SOA and Primary NS record (DNS)
The brunt of the question is this -- What is the relationship between the primary nameserver specified in the SOA
record and the nameservers specified in the NS
records. How are these things linked?
When I query most websites, I get this:
dhamma@sansa:~$ host -t SOA arth.com
arth.com has SOA record ns1.comcastbusiness.net. domreg-tech.comcastbusiness.net. 2009072715 3600 7200 604800 7200
And I expect to see ns1.comcastbusiness.net
as the primary nameserver, because when I query the NS
record for the domain I get this:
dhamma@sansa:~$ host -t NS arth.com
arth.com name server ns1.comcastbusiness.net.
arth.com name server ns2.comcastbusiness.net.
arth.com name server ns3.comcastbusiness.net.
This always led to me thinking that the SOA
records somehow auto-populated the primary NS
record? Is that even remotely true?
Because here's where I'm most confused:
dhamma@sansa:~$ host -t SOA paulwarnk.com
paulwarnk.com has SOA record a.dns.hostway.net. hostmaster.siteprotect.com. 2009012319 86400 7200 86400 99999
But I'm told, and do, use these nameservers:
dhamma@sansa:~$ host -t NS paulwarnk.com
paulwarnk.com name server adns.cs.siteprotect.com.
paulwarnk.com name server bdns.cs.siteprotect.com.
Why is this nameserver adns.cs.siteprotect.com
not listed as the primary nameserver in the SOA
record?
RFC 1035 says:
MNAME
The <domain-name> of the name server that was the original or primary source of data for this zone.
although in practise this MNAME
field in the SOA
is mostly unused these days.
However if you're using DNS dynamic updates then it must refer to the name of the DNS server which is to receive the dynamic update messages.
See also this (expired) Internet Draft which talks about the MNAME
field in detail, and how the DNS UPDATE message is the only current use for it.
Nameserver records are specified in your zone file. The SOA record indicates the primary nameserver for the zone. There is no automatic relationship between the two. Here is a good read regarding SOA records. The short answer is that the SOA record is the whole record containing the name, TTL, etc... Additionally, I'd strongly suggest picking up the O'Reilly DNS & Bind book. It's really quite useful.
Your records beyond the root servers for paulwarnk.com:
paulwarnk.com. 172800 IN NS adns.cs.siteprotect.com.
paulwarnk.com. 172800 IN NS bdns.cs.siteprotect.com.
;; Received 116 bytes from 192.55.83.30#53(M.GTLD-SERVERS.NET) in 152 ms
paulwarnk.com. 99999 IN A 69.143.69.166
paulwarnk.com. 99999 IN NS adns.cs.siteprotect.com.
paulwarnk.com. 99999 IN NS bdns.cs.siteprotect.com.
;; Received 100 bytes from 64.26.28.8#53(adns.cs.siteprotect.com) in 12 ms
Now, what this means is that, at the root servers, adns & bdns.cs.siteprotect.com are listed as the authorities for paulwarnk.com. Then, on those servers (adns & bdns) there is an A record for the root record pointing to 69.143.69.166.
I think what you're asking is why the NS records appear to be different. The answer is that the NS records were specified, likely by your registrar, to point to their servers that are authoritative for the zone. However, this output would seem to indicate a problem, as the SOA nameserver does not appear to respond to a request for your records:
; <<>> DiG 9.2.4 <<>> @a.dns.hostway.net paulwarnk.com
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 37849
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;paulwarnk.com. IN A
;; Query time: 10 msec
;; SERVER: 66.113.129.243#53(66.113.129.243)
;; WHEN: Mon Nov 16 23:03:04 2009
;; MSG SIZE rcvd: 31
edit: The AUTHORITY: 0 means that the server a.dns.hostway.net did not answer authoritatively. It seems kinda obvious when the ANSWER: 0 section is there, but it's actually important to differentiate between an authoritative answer, and a non-authoritative one. Authority, in DNS, speaks to whether or not the server you've gotten your answer from can actually be trusted to know what it's talking about.
As to why there's a server listed in the SOA, I don't know that I've ever read the reason they put it there, but that server should be the master server for the zone, hence Start of Authority, or SOA. It's not always the case, as the SOA for all 1400+ of my domains lists a primary query server in the SOA, but the actual start of authority is on a hidden master that no one can access.