Mismatched NS records at DNS server

问题

I have some problems with DNS nameserver configuration and DNS NS records being inconsistent.

For example the domain name zzpeter.nl:
It's nameservers when doing a whois zzpeter.nl are dns1.movenext.nl and dns2.movenext.net.
But when doing a dig ns zzpeter.nl it returns ns1.undeveloped.com and ns2.undeveloped.com.

You can really see what's happening when doing a dig +trace ns zzpeter.nl:

; <<>> DiG 9.8.3-P1 <<>> +trace ns zzpeter.nl
;; global options: +cmd
.           9078    IN  NS  e.root-servers.net.
.           9078    IN  NS  g.root-servers.net.
.           9078    IN  NS  d.root-servers.net.
.           9078    IN  NS  m.root-servers.net.
.           9078    IN  NS  k.root-servers.net.
.           9078    IN  NS  j.root-servers.net.
.           9078    IN  NS  c.root-servers.net.
.           9078    IN  NS  l.root-servers.net.
.           9078    IN  NS  b.root-servers.net.
.           9078    IN  NS  f.root-servers.net.
.           9078    IN  NS  i.root-servers.net.
.           9078    IN  NS  a.root-servers.net.
.           9078    IN  NS  h.root-servers.net.
;; Received 228 bytes from 8.8.8.8#53(8.8.8.8) in 10 ms

nl.         172800  IN  NS  ns5.dns.nl.
nl.         172800  IN  NS  ns-nl.nic.fr.
nl.         172800  IN  NS  nl1.dnsnode.net.
nl.         172800  IN  NS  sns-pb.isc.org.
nl.         172800  IN  NS  ns4.dns.nl.
nl.         172800  IN  NS  ns2.dns.nl.
nl.         172800  IN  NS  ns3.dns.nl.
nl.         172800  IN  NS  ns1.dns.nl.
;; Received 485 bytes from 192.36.148.17#53(192.36.148.17) in 17 ms

zzpeter.nl.     7200    IN  NS  dns1.movenext.nl.
zzpeter.nl.     7200    IN  NS  dns2.movenext.net.
;; Received 103 bytes from 193.176.144.5#53(193.176.144.5) in 5 ms

zzpeter.nl.     3600    IN  NS  ns1.undeveloped.com.
zzpeter.nl.     3600    IN  NS  ns2.undeveloped.com.
;; Received 79 bytes from 80.247.175.10#53(80.247.175.10) in 2 ms

I can get the configured nameservers from a dig trace call and process them as a human, but is there also a way to retrieve the nameservers configured at the registrar in a way that I can process programmatically?

dig ns zzpeter.nl, nslookup -type=ns zzpeter.nl and host -t ns zzpeter.nl all return the incorrect undeveloped.com nameservers...

回答1:

What the registrar/registry keeps in its databases is outside DNS and there is no standard way to get at it. But what you're thinking of is not really that, but the name servers configured in the parent zone. Those you can simply get by asking the parent zone's name servers. This is exactly what happens in the dig +trace output's penultimate step.

Finding the parent zone for an arbitrary domain name is less straightforward than one may first think. If you don't mind Perl, you can find code that picks out parent- and child-side name servers in the Zonemaster modules. You can get those from CPAN or Github. Or you can just use it something like this:

perl -MZonemaster -E 'say for @{Zonemaster->zone("zzpeter.nl")->glue}'

来源：https://stackoverflow.com/questions/31940395/mismatched-ns-records-at-dns-server

标签

dns

nameservers