Discussion:
domain status in registry and registrar
(too old to reply)
Wesley
2024-08-19 07:50:01 UTC
Permalink
First of all, I apologize for my lack of knowledge about the domain name
registration industry. I checked a domain name, datafarm.net, and its
DNS showed that there was no record (nxdomain) at the registry. However,
when I checked whois, it showed that the domain name was already
registered at the registrar. Why is this?

This is the dns info from registry nameserver:

; <<>> DiG 9.10.6 <<>> datafarm.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7447
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;datafarm.net. IN A

;; AUTHORITY SECTION:
net. 900 IN SOA a.gtld-servers.net. nstld.verisign-grs.com. 1724053585
1800 900 604800 86400

;; Query time: 1441 msec
;; SERVER: 10.160.0.1#53(10.160.0.1)
;; WHEN: Mon Aug 19 15:46:53 CST 2024
;; MSG SIZE rcvd: 120


And, this is the info from part of whois:

Domain Name: DATAFARM.NET
Registry Domain ID: 73273226_DOMAIN_NET-VRSN
Registrar WHOIS Server: whois.tucows.com
Registrar URL: http://tucowsdomains.com
Updated Date: 2024-05-27T04:03:20
Creation Date: 2001-06-25T16:40:22
Registrar Registration Expiration Date: 2025-06-25T16:40:22
Registrar: TUCOWS, INC.


Thanks.
--
https://wespeng.pages.dev/
t***@tuxteam.de
2024-08-19 08:20:01 UTC
Permalink
Post by Wesley
First of all, I apologize for my lack of knowledge about the domain name
registration industry.
No need. We all stumble in the dark :-)
Post by Wesley
I checked a domain name, datafarm.net, and its DNS
showed that there was no record (nxdomain) at the registry.
No. This only means that there is no DNS record for that name. Very
strictly speaking, that your name server doesn't know that there is
one (but generally, DNS works globally, so).
Post by Wesley
However, when I
checked whois, it showed that the domain name was already registered at the
registrar. Why is this?
And that means that the name (space) was reserved at some point. It doesn't
mean it has to be used -- just that whoever reserved (registered) it can
use it at some point in time.

Cheers
--
t
Dan Purgert
2024-08-19 09:00:01 UTC
Permalink
Post by t***@tuxteam.de
Post by Wesley
First of all, I apologize for my lack of knowledge about the domain name
registration industry.
No need. We all stumble in the dark :-)
Post by Wesley
I checked a domain name, datafarm.net, and its DNS
showed that there was no record (nxdomain) at the registry.
No. This only means that there is no DNS record for that name. Very
strictly speaking, that your name server doesn't know that there is
one (but generally, DNS works globally, so).
Only if a global record was created. It's entirely possible that the
domain serves an 'internal-only' purpose for the entity that registered
it.
--
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1 E067 6D65 70E5 4CE7 2860
Bret Busby
2024-08-19 13:00:01 UTC
Permalink
Post by t***@tuxteam.de
Post by Wesley
First of all, I apologize for my lack of knowledge about the domain name
registration industry.
No need. We all stumble in the dark :-)
Post by Wesley
I checked a domain name, datafarm.net, and its DNS
showed that there was no record (nxdomain) at the registry.
No. This only means that there is no DNS record for that name. Very
strictly speaking, that your name server doesn't know that there is
one (but generally, DNS works globally, so).
Post by Wesley
However, when I
checked whois, it showed that the domain name was already registered at the
registrar. Why is this?
And that means that the name (space) was reserved at some point. It doesn't
mean it has to be used -- just that whoever reserved (registered) it can
use it at some point in time.
Cheers
I think that a simpler way of explaining What Tomas has said, is that
someone has registered the domain name, but, has not set up web hosting
for it, so, the domain name is registered, but, the person who
registered it, has not set up a web site for it.

..
Bret Busby
Armadale
West Australia
(UTC+0800)
..............
t***@tuxteam.de
2024-08-19 13:10:02 UTC
Permalink
Post by Bret Busby
Post by t***@tuxteam.de
Post by Wesley
First of all, I apologize for my lack of knowledge about the domain name
registration industry.
No need. We all stumble in the dark :-)
[...]
Post by Bret Busby
I think that a simpler way of explaining What Tomas has said, is that
someone has registered the domain name, but, has not set up web hosting for
it, so, the domain name is registered, but, the person who registered it,
has not set up a web site for it.
Even less than that: just a DNS record, i.e. some entry in the global
name database mapping the name to... anything (an IP address, another
name, a mail exchange, whatever).

You can reserve the name and postpone creating a DNS record for it.

As often, the Wikipedia [1] gives a good read on that.

Cheers

[1] https://en.wikipedia.org/wiki/DNS
--
t
Bret Busby
2024-08-19 13:40:01 UTC
Permalink
Post by t***@tuxteam.de
Post by Bret Busby
Post by t***@tuxteam.de
Post by Wesley
First of all, I apologize for my lack of knowledge about the domain name
registration industry.
No need. We all stumble in the dark :-)
[...]
Post by Bret Busby
I think that a simpler way of explaining What Tomas has said, is that
someone has registered the domain name, but, has not set up web hosting for
it, so, the domain name is registered, but, the person who registered it,
has not set up a web site for it.
Even less than that: just a DNS record, i.e. some entry in the global
name database mapping the name to... anything (an IP address, another
name, a mail exchange, whatever).
You can reserve the name and postpone creating a DNS record for it.
As often, the Wikipedia [1] gives a good read on that.
Cheers
[1] https://en.wikipedia.org/wiki/DNS
As a person who has a few web sites, the first step, is registering the
domain name, then, the second step, is obtaining web hosting. Upon the
obtaining of the web hosting, DNS addresses (the IP numbers for the DNS
servers) (for, usually, each of the primary server and secondary
server), are then allocated. In the absence of obtaining web hosting, no
DNS server is allocated.

