-3

Note: Someone linked to Why does DNS work the way it does? as a possible duplicate. But this link does not answer my question. Specifically, this link does not describe where exactly a regular domain name buyer like me (who has no DNS administration experience) sets the authoritative nameserver. All an inexperienced domain buyer like me does is set edit the DNS field for my domain in a reseller website like Godaddy or Namecheap and set it to customer nameservers like ns1.digitalocean.com, ns2.digitalocean.com, etc. The visible output I see after doing this is these nameservers appearing in the whois <mydomain> output. Is this equivalent to setting the authoritative nameserver as well, or is there something more to it?

Say I register a domain named example.com using any popular domain name registration service/reseller.

Say I have two Linux VMs hosted on two different cloud service provider's infrastructure.

Say I create DNS entries for example.com using the DNS Manager of both cloud service providers. On the first cloud, I point example.com to the IP address of the VM on the first cloud. On the second cloud, I point example.com to the IP address of the VM on the second cloud.

When an Internet user performs nslookup or dig on example.com which IP address would example.com resolve to for it?

As per HBruijn's comment below, it would resolve to the IP address in the record of the authoritative nameserver. So my question is where in this whole process of registering a domain name by an inexperienced user like me on a popular domain name reseller service do we specify the authoritative nameserver?

Is it the DNS field that resellers like Godaddy or Namecheap ask us to enter? I thought that DNS field only appears in the whois output. Does the reseller go and update the DNS too with the same nameservers as the authoritative nameservers?

Lone Learner
  • 103
  • 1
  • 8
  • 3
    Welcome and thank you for posting. ServerFault requires a clear and useful question which is [well written](http://meta.serverfault.com/a/3609/37681) , [on-topic](http://serverfault.com/help/on-topic) and contains sufficient details about your actual business problem to provide you with a good solution. - Please don't ask overly broad, conceptual and/or hypothetical (background) questions. - The internet user would find whatever record is in the nameserver you registered as authoritative for your domain https://en.wikipedia.org/wiki/Domain_Name_System#Address_resolution_mechanism – HBruijn Mar 02 '18 at 11:32
  • @HBruijn In a typical workflow (registering domain name via a reseller such as GoDaddy or Namecheap) and using a DNS manager provided by someone else (such as Digital Ocean or Linode), do you know which step performed by a DNS-inexperienced person like me ends up setting the authoritative domain? I am asking this because I did not explicitly set any nameserver as authoritative. So there must be some step I performed that did this for me. – Lone Learner Mar 02 '18 at 12:06
  • Most registrars default to setting their own name servers as the authoritative ones for domain names customers register and offer their own (usually free) management tool to manage records for that domain. Typically you can also use the registrars control panel to change to custom name servers for your domain. (i.e. to use [Digital Ocean DNS](https://www.digitalocean.com/community/tutorials/how-to-set-up-a-host-name-with-digitalocean) you need to [change to DO DNS servers](https://www.digitalocean.com/community/tutorials/how-to-point-to-digitalocean-nameservers-from-common-domain-registrars) – HBruijn Mar 02 '18 at 12:24
  • When you register the domain, you tell the registrar what DNS servers you want to use for primary/secondary (and perhaps 3rd and 4th as well). – ivanivan Mar 02 '18 at 12:27
  • @HBrujin I did set the DNS servers for my domain in my Namecheap account to `ns1.digitalocean.com`, `ns2.digitalocean.com`, etc. After this change, I began seeing these two nameservers in the `whois ` output. Did it set both nameservers as authoritative nameservers or only one of them? Also is the nameserver appearing on `whois` output the same as authoritative nameserver, or is the authoritative nameserver maintained somewhere else independent of `whois`? – Lone Learner Mar 02 '18 at 12:28
  • @JennyD I don't see anything about reseller setting the authoritative nameserver for me in the possible duplicate link. – Lone Learner Mar 02 '18 at 12:45
  • `Did it set both nameservers as authoritative nameservers` It indicates servers which are *expected* to be the authoritative nameservers. Whether or not the servers consider themselves to be authoritative for the domain is a separate matter, and sending the traffic to servers that were not configured for the domain will not result in a useful outcome. – Andrew B Mar 02 '18 at 14:22

1 Answers1

2

The questions you're asking are clearly defined in the RFC specs, wikipedia articles, etc. As mentioned, please do your research before posting.

When you change the nameserver or ns value of a domain, you are telling the registrar who you want to be considered authoritative over that domain name. As mentioned, just because you added an ns record to the registrar, doesn't mean that the indicated server is going to respond to requests for that domain; that server must also be configured to assume authorization over the domain (SOA records). As DNS information propagate through the DNS infrastructure, this value eventually gets set across all the DNS servers to allow proper forwarding when the domain is being queried.

When you set the ns values to ns1.digitalocean.com and ns2.digitalocean.com you have indicated that this the server that is authoritative for your domain, so now only records you create within DO are going to be used.

whois has nothing to do with this process, what you need is to use dig to query the DNS infrastructure.

Andrew
  • 2,057
  • 2
  • 16
  • 25