Domain registrars & DNS servers

coolatt · November 4, 2015, 1:24pm

I have read many tutorials on bind and i understand the A,MX, CNAME records.

Internally, on a LAN we can install bind and create all these records and we can tell all PC and servers to use this bind as DNS server.that's fine.

On the Internet, when we have purchased a valid domain like somedomain.com, from a domain registrar, we are given the choice on which name servers we want the domain to be hosted.

am a bit confused here about this process.what's the name of the server that says for domain somedomain.com use these nameservers. ?

if this would not be the case, then anyone could just install bind on a public server and put whatever records they want for the domain somedomain.com

please clarify this for me.

cjcox · November 4, 2015, 3:33pm

Think of nameservers as something different (but not necessarily) from your domain.

It's the DNS that holds the zone data for your somedomain.com. To make that official as far as the Internet goes that's why they are asking where your records go... that is what nameservers house the records.

Anymore unless the company is sizable, I chose to use a world wide redundant DNS service (multiple DNS servers with redundance) to house records for a domain (e.g. DNSMadeEasy for example). But as I alluded to earlier you can certainly host your own DNS server(s) (they like for you to have more than one if possible).

When DNS queries are made, ulimately thigns work from the root server down to the tld's etc... and along those paths, your case .com knows who (what DNS servers) stands authoritative for somedomain.com.

With that said, you or anyone else can choose to point to a DNS that "says" it stands authoritative for records for whoever (somedomain.com, mil.gov, etc)... if if that is your DNS that your pointing to you'll get back whatever name to IP (etc) that you have defined there.

Hope that wasn't too confusing.

Maybe another example. The Whitepages is a phone book. I could print my own phone book and change anyone's phone number I want. But this doesn't work at large because chances are people are using the official whitepages and not my hacked up copy.

coolatt · November 7, 2015, 11:13pm

cjcox:

Think of nameservers as something different (but not necessarily) from your domain.

It's the DNS that holds the zone data for your somedomain.com. To make that official as far as the Internet goes that's why they are asking where your records go... that is what nameservers house the records.

Anymore unless the company is sizable, I chose to use a world wide redundant DNS service (multiple DNS servers with redundance) to house records for a domain (e.g. DNSMadeEasy for example). But as I alluded to earlier you can certainly host your own DNS server(s) (they like for you to have more than one if possible).

When DNS queries are made, ulimately thigns work from the root server down to the tld's etc... and along those paths, your case .com knows who (what DNS servers) stands authoritative for somedomain.com.

With that said, you or anyone else can choose to point to a DNS that "says" it stands authoritative for records for whoever (somedomain.com, mil.gov, etc)... if if that is your DNS that your pointing to you'll get back whatever name to IP (etc) that you have defined there.

Hope that wasn't too confusing.

Maybe another example. The Whitepages is a phone book. I could print my own phone book and change anyone's phone number I want. But this doesn't work at large because chances are people are using the official whitepages and not my hacked up copy.

Hello,
this still looks confusing to me.

you mean to say the domain registrar will put the somedomain.com in the rootservers , so then it becomes official ?

i was thinking about the whois server.

does it play a role in making the domain official ?

am trying to visualize another thing:
for example, if we query the A records of a domain , the query would also do a whois to find what are the official nameservers. the whois records would then be updated by the domain registrar.

please let me have your views. thanks.

cjcox · November 8, 2015, 12:31am

The act of domain registration and authoritative holder of DNS for that domain are separate things. When you have registered a domain normally some DNS is given authority or some means by which you can set the initial DNS to use it given to you.

Whois info can vary. Sometimes whois info is good, sometimes not so good, and of course, you may have to query different sources of register info...

In short, you can have a registered domain without anything on the Internet at all, and no DNS at all. (perhaps not too useful, but you may be planning something or just wanting to make sure you own the domain name)

Likewise you could operate a DNS that doesn't stand authoritative for any "zone" (including zones of a registered domain).

Generally speaking, most will obtain a registered domain and setup the intial DNS servers that will stand authoritative for DNS records of that domain.

whois is a "way" to query the databases of record for info about registered domains. However, because it contains "owner" info (names, addresses and such). Some believe that whois will eventually get shut down or changed so as to protect that data. We'll see.

When you query DNS A records, only DNS is used, whois is never involved. Again, the data in whois (multiple registrars) varies greatly.... can be hard to parse. And sometimes is woefully inaccurate, though I know the US whois servers are really trying to ensure their data stays accurate.

Again, think of DNS as a telephone book. Instead of name to phone number, it's name to IP address (A records).

Going the reverse is interesting too. When you go from IP to get the name (PTR records) the owner of those zones of authority have to do with the network (net block) and thus you may or may not have much control unless the net block owner of the DNS zone info delegates the serving of your network space to your DNS (for example).

In other words, when you own a domain, and setup DNS servres for the domain, we're talking about the A, MX, CNAMES, SRV etc... but *not* the PTR records (in-addr.arpa or ip6.arpa). So if you want to make changes for all you'll also need to work with your ISP or network provider... especially true if you don't actually "own" the IPs but have been given a set to use from your ISP (thus owned by your provider and not you).

Ok, I probably just given you more to think about... which may only add to your confusion.

Practice on unix.com. Do whois, do dns lookups. Do a whois on the IP returned for unix.com. There you'll see who owns the net block.

If you own your IPs (remember we're pretty much out of IPv4 blocks), then you can move them pretty easy from provider to provider. Which gives you a bit more flexibility. However, if the IP isn't as important as your registered name and you don't need the flexibility then you'll get something carved our of the netblock your ISP gives to you.

I can give you some examples, using talkfusion:
Whois-RWS

Those are the IPs they own.

Whois-RWS

These are IPs they also use, but come from their provider (datacenter), not really "owned" by them.

I don't know why I'm rambling on.. hopefully more help than harm... I'll post.. and go away...

coolatt · November 9, 2015, 1:12pm

hello,

i like your writings.they are nice.

i understand what you wrote. i got this from noip's website

Authoritative DNS Servers vs. Recursive DNS Servers | No-IP Blog - Managed DNS Services

this is close to what i was searching for, the keyword is "authoritative" which you mentioned in your answer.

thanks

cjcox · November 9, 2015, 1:19pm

Yes... in the early days folk's DNS servers were almost always recursive which meant you could use them as your general purpose DNS. But obviously, that could cause problems so usually your server will just server up the zone data for which you are authoriatative for (unless configured to operate recursively based on some rule...e.g. what network you're currently on).

Enjoy!

(next adventure Punycode and IDN!!)