Web Server Rescue
Compare Authoritative Nameserver Answers
A domain has multiple authoritative nameservers and you need to see whether they return the same edge IP.
Command
for ns in $(dig +short NS edge.test); do printf '%s ' "$ns"; dig @"$ns" +short edge.test A; doneWhat changed
Nothing changes. The command lists NS records and asks each nameserver for the A record.
Danger
safe
When to use it
Use when propagation looks inconsistent even after recursive caches should have expired.
When not to use it
Do not edit zone data from this output alone; confirm which provider owns the live zone.
Undo or recovery
No undo needed because this command is read-only.
Expected output
Each authoritative nameserver followed by its A record answer.
demo script
Disposable terminal steps
dig +short NS edge.testfor ns in $(dig +short NS edge.test); do printf '%s ' "$ns"; dig @"$ns" +short edge.test A; done
simulated output
What it looks like
::fixture-ready::
$ dig +short NS edge.test
ns1.edge-dns.test.
ns2.edge-dns.test.
::exit-code::0
$ for ns in $(dig +short NS edge.test); do printf '%s ' "$ns"; dig @"$ns" +short edge.test A; done
ns1.edge-dns.test. 203.0.113.10
ns2.edge-dns.test. 198.51.100.44
::exit-code::0
YouTube Short
Ask each nameserver.
When authoritative nameservers disagree, caches keep spreading different answers. Query each source directly.
LinkedIn hook
The recursive resolver was not the problem. One nameserver disagreed.
Question: Have you traced a DNS issue back to mismatched authoritative nameservers?
experiments
A/B tests to run
Metric: completion_rate
A: The nameservers disagreed.
B: Query authoritative DNS directly.