Primary Name Server | : ns1.abc.com.my |
IP Address | : 1.2.3.4 |
Secondary Name Server | : ns2.abc.com.my |
IP Address | : 5.6.7.8 |
abc.com.my. | IN SOA ns1.abc.com.my. |
abc.com.my. | IN NS ns1.abc.com.my. |
abc.com.my. | IN NS ns2.abc.com.my. |
ns1.abc.com.my. | IN A 1.2.3.4 |
ns2.abc.com.my. | IN A 5.6.7.8 |
SOA Record | : | The first entry in each of the DNS database files (zone files) is the SOA (start of authority) resource record. The SOA record indicates that this name server is the best source of information for the data within this domain. This means that if your primary name server is authoritative for the domain, it is because of the SOA record. |
NS Records | : | The next entries added to a zone file are called NS (name server) resource records. Two NS records indicate that there are two name servers for the domain. |
A Records | : | The A (address) resource records map names to addresses within this domain. |
PTR Record | : | PTR records map IP addresses to domain names (reverse of A records). PTR record is the IP address written in backward order with “in-addr.arpa.” appended to the end. As an example, looking up the domain name for IP address “1.2.3.4” is done through a query for the PTR record for “4.3.2.1.in-addr.arpa.” |
The example below will illustrate on how to check the name server configuration using nslookup.
The name servers listed in the application for domain name abc.com.my:
Primary Name Server | : ns1.abc.com.my |
IP Address | : 1.2.3.4 |
Secondary Name Server | : ns2.abc.com.my |
IP Address | : 5.6.7.8 |
- The name server contains current data in files for the zone in question. Data must be current for secondaries, as defined in the SOA
- The name server is told that it is authoritative for the zone
- The name server does an error-free load of the zone
Address: 1.2.3.4abc.com.my
origin = ns1.abc.com.my <== SOA Record
mail addr = hostmaster.abc.com.my
serial = 2001062103
refresh = 28800 (8H)
retry = 7200 (2H)
expire = 604800 (1W)
minimum ttl = 3600 (1H)
abc.com.my internet address = 7.8.9.1
abc.com.my preference = 10, mail exchanger = mail.abc.com.my
abc.com.my nameserver = ns1.abc.com.my <== NS Record
abc.com.my nameserver = ns2.abc.com.my <== NS Record
ns1.abc.com.my internet address = 1.2.3.4 <== A Record
ns2.abc.com.my internet address = 5.6.7.8 <== A Record
Address: 5.6.7.8Non-authoritative answer: <== ERROR
abc.com.my nameserver = ns1.abc.com.my
abc.com.my nameserver = ns2.abc.com.my
Authoritative answers can be found from:
abc.com.my nameserver = ns1.abc.com.my
abc.com.my nameserver = ns2.abc.com.my
ns1.abc.com.my internet address = 1.2.3.4
ns2.abc.com.my internet address = 5.6.7.8
If the lookup request was not successful, an error message is printed. Below are possible common errors from the name server that might cause to the interruption in accessing the domain name (i.e website, e-mail, etc).
Thus, Registrant is required to seek assistance from Technical Contact to resolve the problem.
ERROR | DESCRIPTION |
Timed out | The server did not respond to a request after a certain amount of time (changed with set timeout=value) and a certain number of retries (changed with set retry=value). |
No response from server |
|
No records | The server does not have resource records of the current query type for the host, although the host name is valid. The query type is specified with the set query type command. |
Non-existent host/domain |
|
Connection refused Network is unreachable |
The connection to the name or finger server could not be made at the current time. |
Server failure | The name server found an internal inconsistency in its database and could not return a valid answer. |
Query Refused | The name server refused to service the request. This one has two possible causes:-
|
Common Configuration Error | Effect |
One or more name servers, registered as being authoritative for the zones, did not contain authoritative data (lame delegations) | Lame delegations are very common on the Internet and cause unnecessary traffic for DNS queries, slow down the lookup of zone data, and may cause lookup failures for zone data. This can cause potentially serious for web visitors and for delivery of mail; If only one of the servers to which the zone is delegated actually has authoritative data for the zone, then if that server should unavailable, the zone is effectively not locatable from the net. It doesn’t matter if there are other servers that have authoritative data for the zone, because they are not listed in the delegation. |
Delegation data and zone data do not match | This can be source of lame delegations, and otherwise can cause similar problems as lame delegations. |
None of the authoritative name server answered | It was not possible to get information about the zone from any of the servers that were listed as being authoritative for the zone, causing web site lookup failures when name servers try to look up data for the zone. As with the lame delegations, it doesn’t matter if other name servers are configured with authoritative data for the zone and are up and running, because they are not listed in the delegation. This domain is effectively cut off from the net. |
PTR record is missing for an A (IP address) record | If a PTR record is missing for a host, a client running on that host may have problems getting access to some services on the internet (FTP for example). In general though, there should be exactly one PTR record per IP address in use, not necessarily one for every A record. |
Two authoritative name servers have the same IP address | Both primary and secondary name servers are run on the same physical machine, which can provide false security since data from both servers will become inaccessible if the machine crashes. |
There is only one NS record in the zone data | This can disrupt service if the server listed in the zone data becomes inaccessible. |
- Name server X is delegated as authoritative for a domain.
- Name server X is not performing nameservice for that domain.
abc.com.my. | IN SOA ns1.abc.com.my. |
abc.com.my. | IN NS ns1.abc.com.my. |
abc.com.my. | IN NS ns2.abc.com.my. |
ns1.abc.com.my. | IN A 1.2.3.4 |
ns2.abc.com.my. | IN A 5.6.7.8 |
- DNS & BIND 3rd Edition by Paul Albitz & Cricket Liu, O’Reilly & Associates Inc.
- The DNS Resources Directory,
http://www.faqs.org/rfcs/rfc1591.html - RFC1591 Domain Name System Structure and Delegation,
http://www.faqs.org/rfcs/rfc1591.html - RFC1033 Domain Administrators Operations Guide,
http://www.faqs.org/rfcs/rfc1033.html - RFC1034 Domain Names – Concepts And Facilities,
http://www.faqs.org/rfcs/rfc1034.html - RFC1035 Domain Names – Implementation And Specification,
http://www.faqs.org/rfcs/rfc1035.html - RFC1912 Common DNS Operational and Configuration Errors,
http://www.faqs.org/rfcs/rfc1912.html - RFC2181 Clarifications to the DNS Specification,
http://www.faqs.org/rfcs/2181.html - Ask Mr. DNS at Acme Byte & Wire,
http://www.acmebw.com/askmrdns/ - ISC BIND,
http://www.isc.org/products/BIND/ - Men & Mice Domain Health Survey,
http://www.menandmice.com/dnsplace/healthsurvey.html