While running a network capture when performing an nslookup for bgsu.edu, I noticed that my DNS server was not querying for the SOA record for bgsu.edu. Here's the order of operations that I see in my capture:
-
My DNS server issues an A record query to one of the root hint servers for bgsu.edu.
-
The root hint server returns a list of NS records for the gTLD servers.
-
My DNS server issues an A record query to one of the gTLD servers for bgsu.edu.
-
The gTLD servers returns a list of NS records for bgsu.edu.
-
My DNS server issues an A record query to one of the name servers returned in step 4 for bgsu.edu.
-
The name server for the domain in question returns the A record information for bgsu.edu.
So my question is: Does my DNS server not need to query for the SOA record for the domain in question first? If not, then how exactly are SOA records used? Which name servers query for the SOA record? Do the gTLD servers query for the SOA record, and therefore, I don't see this in my capture? My understanding is that the SOA holds a list of the NS records, so shouldn't the SOA be the first record queried?
Best Answer
NS Servers are not part of the SOA record. The SOA record and I quote from RFC 1035 (3.3.13):
The fields in the SOA record are:
So with that out of the way, what is happening is this: