Nslookup DNS query won’t display authoritative answer

dnsnslookup

I am trying to get the authoritative DNS servers for a server in Europe per my assignment instructions. I looked up how to do it and got two different ways.

One is:

nslookup -type=soa ox.ac.uk

And the other is:

nslookup -type=ns ox.ac.uk

Both give me this for the authoritative answer part:

Authoritative answers can be found from:

At first I thought it might be a security feature on Oxford's part that perhaps they hide their DNS address from nslookup so as to avoid attacks on those servers. But I learned that's a dumb conclusion and I tried those commands with every university that Google gave me for "university in Europe", and all of them gave me non-responses for authoritative answers. Am I entering the wrong command, is my computer messed up, or is it my ISP that is messing me up?

Full command and output here:

Sat Apr 08 23:06 user_name:/Users/user_name $nslookup -type=soa ox.ac.uk
Server:     192.168.1.254
Address:    192.168.1.254#53

Non-authoritative answer:
ox.ac.uk
    origin = nighthawk.dns.ox.ac.uk
    mail addr = hostmaster.ox.ac.uk
    serial = 2017040772
    refresh = 3600
    retry = 1800
    expire = 1209600
    minimum = 900

Authoritative answers can be found from:

Sat Apr 08 23:06 user_name:/Users/user_name $nslookup -type=NS ox.ac.uk
Server:     192.168.1.254
Address:    192.168.1.254#53

Non-authoritative answer:
ox.ac.uk    nameserver = dns2.ox.ac.uk.
ox.ac.uk    nameserver = dns1.ox.ac.uk.
ox.ac.uk    nameserver = dns0.ox.ac.uk.
ox.ac.uk    nameserver = ns2.ja.net.

Authoritative answers can be found from:

Best Answer

To get guaranteed authoritative (and up-to-date) answers from a domain with nslookup, you should query the authoritative servers directly. For example, to get the authoritative DNS name servers for the domain ox.ac.uk, in nslookup run:

> set query=ns
> ox.ac.uk

The set query=ns command tells nslookup we want to know what DNS servers are authoritative for the domain. You'll get output that includes the authoritative name servers for the ox.ac.uk domain:

ox.ac.uk    nameserver = dns2.ox.ac.uk.
ox.ac.uk    nameserver = dns1.ox.ac.uk.
ox.ac.uk    nameserver = dns0.ox.ac.uk.
ox.ac.uk    nameserver = ns2.ja.net.

Now, these results are coming from whatever DNS server your system is currently configured to use, which means these records may possibly be cached. If you really want to be sure you're getting the most current information, you need to query one of the domain's authoritative name servers directly, as follows:

In nslookup run:

> server dns2.ox.ac.uk

This tells nslookup to send subsequent DNS lookups to the specified server, which is authoritative for this domain. (Any one of the DNS servers listed in our above query should work.) Now switch from Nameserver record query mode back to "any" record mode with:

> set query=any

And issue a query for whatever record you want. In this case, we'll query the domain itself with:

> ox.ac.uk

The result includes the authoritative name servers for the domain:

Server:  dns1.ox.ac.uk
Address:  129.67.1.191

ox.ac.uk        internet address = 129.67.242.154
ox.ac.uk        internet address = 129.67.242.155
ox.ac.uk        nameserver = dns0.ox.ac.uk
ox.ac.uk        nameserver = dns1.ox.ac.uk
ox.ac.uk        nameserver = dns2.ox.ac.uk
ox.ac.uk        nameserver = ns2.ja.net

    primary name server = nighthawk.dns.ox.ac.uk
    responsible mail addr = hostmaster.ox.ac.uk
    serial  = 2017040772
    refresh = 3600 (1 hour)
    retry   = 1800 (30 mins)
    expire  = 1209600 (14 days)
    default TTL = 900 (15 mins)

The primary name server is the "Master" DNS server. This is typically where the domain's administrator will perform updates to DNS records. The remaining nameservers are "Slave" DNS servers. They're job is to simply keep a copy of the zone file provided by the Master server. Having multiple DNS servers ensures the zone is still accessible should one of the servers go down.

Any one of the listed DNS servers should be able to respond (authoritatively) to DNS queries, unless the domain administrator has configured them otherwise.

Related Solutions

Windows using the DNS suffix search list on all lookups, even valid FQDNs. How to stop this

Well, I'm no expert, but here's what I found:

This registry entry works for both Windows XP and Windows Vista

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DNSClient]
"AppendToMultiLabelName"=dword:00000000

HKLM\Software\Policies\Microsoft\Windows NT\DNSClient\AppendToMultiLabelName
Type = DWORD

Data:

0 (Do not Append Suffix)
1 (Append suffix)

If the registry entry is not present, the default in Windows XP is 1, and 0 in Windows Vista.

Note: This registry changes and its effect apply only to the ping command, they do not apply to the nslookup tool. This is because nslookup contains its own DNS resolver and does not rely on the resolver built into the operating system (DNS Client). The DNS (multi-label) query packets sent by the nslookup tool will append the domains listed in the suffix search order irrespective of the registry key settings mentioned here.

Reference: http://blogs.technet.com/networking/archive/2009/04/16/dns-client-name-resolution-behavior-in-windows-vista-vs-windows-xp.aspx

Dns – Domain name is not resolving (Can’t find: No answer)

When I query the NS records for the domain I get:

mtak@frisbee:~$ dig -t ns yantdom.com +short
ns2.verification-hold.suspended-domain.com.
ns1.verification-hold.suspended-domain.com.

It seems you have not completed the contact verification process (additional information here). I haven't seen this before, but I suggest you contact your registrar.

Best Answer

Related Solutions

Windows using the DNS suffix search list on all lookups, even valid FQDNs. How to stop this

Dns – Domain name is not resolving (Can’t find: No answer)

Related Question