? What would that be used for? My understanding was that this record would be delivered by a name server which is not responsible for the domain.
  • How exactly does the client use the two NS records? Can I add more, and what is the point?
Community
  • 1
Hanno Fietz
  • 992
  • 2
  • 11
  • 23

2 Answers2

7

The answer that the server sends back containing the NS records is the "authority" section, which is just part of the answer used by recursive servers to walk down the tree when it's looking up answers. The client uses the NS records to work out who to ask next when resolving a name. You can add as many NS records as you want (although there are some corner cases if you have lots of NS records); the benefits to having more NS records is that there's more redundancy in your DNS service (although to gain the most advantage, you really want to have your NS servers on separate networks and domains).

womble
  • 95,029
  • 29
  • 173
  • 228
1

All zone files should contain reference to the relevant nameservers. In multi server situations this is used by the name server to know where is should send NOTIFY messages on when changes are made and where it should accept them from.

Also the entries do not always point back to the current server. In the case of delegated name resolution they will instead refer to the server(s) that the role has been delegated to, though this is rare for the main domain name (it is not uncommon for sub-domains).

The client systems (or the DNS caches they talk to) should try one of your name servers then, if that lookup fails, it should try the next and so on until all have been tried or one has responded.

You can have as many name servers as your wish for extra resilience. The RFCs dictate "at least two" and that they should not be on the same network (some small web hosts have two nameservers setup which are in reality the same server with two IP addresses - not good) but they do not list any upper limit.

David Spillett
  • 22,534
  • 42
  • 66