If top-level domain servers return only the domains of nameservers, how do DNS providers contact said nameservers?

2

So, as I understand, after a DNS provider (e.g. Google's 8.8.8.8) has queried the root name servers for the top-level domain servers (e.g. "com"), it asks the top-level name server for the domain of e.g. google.com's nameservers. The top-level name server returns something like ns1.google.com. So, how does the DNS provider find out the IP address of ns1.google.com? Every explanation I've read seems to gloss over this topic.

user48147

Posted 2017-05-19T20:00:47.317

Reputation: 121

How Domain Name Servers Work – DavidPostill – 2017-05-19T20:14:57.910

Answers

1

This is called a glue record and exists at the higher level of the registry than the domain in question.

https://serverfault.com/questions/309622/what-is-a-glue-record

From the linked SF answer:

A glue record is a term for a record that's served by a DNS server that's not authoritative for the zone, to avoid a condition of impossible dependencies for a DNS zone.

Say I own a DNS zone for example.com. I want to have DNS servers that're hosting the authoritative zone for this domain so that I can actually use it - adding records for the root of the domain, www, mail, etc. So, I put the name servers in the registration to delegate to them - those are always names, so we'll put in ns1.example.com and ns2.example.com.

There's the trick. The TLD's servers will delegate to the DNS servers in the whois record - but they're within example.com. They try to find ns1.example.com, ask the .com servers, and get referred back to... ns1.example.com.

What glue records do is to allow the TLD's servers to send extra information in their response to the query for the example.com zone - to send the IP address that's configured for the name servers, too. It's not authoritative, but it's a pointer to the authoritative servers, allowing for the loop to be resolved.

Joe

Posted 2017-05-19T20:00:47.317

Reputation: 694

0

DNS responses come in pairs. It returns the domain name and the corresponding IP address. In your case, along with ns1.google.com it's corresponding IP is also returned.

Top level nameserver doesnt return ns1.google.com. The returns are something like this:

  • You -> 8.8.8.8 (asking IP for www.google.com)
  • 8.8.8.8 -> root server: returns a IP of .com
  • 8.8.8.8 -> .com: returns IP of google.com
  • 8.8.8.8 -> google.com: returns IP of ns1.google.com (ns2, ns3, ns4 .... as well)
  • 8.8.8.8 -> ns1.google.com: returns IP of www.google.com
  • 8.8.8.8 -> You (now you can go to www.google.com)

Rafed Muhammad Yasir

Posted 2017-05-19T20:00:47.317

Reputation: 1

Asked: 2017-05-19T20:00:47.317

Viewed: 678 times

Active: 2017-05-19T20:24:42.107