-1

Here's a situation I'm facing: I'm the default system/network administrator for a small business ("default" because I'm really a software engineer but there's nobody else to do it). I have some understanding of how DNS works but not in great detail.

The business has one Internet-facing computer with a static IP address, connected to the ISP with a DSL modem. The management recently decided to replace the DSL service with a faster and cheaper one, but the ISP said it would have to be at a different IP address. They've installed the service, but it hasn't been connected because we're unsure how to change things so that our domain name will map to the new IP address. (The plan is to use the same computer and switch the cable, not to set up a second computer.) Right now the ISP and domain name registrar are each telling us we need to contact the other one to get this changed. I feel that I need to know some more about how this works in order to talk with them more intelligently.

The output of dig +trace ourdomain.com is

.                           477027  IN      NS      l.root-servers.net.
.                           477027  IN      NS      b.root-servers.net.
[and so on]
.                           477027  IN      NS      e.root-servers.net.
;; Received 228 bytes from 206.13.29.12#53(206.13.29.12) in 51 ms

com.                        172800  IN      NS      d.gtld-servers.net.
com.                        172800  IN      NS      j.gtld-servers.net.
[and so on]
com.                        172800  IN      NS      h.gtld-servers.net.
;; Received 488 bytes from 199.7.91.13#53(d.root-servers.net) in 60 ms

ourdomain.com.              172800  IN      NS      ns1.the-isp.net.
ourdomain.com.              172800  IN      NS      our-server.ourdomain.com.
;; Received 108 bytes from 192.5.6.30#53(a.gtld-servers.net) in 113 ms

ourdomain.com.              43200   IN      SOA     our-server.ourdomain.com. hostmaster.ourdomain.com. 1999122802 3600 900 1209600 43200
;; Received 84 bytes from xxx.xx.xx.xx#53(ns1.the-isp.net) in 59 ms

If I try dig +trace our-server.ourdomain.com, the last section looks like:

our-server.ourdomain.com.   43200   IN      A       xx.xxx.xxx.xxx [our current IP address]
ourdomain.com.              43200   IN      NS      our-server.ourdomain.com.
;; Received 117 bytes from xxx.xx.xx.xx#53(ns1.the-isp.net) in 61 ms

So from the looks of things, there are two NS records on the GTLD server that tell DNS what to do with ourdomain.com. One says to query the name server at ns1.the-isp.net, and another says to query the name server at our-server.ourdomain.com. Is my understanding correct?

Given that there are two, how would a DNS lookup know which one to try? Is the order significant?

If the NS record really says ns1.the-isp.net in it, and DNS wants to query the name server on that system, how does it translate ns1.the-isp.net to an IP address? Does it have to do another DNS lookup? Where does it stop? I'm guessing the info may or may not be cached--is that how it works?

If a DNS lookup is trying to look up ourdomain.com, and one of the NS records it gets back from the GTLD server is our-server.ourdomain.com, is this useful at all? If it doesn't know where ourdomain.com is, it seems to me that there is no way to know where our-server.ourdomain.com would be either. I assume DNS is smart enough to skip that one--is my understanding correct?

A support person for The-ISP saw the same two NS records and said, "ns1.the-isp.net is secondary for their domain. So all updates should happened on the primary dns our-server.ourdomain.com (customer manages). Once master our-server.ourdomain.com gets updated, ns1.the-isp.net will be able to pull the change." What do "primary" and "secondary" mean in this context?

It sounds like the support person was saying that once we reconfigure our server with the new IP address, ns1.the-isp.net would eventually find out about the change and update its records. Is this possible? It would seem that once the server is reconfigured with the new IP address and the cable is switched to the new modem, ns1.the-isp.net would no longer be able to communicate with the computer using the old IP address, and it wouldn't be able to communicate using the new IP address since that address hasn't yet found its way into the server's tables--it seems like a chicken-and-egg problem. Is my understanding correct here? If so, how should the IP address change take place?

Sorry for the length of this, but I'd really like to know how everything is supposed to work.

ajb
  • 155

2 Answers2

0

What do "primary" and "secondary" mean in this context?

"Primary" means the DNS server on which changes to the records are made. In this case, that is your server.

"Secondary" means a DNS server that pulls records from the primary and distributes them to the world. In this case, that's your ISP's server.

The rest of your question asks us how your server works. There's no way we could know, since you've told us nothing about it.

my question is about what path a DNS lookup, performed on some other system, would take in order to find the IP address of our server, before it can even query our server.

It's querying your server now, so there's no chicken and egg problem.

David Schwartz
  • 62,365
0

starting point of dns look-up for you domain is dns servers at your registrar. so first of all you must update your name-server details at your registrar. now if you are using a child name-server or a glue record you have to update your new ip at your registrars dns. if you are using third party name server you must update your new ip at the third party dns server.

as i understand in you case you might be using a combination of both of them. a setup in which the registrar name server will point at two ore more name servers for name resolution. one of them is the master and the others be slave fetching records from the master.

in any case updating the records at the master node is enough, which i guess is at your subdomain

note:-keep in mind it may take few minutes to few hours for your dns changes to propagate throughout the globe

pratyush
  • 1