Verifying DNS with Name Server Lookup

The AS/400 Name Server Lookup (nslookup) queries a name server through a "green screen" interactive mode. In this section, we use nslookup to query the parent server AS1 and the child server OTHERHOST to verify these name servers are answering the queries and giving the responses we expect.

To enter the nslookup interactive mode, enter the following command on the AS1 command line:

call pgm(qdns/qtoblkup)

The result of this command is shown in Figure 104:

Figure 104. Entering Nslookup Interactive Mode

Figure 104 shows nslookup displaying the default server of AS1, which indicates that the server that nslookup queries by default is the AS1 name server.

The default type of query that nslookup uses is an A record query (that is, have the host name need an IP address). We can query for the IP address of the host NTserver1. By entering NTserver1 on the command line, we are querying AS1 name server’s A record for NTserver1. Nslookup also adds a default domain name to the NTserver1 host name that we entered. The default domain name is

mycompany.com, which is correct for the host NTserver1. The result is shown in

Figure 105. You can see that name server AS1 supplied nslookup with NTserver1’s IP address of 10.5.69.205.

Press ENTER to end terminal session. Default Server: as1.mycompany.com

Address: 10.5.69.222 > ===> F3=Exit F4=End of File F6=Print F9=Retrieve F17=Top F18=Bottom F19=Left F20=Right F21=User Window

Figure 105. Result of Nslookup Query for ntserver1

Next let’s query AS1 for an A record that the child server OTHERHOST is authoritative for, OTHERPRINTER. To do this, we enter OTHERPRINTER on the command line.

Whoops.... nslookup caught us using the incorrect domain name for OTHERPRINTER. The result we get is "No A records found". This is because the query was made

for OTHERPRINTER.mycompany.com, which is not correct. Next we enter the correct

query: otherprinter.OTHERDOMAIN.mycompany.com and get the answer we expected: 10.1.1.9. Both queries and their results are shown in Figure 106. The AS1 name server responds with OTHERPRINTER’s IP address of 10.1.1.9. But AS1 is not authoritative for OTHERPRINTER’s domain. How did AS1 know the answer? AS1 queried the child server OTHERHOST for OTHERPRINTER’s IP address to respond to nslookup’s query. AS1 cached the answer. The next time AS1 is queried for the IP address of OTHERPRINTER, it will get the answer from its cache (assuming the cache has not timed out or the name server has not been stopped and started on AS1) and does not bother OTHERHOST.

> Press ENTER to end terminal session. Default Server: as1.mycompany.com Address: 10.5.69.222 > > ntserver1 Server: as1.mycompany.com Address: 10.5.69.222 Name: ntserver1.mycompany.com Address: 10.5.69.205 > ===> > > otherprinter Server: as1.mycompany.com Address: 10.5.69.222 *** No address (A) records available for otherprinter > > otherprinter.otherdomain.mycompany.com Server: as1.mycompany.com Address: 10.5.69.222 Name: otherprinter.otherdomain.mycompany.com Address: 10.1.1.9 > ===> F3=Exit F4=End of File F6=Print F9=Retrieve F17=Top F18=Bottom F19=Left F20=Right F21=User Window

To submit a reverse mapping query, which is to supply the IP address and ask the name server to respond with the host name, we need to change to a query type of PTR within nslookup. First, we issue the nslookup command:

set type=ptr

Second, we issue the command 10.5.69.221 to query the AS1 name server for 10.5.69.221’s host name. The result is shown in Figure 107.

Let’s explain, line-by-line, what nslookup is displaying on the window:

• > 10.5.69.221 - This is our query. What is to the right of the > symbol is what the user typed.

• Server: as1.mycompany.com - This is the name server that nslookup queried. • Address: 10.5.69.222 - This is the IP address of the name server.

• 221.69.5.10.in-addr.arpa name = as5.mycompany.com - This is the answer to our query answer. nslookup lists the absolute in-addr.arpa domain name of AS5, along with the fully qualified host name of AS5.mycompany.com. • 69.5.10.in-addr.arpa nameserver=as1.mycompany.com - This is the name of

the primary domain file that the answer was located in. This line also contains the name of the name server authoritative for the primary domain file.

• as1.mycompany.com internet address=10.5.69.222. - This is the fully-qualified name and IP address of the name server authoritative for the domain file the answer was located in.

Figure 107. Nslookup Reverse Lookup Query for 10.5.59.221

Let’s now use nslookup to query the AS1 name server for a reverse lookup for an IP address that the child name server OTHERHOST is authoritative for. Remember the primary domain file of 1.1.10.in-addr.arpa resides on the child server

OTHERHOST. This time, AS1 gives a non-authoritative answer along with where you

can find the authoritative answer. See Figure 108.

> > set type=ptr > > 10.5.69.221 Server: as1.mycompany.com Address: 10.5.69.222 221.69.5.10.in-addr.arpa name = as5.mycompany.com 69.5.10.in-addr.arpa nameserver = as1.mycompany.com as1.mycompany.com internet address = 10.5.69.222 > ===> F3=Exit F4=End of File F6=Print F9=Retrieve F17=Top F18=Bottom F19=Left F20=Right F21=User Window

Figure 108. Using Nslookup to Query AS1 for 10.1.1.7 Host Name

What does it mean to get a non-authoritative answer? It means that at some time earlier, the AS1 name server got the reverse mapping information for 10.1.1.7 from the child server OTHERHOST and cached it. When we just now used nslookup to query for 10.1.1.7, the AS1 name server supplied us with the answer from its cache. Note that AS1 tells us where to find the authoritative answer, which is the child server, OTHERHOST.

So let’s query the child server OTHERHOST for an authoritative answer for the reverse lookup of 10.1.1.7. We can do this right from the AS1’s session, but we need to tell Nslookup that we want to switch name servers. We switch to querying

OTHERHOST by issuing the command:

server otherhost.otherdomain.mycompany.com.

Set the query type to PTR by entering the command:

set type=ptr

Then, enter the command: 10.1.1.7

The results of all three commands are shown in Figure 109.

> > 10.1.1.7 Server: as1.mycompany.com Address: 10.5.69.222 Non-authoritative answer: 7.1.1.10.in-addr.arpa name = otherserver.otherdomain.mycompany.com Authoritative answers can be found from: 1.1.10.in-addr.arpa nameserver = otherhost.otherdomain.mycompany.com otherhost.otherdomain.mycompany.com internet address = 10.1.1.2 > ===> F3=Exit F4=End of File F6=Print F9=Retrieve F17=Top F18=Bottom F19=Left F20=Right F21=User Window

Figure 109. Querying OTHERHOST Using Nslookup on AS1

This time nslookup has an authoritative answer:

name = otherserver.otherdomain.mycompany.com.

This is the answer we are looking for. The 10.1.1.7 IP address belongs to

OTHERSERVER. The answer came from the primary domain file of 1.1.10.in-addr.arpa

that resides on the child server OTHERHOST.OTHERDOMAIN.mycompany.com. This is the name server that nslookup was using; therefore, the answer had to be authoritative.