On a project I’m working on, I need to establish if a domain has IPv6 glue records or not. If I had to do it on a once off, a whois
lookup would answer that nicely:
$ /usr/bin/whois opensolutions.ie
<snip>
nserver: dns1.dns.opensolutions.ie 87.232.1.40 2a01:268:4::40
nserver: dns2.dns.opensolutions.ie 87.232.1.41 2a01:268:4::41
nserver: dns3.dns.opensolutions.ie 87.232.16.61 2a01:268:3002::61
However, in this case, I will need to do it many times on many domains and do not need to have to worry about whois servers limiting the queries or parsing the output from different whois servers.
After some digging, it looks like the nameservers of TLDs return glue records in the additional section. Let’s look by example on opensolutions.ie. First, find the TLD servers for .ie:
$ dig NS ie
<snip>
;; ANSWER SECTION:
ie. 172800 IN NS gns1.domainregistry.ie.
ie. 172800 IN NS uucp-gw-1.pa.dec.com.
ie. 172800 IN NS uucp-gw-2.pa.dec.com.
ie. 172800 IN NS ns3.ns.esat.net.
ie. 172800 IN NS banba.domainregistry.ie.
ie. 172800 IN NS ice.netsource.ie.
ie. 172800 IN NS gns2.domainregistry.ie.
ie. 172800 IN NS ns-ie.nic.fr.
ie. 172800 IN NS b.iedr.ie.
Now query one of these for the nameservers for opensolutions.ie:
$ dig NS opensolutions.ie @banba.domainregistry.ie.
<snip>
;; AUTHORITY SECTION:
opensolutions.ie. 172800 IN NS dns3.dns.opensolutions.ie.
opensolutions.ie. 172800 IN NS dns2.dns.opensolutions.ie.
opensolutions.ie. 172800 IN NS dns1.dns.opensolutions.ie.
;; ADDITIONAL SECTION:
dns1.dns.opensolutions.ie. 172800 IN A 87.232.1.40
dns1.dns.opensolutions.ie. 172800 IN AAAA 2a01:268:4::40
dns2.dns.opensolutions.ie. 172800 IN A 87.232.1.41
dns2.dns.opensolutions.ie. 172800 IN AAAA 2a01:268:4::41
dns3.dns.opensolutions.ie. 172800 IN A 87.232.16.61
dns3.dns.opensolutions.ie. 172800 IN AAAA 2a01:268:3002::61
As you can see, the authority section contains the nameservers for opensolutions.ie which are all on the opensolutions.ie domain. We then find the glue records for these nameservers in the additional section.