![](https://seccdn.libravatar.org/avatar/1de49c59d43fa5bd3ac5a00d1538a8ce.jpg?s=120&d=mm&r=g)
"Steven T. Hatton" wrote:
<snip>
On thing I'm still not clear on. You said "If the answer is not in cache, or in its authoritative data, then the server queries the root nameservers." Does that mean my system reaches out to the highest level name server in my root domain? I had always there there was some kind of recursive process taking place by default. Now it looks as though this type of recursion must be explicitly configured. As an example, I configure my internal network to mynet.bellatlantic.net. (Bellatlantic's DNS knows nothing about my network however - but that's a special case) If I don't set a forwarders list, my DNS will jump directly to the root server for .net? This is how I am understanding things now. That makes me think the root servers are getting an unnecessarily high level of traffic. Perhaps it's just a few lightweight hackers like me who are being this reckless, and real network admins have things configured correctly.
Is this perception correct? Do I burden the root of .net every time I get a cache miss?
If a nameserver gets a recursive query, it looks into its cache for a possible answer, if found it returns it. Otherwise, it looks for a cached referral to the authoritative nameserver for the queried domain, if found, it queries it, if not found, it queries one of the root nameservers, which will return with a referral to the autoritative nameserver for the domain, that nameserver would then be queried and it will either return an answer or a referrel to another nameserver, so on. This recursion goes on till a positive or negative answer is found. Look at the following: (I have added my comments with //) floyd:~ # nslookup Default Server: ns1.nadmm.com Address: 216.112.234.66 // Start with one of the root nameservers
server a.root-servers.net Default Server: a.root-servers.net Address: 198.41.0.4
// Query for the A record of the host
floyd.nadmm.com. Server: a.root-servers.net Address: 198.41.0.4
// Root nameserver returns a referral to all the // authoritative nameservers it knows for nadmm.com. domain Name: floyd.nadmm.com Served by: - NAMESERVER.CONCENTRIC.NET 207.155.183.72 NADMM.COM - NAMESERVER3.CONCENTRIC.NET 206.173.119.72 NADMM.COM - NS.NADMM.COM 216.112.234.68 NADMM.COM - NS1.NADMM.COM 216.112.234.66 NADMM.COM // Use one of the referred nameservers
server nameserver.concentric.net Default Server: nameserver.concentric.net Address: 207.155.183.72
// Now query it for an answer
floyd.nadmm.com. Server: nameserver.concentric.net Address: 207.155.183.72
// Got a positive answer. Stop. Name: floyd.nadmm.com Address: 216.112.234.66 // Now query for a bad hostname
aa.nadmm.com. Server: nameserver.concentric.net Address: 207.155.183.72
// Got a negative answer. Stop. *** nameserver.concentric.net can't find aa.nadmm.com.: Non-existent host/domain Hope this helps you :) Cheers, -- Nadeem Hasan nhasan@nadmm.com http://www.nadmm.com/