6

Say I have a domain name registered with a website. On their site it says the following:

Domain Name Servers listed in order:

ns9.zoneedit.com ns18.zoneedit.com ns3.freedns.ws

Are name servers read in a particular order? Or does it use the closest one/one that receives the first request? Or is the order as it is there, the order it's requested in? I.e, ns9.zoneedit.com would be the primary address?

The reason why I ask is because unfortunately there is a bug in their systems (you need to email a form in order to update your domain), and I used to have 3 name servers in my old record, and I changed DNS providers, but now I only use 2 and can't remove the third one which is ns3.freedns.ws.

Will this impact it? Because if it just uses the primary and secondary, that should be fine right? I updated these changes yesterday, it's been past the 24hr mark.

user1104783
  • 63
  • 4

2 Answers2

6

There is no ordering to the individual resource records of a resource record set. The notions of "primary" and "secondary" DNS content servers only apply to database replication.

A resource record set is a set. Sets are not required to be ordered, and they are not ordered when it comes to the Domain Name System. There are numerous points in the path between content DNS server and DNS client where this set's members can be re-ordered.

  • When the content DNS server compiles its database from the source file, it is not required to preserve the order that the RRs had in the source file. The compiled database may not even have any such notion of ordering.
  • When the content DNS uses the database record for the set in response to a query, it is not required to encode that in any particular order when it breaks the set apart for encoding it in the DNS protocol. Indeed, for set types such as A and AAAA some content DNS servers will intentionally re-order resource record sets.
  • When a proxy DNS server recieves a response from a content DNS server, it is not required to use or preserve any particular set ordering. Indeed, for set types such as A and AAAA some proxy DNS servers will intentionally re-order resource record sets.
  • When caching proxy DNS servers use their caches, they are not required to maintain any set ordering when addings things to or retrieving things from the cache.
  • When a DNS client receives a full answer response from a proxy DNS server, it is not required to use or preserve any particular set ordering. Indeed, for set types such as A and AAAA many DNS clients will intentionally re-order resource record sets.

Notice what had to be specified for DNSSEC because of this. When calculating or verifying an RRSIG record for a resource record set, it is always necessary to order the set first.

When proxy DNS servers come to decide what content DNS servers to talk to, they use the two-part NS plus A/AAAA delegation information to obtain a list of content DNS server IP addresses. Some proxy DNS server softwares attempt to rank the content DNS servers according to some metric: which content DNS server responds "the best", for some value of "best". Others simply rotate the order. Yet others don't do anything at all, and use whatever order happened to obtain as the resource records were fetched.

There's no predicting, from this heterogeneous range of behaviours, what content DNS servers will receive the most queries. For all you know, everyone's proxy DNS servers might decide today that your old DNS hosting service's server is the "best" content DNS server to ask today. In which case everyone will receive old data.

There's no ordering, and the notions of "primary" and "secondary" simply do not apply here. All content DNS servers for any given domain are peers to the world at large.

So get it fixed.

Further reading

EEAA
  • 108,414
  • 18
  • 172
  • 242
JdeBP
  • 3,970
  • 17
  • 17
  • 2
    No one here appreciates your screaming. Please leave John's edits as they were and stop using large sections of bolded text. It does nothing to improve readability or comprehension, and has only served to annoy many core users of the site. – EEAA Feb 11 '12 at 15:38
  • 2
    Additionally, Serverfault is designed such that *anyone* can edit your answers. This serves to not only improve the quality of information, but also helping users improve formatting of answers and questions. If you're not comfortable with this, then perhaps this is not the site for you. – EEAA Feb 11 '12 at 15:48
  • It's a section heading, not boldface. – JdeBP Feb 12 '12 at 11:52
  • 1
    Section headings should have two or three words, not two full sentences. Go over to meta.serverfault.com to see the discussion for yourself. I'm going to revert your edit again, and I'd advise you to not undo it again. – EEAA Feb 12 '12 at 13:42
  • 1
    I advise _you_ to learn about good writing, because section headings are one part of such, as are things like proper citations and avoiding surprise hyperlinks. Stop dragging those around you down to such a poor and base level. The purpose of editing answers is to make them better, not to turn proper citations and sectioning into run-on walls of text with surprise links and improper citations. You serve readers ill. – JdeBP Feb 12 '12 at 13:59
  • 6
    Jonathan, I'm not going to get into an arms race with you. You should just know that there is a certain way the SF community expects people to behave and a certain way they expect answers and questions to appear. You would be served well to sit back and watch what's going on here for a while and then examine how you should conduct yourself. – EEAA Feb 12 '12 at 14:09
  • 3
    Additionally, this is (clearly) not an academic site. While your writing style and formatting might be greatly appreciated in an academic or highly-scientific setting, it's out of place here. Above all else, SF is about being *practical*. Readers here don't want to see sentences-long section headings. Period. They're distracting and do nothing to aid in organization, readability, nor comprehension. – EEAA Feb 12 '12 at 14:20
5

There isn't a predictable order to how authoritative name servers are queried. With the setup you described, if ns3.freedns.ws doesn't have a record for your domain name then roughly 1/3 of the visitors trying to get to your site will be unable to because the name server will respond that it does not have an IP address for your domain name. I'd suggest contacting your registrar and have them remove the third nameserver record - that should be easy for them to update.

Jason Abate
  • 441
  • 4
  • 3
  • Thanks for the reply. I figured as much, I have indeed sent them another email in regards to it but they take a while. Anyway, was just curious. – user1104783 Feb 10 '12 at 17:29