As of this writing, the current authoritative list, from here:
https://www.iana.org/domains/root/servers
is:
| a.root-servers.net |
198.41.0.4 |
2001:503:ba3e::2:30 |
VeriSign, Inc. |
| b.root-servers.net |
192.228.79.201 |
2001:500:84::b |
University of Southern California (ISI) |
| c.root-servers.net |
192.33.4.12 |
2001:500:2::c |
Cogent Communications |
| d.root-servers.net |
199.7.91.13 |
2001:500:2d::d |
University of Maryland |
| e.root-servers.net |
192.203.230.10 |
2001:500:a8::e |
NASA (Ames Research Center) |
| f.root-servers.net |
192.5.5.241 |
2001:500:2f::f |
Internet Systems Consortium, Inc. |
| g.root-servers.net |
192.112.36.4 |
2001:500:12::d0d |
US Department of Defense (NIC) |
| h.root-servers.net |
198.97.190.53 |
2001:500:1::53 |
US Army (Research Lab) |
| i.root-servers.net |
192.36.148.17 |
2001:7fe::53 |
Netnod |
| j.root-servers.net |
192.58.128.30 |
2001:503:c27::2:30 |
VeriSign, Inc. |
| k.root-servers.net |
193.0.14.129 |
2001:7fd::1 |
RIPE NCC |
| l.root-servers.net |
199.7.83.42 |
2001:500:9f::42 |
ICANN |
| m.root-servers.net |
202.12.27.33 |
2001:dc3::35 |
WIDE Project |
Increasingly, nslookup is not installed by default in major Linux distros. On Arch-based and Debian-based distros, it’s in package dnsutils,
By default, Cox will DHCP to your systems some DNS servers which behave like OpenDNS, i.e., if there is a DNS name miss, the servers will show a hit which is a Cox search page. This can confuse a lot of things. Cox has provided a way around this:
http://www.cox.com/residential/support/internet/article.cox?articleId=e14ee070-6448-11df-ccef-000000000000
for residential at least, it uses these two IPs as static DNS:
68.105.28.13
68.105.29.13
and these do appear to be noticeably faster!
To pull up a list of all DNS records for a single hostname:
dig +nocmd yourdomain.com any +multiline +noall +answer
SPF records are DNS entries for entire domains, which do a whole lot to prevent spam. They are required on the sender side, these days, for email to be successfully received by many carriers small and large, including Yahoo and Embarq and many others. For lots of general information:
http://www.openspf.org
For more details and syntax:
http://www.openspf.org/SPF_Record_Syntax
In Server 2008, the default protocol is IPv6. It is not recommended to disable it in any way.
Default DNS, internal and LAN-wide, is therefore also IPv6. All you really need is an AAAA record for the forward lookup. But in many cases reverse lookup will have been skipped at server setup, and in such a case, it can get confusing to try to set up reverse DNS. Reverse DNS is definitely recommended, it will smoothen out the LAN in general.
It has been very difficult to find any instructions to set up reverse IPv6 DNS on Server 2008. Howsomever, here is one.
http://www.thirdtier.net/2009/08/adding-ipv6-to-dns/
This one comes from the excellent David Childers.
When you start up nslookup in a command prompt, there’s a way to get some very good additional information.
C:\Documents and Settings\davidc>nslookup -d2
------------
SendRequest(), len 41
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: query, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
3.1.16.172.in-addr.arpa, type = PTR, class = IN
------------
------------
Got answer (78 bytes):
HEADER:
opcode = QUERY, id = 1, rcode = NOERROR
header flags: response, auth. answer, want recursion, recursion avail.
questions = 1, answers = 1, authority records = 0, additional = 0
QUESTIONS:
3.1.16.172.in-addr.arpa, type = PTR, class = IN
ANSWERS:
-> 3.1.16.172.in-addr.arpa
type = PTR, class = IN, dlen = 25
name = ***-***.********.local
ttl = 1200 (20 mins)
------------
Default Server: ***-***.********.local
Address: 172.16.1.3
--------------------------------------------
As you can see, by using the command nslookup -d2, the entirety of the conversation that nslookup is having with the DNS server is displayed.
If you believe that nslookup has locked up or died, you will be able to see the timeouts occurring as it waits for response from the DNS server.
I hope that helps!
:-)
