About
A nameserver is a server (host) where a name service (generally DNS) program is running generally on port 53.
Server
Zone
A name server is organized in namespace information unit called ZONEs that manages DNS information for an apex domain.
Authoritative
A nameserver may be an AUTHORITY for one or more zones.
The authoritative nameserver for a zone (normally for your domain) are designed by the NS record that you can query
For instance:
- with nslookup
nslookup -type=NS example.com
- with dig
dig -t ns DOMAIN
Configuration: zone
If you run a nameserver for a zone, the configuration file are known as zone file
These files are managed by the primary nameservers (also called master/main nameservers) and sent to the secondary nameservers (also called slave nameservers)
Type
There are four primary nameserver configuration types:
- primary — Stores original and authoritative zone records for a certain namespace, answering questions from other nameservers and searching for answers concerning that namespace.
- secondary — Can answer queries from other nameservers concerning namespaces for which it is considered an authority.
- Caching-only — Offers name to IP resolution services but is not authoritative for any zones. This type of server is also known as a resolver because it executes recursive queries.
- Forwarding — Forwards requests to a specific list of nameservers to be resolved. These servers do not resolve the query but forward it to another resolving server.
A nameserver may be one or more of these types.
For example, a nameserver can be:
- a primary for some zones,
- a secondary for others,
- and only offer forwarding resolution.
Primary / Secondary
Any nameserver can be a primary and secondary nameserver for different zones at the same time, and they may also be considered authoritative for multiple zones. It all depends on the nameserver's particular configuration.
Set
You set:
- your authoritative nameserver for your domain by updating the NS record to de
- the DNS server used by a application by updating the resolver config
Update
Before updating your DNS server when you want to move one's domain from one registrar to another., you can check that the DNS server have a good configuration.
This is called an undelegated domain test (ie when this is not your actual public/published DNS).
For example, if you want to move your zone example.com from the nameserver “ns.example.com” to the nameserver “ns.example.org”.
Check
The https://zonemaster.fr/ of AFNIC can check the configuration of the primary and secondary DNS server:
- actual
- or before switching to them (option)
Public list
The database public-dns.info contains public DNS Servers that are reachable by IPv4 or IPv6. (Around 6000 Nameservers from 150 countries)
Server Software
- Bind
- https://github.com/coredns/coredns (Go used in Kubernetes)