DNS

How to check name server config

Published: Tuesday, 3 December 2013

How to check name server config

After purchasing your domain, you can host websites, subdomains, and mail. To do all these things the name server must be setup correctly.

whois

whois is a command that tells you when a domain name will expire, who owns it, and the current name servers.

$ whois example.com

Name Server: A.IANA-SERVERS.NET
Name Server: B.IANA-SERVERS.NET

Look for the name servers section. You will probably have at least 2 name servers.

dig each name server

For each of the name servers, run dig and test that the correct IPs are being returned for your domain.

$ dig example.com @A.IANA-SERVERS.NET

; <<>> DiG 9.9.3-P2 <<>> example.com @A.IANA-SERVERS.NET
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24279
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;example.com.                   IN      A

;; ANSWER SECTION:
example.com.            86400   IN      A       93.184.216.119

;; AUTHORITY SECTION:
example.com.            172800  IN      NS      b.iana-servers.net.
example.com.            172800  IN      NS      a.iana-servers.net.

;; Query time: 39 msec
;; SERVER: 199.43.132.53#53(199.43.132.53)
;; WHEN: Tue Dec 03 20:18:41 GMT 2013
;; MSG SIZE  rcvd: 104

Check that the status is NOERROR.

Check that the ANSWER section resolves your domain to the expected IP. In this case, example.com resolves to 93.184.216.119.

At the bottom of the output check that the SERVER is the IP of the nameserver.

If you do not have dig installed, you can use nslookup instead.

nslookup
> server A.IANA-SERVERS.NET
Default server: A.IANA-SERVERS.NET
Address: 199.43.132.53#53
> example.com
Server:         A.IANA-SERVERS.NET
Address:        199.43.132.53#53

Name:   example.com
Address: 93.184.216.119
> exit

dig to check your MX entries

The mail exchanger is another type of record you may to check. Add a MX after the domain argument.

$ dig gmail.com MX @ns1.google.com

; <<>> DiG 9.9.3-P2 <<>> gmail.com MX @ns1.google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62144
;; flags: qr aa rd; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 5
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;gmail.com.                     IN      MX

;; ANSWER SECTION:
gmail.com.              3600    IN      MX      10 alt1.gmail-smtp-in.l.google.com.
gmail.com.              3600    IN      MX      5 gmail-smtp-in.l.google.com.
gmail.com.              3600    IN      MX      30 alt3.gmail-smtp-in.l.google.com.
gmail.com.              3600    IN      MX      40 alt4.gmail-smtp-in.l.google.com.
gmail.com.              3600    IN      MX      20 alt2.gmail-smtp-in.l.google.com.

;; ADDITIONAL SECTION:
alt1.gmail-smtp-in.l.google.com. 300 IN A       173.194.70.27
gmail-smtp-in.l.google.com. 300 IN      A       173.194.67.27
alt3.gmail-smtp-in.l.google.com. 300 IN A       173.194.71.27
alt4.gmail-smtp-in.l.google.com. 300 IN A       173.194.79.27
alt2.gmail-smtp-in.l.google.com. 300 IN A       173.194.69.27

;; Query time: 57 msec
;; SERVER: 216.239.32.10#53(216.239.32.10)
;; WHEN: Tue Dec 03 20:22:52 GMT 2013
;; MSG SIZE  rcvd: 230