4

If I have a domain name with nameservers pointing to Webhost One, but have an A Record that points to Webhost Two, which host would the domain name bring me to?

I'm pretty sure the A Record takes precedent, doesn't it? I currently have domains with GoDaddy, but point an A Record to 000Webhost. My domain brings me to 000Webhost. But doesn't this mean that the domain WHOIS information is inaccurate?

Is it that the nameservers point to GoDaddy, and then GoDaddy points to 000Webhost? Or does it go straight to 000WebHost?

The reason I ask is that a friend of mine has a website that is pointed to a webhost, but that webhost has no record of that site being hosted there, and yet the site has been online for a decade. So I'm wondering if the nameservers are ever taking precedent, or, really, what is going on?

bozdoz
  • 153
  • 2
  • 6
  • 3
    Funny you ask this question. I'm about to ask one on a similar subject. I wonder which one of us will get more downvotes for asking an "obvious" or "stupid" question. – Buttle Butkus Jan 09 '13 at 02:17
  • I mostly just want an answer. It doesn't make sense to me that the nameserver webhost doesn't acknowledge the domain name. @ButtleButkus – bozdoz Jan 09 '13 at 02:18
  • Do you have example `dig`, `nslookup` or `whois` outputs? – Andrew Jan 09 '13 at 02:31
  • @Andrew http://www.whois.net/whois/bedfordskatingclub.com – bozdoz Jan 09 '13 at 02:32
  • 1
    I'm not sure I understand the first part of the first sentence. Is it appropriate to say "domain name pointing to nameservers"? Don't nameservers really do the pointing? – Buttle Butkus Jan 09 '13 at 02:32
  • @Andrew The registrar says they aren't the registrar, and the webhost says they aren't the webhost. Nearly the whole WHOIS information seems inaccurate. – bozdoz Jan 09 '13 at 02:34

3 Answers3

11

I think you're badly misunderstanding how DNS work. NS records are used to find the authoritative server for a domain. The A resource record is what the client is requesting (normally) and is what will be looked up for the response to the client.

Quickly-ish:

Lets say you own example.com. Someone enters http://www.example.com into their webbrowser. Their computer issues a recursive lookup for www.example.com to their local DNS server. That server doesn't know what IP www.example.com resolves to, so it figures out the lowest level of domain for which it does know the servers. In this case it's the . root servers. The domain name www.example.com is actually www.example.com. <-- note the "." on the end.

So that DNS server contacts the root server and asks them if they know where www.example.com is. They don't. They do know where "com." is however, by was of NS records for that domain. This NS record is returned to the DNS server. So the DNS server contacts the "com." server and asks them if they know where www.example.com is, they don't either. But they do know where "example.com." is, again by NS records, which point to a.iana-servers.net. and b.iana-servers.net.. Nobody "just knows" where those servers are, so glue records for those domains are registered with the "net." root servers. More lookups to the "net." root servers...

The DNS server now knows how to contact the server for the example.com. domain! So it asks that server if it knows where 'www.example.com' is, it does! That server has a SOA record that identifies it as authoritative for the 'example.com.' domain, and it knows the A record for 'www.example.com', the IP it points to. The DNS server returns this IP to the client and the world is safe for another night.

Moar details:

When the client requested www.example.com from the DNS server it told the DNS server it was looking for an A record (A are for IPv4; clients also commonly look for IPv6 AAAA records too these days). When the other DNS server got the requests for the A record they also looked for CNAME records, but didn't search other record types. The DNS server know that when the request for a longer domain name fails (eg the root servers don't know where www.example.com is) that the DNS server is going to be interested in what information that server does have, eg. the NS record(s). How this works is more complicated than you'll care about, but the root server definitely returns a "failure" of sorts when the DNS server is trying to find the domain.

If the client was requesting a MX record for e-mail, or a SRV record, or a TXT record, or whatever, the responding DNS server will not just search for any record type that matches the domain name give, it will only search for the same record type (with the exception when looking for A or AAAA records the results for a CNAME match will be returned if no A or AAAA record matches). Also the server can have a "default" or wildcard records that may also match, but are subordinated to direct matches. It's best to avoid these situations unless you really know what you're doing.

Chris S
  • 77,337
  • 11
  • 120
  • 212
  • I agree with chris. According to the whois for the domain you've given, your NS records are pointed at DNS Servers: ns2.mediatemple.net; ns1.mediatemple.net. These are the only servers that will get queried for dns, no matter how many other dns servers have Records listed on them. If you want to change this, go to your registrar's management pages and change the ns records and authoritative name server list. (these are often two separate options). – eldorel Jan 09 '13 at 02:50
  • ... and from there I don't get any A record information at all. – Karma Fusebox Jan 09 '13 at 02:51
  • But why wouldn't MediaTemple know that the domain's nameservers are pointed to them? – bozdoz Jan 09 '13 at 03:05
  • @bozdoz Nope. That wasn't part of the process... My answer might be lacking some technicalities, but it's otherwise accurate and complete. – Chris S Jan 09 '13 at 03:49
3

Chris' answer is most relevant to the OP's situation. However it is actually possible to have an NS and an A record in the same authoritative DNS manager. In that case "which takes priority" isn't directly addressed by Chris' answer. The answer is that the NS record takes priority over the A record.

I used records at Google Domains to test. The subdomain does not resolve while both exist (the NS record pointing to nameservers without an entry for the subdomain). If I rename the NS record to a different subdomain, the A record is "exposed" and resolves to the IP address indicated. If I rename the NS record back, it "masks" the A record again and produces no valid response.

claytond
  • 371
  • 1
  • 3
  • 6
  • I think "it is possible" and "priority" frames what is actually going on in a pretty strange way. The delegation `NS` record defines the end of the zone, meaning that this `A` record by definition *cannot be part of that zone*. Unless the `A` record is used for glue, it has no business existing there (and ought to trigger some sort of warning). – Håkan Lindqvist Jun 12 '20 at 08:30
  • 2
    If you understand the subtlety of what the NS record "means", you never end up at this question. If you're a novice managing a DNS and trying to understand what happens if you make both records (without waiting for DNS refreshes to verify yourself), then priority or precedence is as good a concept as any to understand "which is used". – claytond Jun 12 '20 at 15:53
2

There is no thing like "precedence" with A records across different providers. There is one authoritative name service for your domain name. I cannot extract from your explanation though which provider it is in your case.

But if you can do a quick dig +trace yourdomain.name you will see the "chain" of queried DNS servers starting from the root zone. (Or just hand over the domain name in question.) You will see which provider gives you the authoritative address that your browser will follow.

Maybe you are confused by the fact that more than provider holds DNS information about your domain. That might be the case for whatever reason but as long as a provider does not hold the authoritative records, he will never be queried by a real-life client.

Karma Fusebox
  • 1,064
  • 9
  • 18