To test reverse ip lookup: host will show the output of reverse dns.

suse dns not updating-82suse dns not updating-33suse dns not updating-84

In most cases you will see connection failed or REFUSED which means zone transfer is not allowed and its a good thing. The whole purpose of DNS is for nameservers to be spread over different geographical locations so that if one dns fails the other would work.

Placing CNAME along with NS the all of namservers will fail and will result in lame delegation. Although it is very common practice to run both nameservers on same server or subnet, it would not provide fault tolerance.

The A record is so important in DNS without which the meaning of mapping hostnames to IP would be absurd. Every domain must have atleast 2 nameservers and if i ask each of them, and if they have domain zone information, I will get authoritative answer. So ns1 will answer authoritatively wheras ns2 won't which will be 'lame' until it is set up properly.

To get more in depth understanding, let's use dig tool for First we find the nameservers of example.com: dig NS 2.

If you happen to run bind8 or later, all you have to do is set 'recursion no' within options to disable dns server answering recursive queries.

Zone transfers are done by secondary nameservers to retrieve latest and updated zone information for domain from master or primary nameserver.

You can use dig command to lookup NS records at root server level.

dig trace @K.NS and to ask one of the nameservers of the domain.

It means anyone can query your server for IP address and your dns server will answer them.

To illustrate this, we have two nameservers running bind for domain

If the nameserver missing at domain level, add the nameserver to the zone file of the domain and update all your secondary nameservers.