Querying Like a Name Server
You can make nslookup send out the same query message a name server would. Name server query messages are not much different from resolver messages. The primary difference in the query messages is that resolvers request recursion and name servers seldom do. Recursion is the default with nslookup, so you have to explicitly turn it off. The difference in operation between a resolver and a name server is that the resolver implements the search list and the name server doesn’t. By default, nslookup implements the search list, so that, too, has to be turned off. Of course, judicious use of the trailing dot will have the same effect.
In nslookup terms, this means that to query like a resolver, you use nslookup’s default settings. To query like a name server, use set norecurse and set nosearch. On the command line, that’s nslookup -norecurse -nosearch.
When a name server gets a query, it looks for the answer in its cache. If it doesn’t have the answer and it is authoritative for the zone, the name server responds that the name doesn’t exist or that there is no data for that type. If the name server doesn’t have the answer and it is not authoritative for the zone, it starts walking up the namespace looking for NS records. There will always be NS records somewhere higher in the domain tree. As a last resort, it will use the NS records at the root domain, the highest level.
If the name server received a nonrecursive query, it would respond to the querier by giving ...
Get DNS on Windows Server 2003, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
