3
1
I have a hypothetical situation that I've been unable to find any real answer to. Imagine we have a computer that has never been on the internet. The computer is also on a network where no DNS service is provided. Lets also pretend that things like google public DNS don't exist.
Now let's assume that the only thing this computer has is the root DNS servers' names and resolved addresses, like so.
Now this computer wants to know the IP address of say, superuser.com. How, with only having the IP addresses of root servers, does the computer work through queries to a root server in order to wind up with the resolved A-record of superuser.com?
I've made attempts but I always wind up in a place where I need to use an existing DNS server that I know of to resolve an A-Record. For example if I open command prompt and start trying to resolve google.ca (against a root server), I wind up with:
Served By:
ns1.google.com
google.ca
ns2.google.com
google.ca
... and so and and so forth. So basically at this point, I have to resolve nsX.google.com in order to query it to get the A-record for google.ca, however, given the scenario, I don't have a server I can to query for the address of nsX.google.com. If I attempt to resolve ns1.google.com back from the root server, I wind up in the same place.
Short version: How the hell do I resolve the A-Record for a domain without using any other information except what is provided to me by a root server? Thanks in advance. :)
ahhh ok thanks for the thorough answer @grawity, maybe it's because I was using crappy "nslookup" on the command line, it was just hiding these details from me. Thanks again. – None – 2014-08-03T00:58:29.670
Just as an FYI, this actually doesn't work. It may very well work for the com. TLD, but not everything. I'm looking up a .ca domain starting at the root and the chain that should happen (like you display here) completely breaks down. I wind up with just NS entries with no addresses provided for them. I suppose I then have to return to the top and start looking up those nameserver domains, then returning back to where i left off looking for the .ca. Will post back. Using dig on ubuntu server. – None – 2014-09-22T14:37:14.033
@DigitalArchitect: Yes, if the nameservers aren't actually "under" the domain they're serving, then the glue records are optional, and you will need to look up their address yourself, as a "side trip". – user1686 – 2014-09-22T15:30:43.843
(This unfortunately means it's possible to misconfigure multiple domains so that the resolver would bounce between them, e.g.
a.com
is atns1.b.net
, butb.net
is atns2.a.com
...) – user1686 – 2014-09-22T15:31:27.340I'm going to leave your answer as a the accepted answer, but after this I'm going to post an additional answer of how I'm resolving this problem in C# using arsoft.tools.net. I'll post the code of a function that (should) resolve any domain of any TLD from only the root zone file information. Just because this is such a ridiculously (over)complicated recursive method, I figure a code snippet will both expound on exactly how the process works and provide people with a code base to copy-and-paste from. :) – None – 2014-09-22T15:57:50.087
"... how I'm resolving the problem" .. see what I did there. ;) – None – 2014-09-22T15:58:20.910