That is from my experience.

Your experience may be different.

..
Bret Busby
Armadale
West Australia
(UTC+0800)
..............
Dan Ritter
2024-08-19 14:10:02 UTC
Permalink
Post by Bret Busby
Post by t***@tuxteam.de
Even less than that: just a DNS record, i.e. some entry in the global
name database mapping the name to... anything (an IP address, another
name, a mail exchange, whatever).
You can reserve the name and postpone creating a DNS record for it.
As often, the Wikipedia [1] gives a good read on that.
Cheers
[1] https://en.wikipedia.org/wiki/DNS
As a person who has a few web sites, the first step, is registering the
domain name, then, the second step, is obtaining web hosting. Upon the
obtaining of the web hosting, DNS addresses (the IP numbers for the DNS
servers) (for, usually, each of the primary server and secondary server),
are then allocated. In the absence of obtaining web hosting, no DNS server
is allocated.
That is from my experience.
Your experience may be different.
That's because you are purchasing a bundle of services from one
company.

These things are all available separately:

- domain name registration (annual fee) - establishes the name
of busby.net and points it at one or more name servers

- domain name service (can be self-hosted, or provided through a
free or paid service, or a combination) - maintains and
updates records for www.busby.net, mail.busby.net, etc. to
translate names into IP addresses.

- mail service (can be self-hosted or otherwise)

- basic web hosting (same)

and whatever else you'd like.

-dsr-
Michael Kjörling
2024-08-19 14:30:01 UTC
Permalink
Post by Dan Ritter
Post by Bret Busby
As a person who has a few web sites, the first step, is registering the
domain name, then, the second step, is obtaining web hosting. Upon the
obtaining of the web hosting, DNS addresses (the IP numbers for the DNS
servers) (for, usually, each of the primary server and secondary server),
are then allocated. In the absence of obtaining web hosting, no DNS server
is allocated.
That's because you are purchasing a bundle of services from one
company.
And of course, just because you have a domain name doesn't mean you
must host a web site on or under it.

The Internet is more than only the Web.
--
Michael Kjörling 🔗 https://michael.kjorling.se
“Remember when, on the Internet, nobody cared that you were a dog?”
Andy Smith
2024-08-19 16:40:01 UTC
Permalink
Hi,

TL;DR: I too find it a little odd that whois says this domain is reserved but
querying the DNS shows that it isn't there at all as I would
usually expect just the NS records to be present in the containing
zone. I can only assume that this registrar allows for registered
zones to not be published at all if one wishes. The whois is
authoritative for what is available to register; the DNS is
authoritative for what you can globally query.
In future it would help if you showed what actual query you are
doing with "dig". From the output I can piece together that you did
something like:

$ dig datafarm.net

or

$ dig -t s datafarm.net

but assuming that indeed is what you did, it does not actually "ask
the registry nameserver".
Post by Wesley
;; SERVER: 10.160.0.1#53(10.160.0.1)
which is probably a resolver on your local network. So that answer
you got may have been from cache.

We can see from your output that you ended up (either implicitly or
Post by Wesley
;datafarm.net. IN A
However the best record to use when trying to see if a domain exists
i*in DNS* is an SOA ("Start of Authority"). It should show where the
domain delegation happens. It's basically the details for the DNS
zone.

By asking for an A record you run the risk of getting an empty
answer just because that record type doesn't exist. There is after
all no particular reason for an A record to exist for the root of a
domain that is registered. There is no reason why the only record in
that zone might not be

just.to.annoy.wesley.datafarm.net.

in which case there would be no A record for datafarm.net.

But! Here a technicality of DNS that does come to our aid anyway.
NXDOMAIN is for when the name does not exist at all. If the name
xists but the record type you queried for does not exist, you would
expect to get a NOERROR response but with zero results.

So you have in fact determined that datafarm.net doesn't exist in
(your) DNS, though perhaps not in the ideal way. There is still the
issue that you queried your (?) resolver so the answer could be
coming from cache.

Your use of whois confirms that this domain is registered and like
you I would expect all registered domains to create NS records in
the parent zone. whois tells us that this domain's nameservers are:

Name Server: ns1.mclink-net.it
Name Server: ns2.mclink-net.it

so in the .net zone I would expect NS records like this to exist:

datafarm IN NS ns1.mclink-net.it.
datafarm IN NS ns2.mclink-net.it.

They don't though, which is puzzling to me. Perhaps there is a
registrar option to not publish the zone until ready or something.
Anyway, this can be verified by asking the nameservers that are
authoritative for the .net zone:

$ dig +short -t ns net.
h.gtld-servers.net.
k.gtld-servers.net.
b.gtld-servers.net.
c.gtld-servers.net.
i.gtld-servers.net.
m.gtld-servers.net.
e.gtld-servers.net.
g.gtld-servers.net.
f.gtld-servers.net.
j.gtld-servers.net.
a.gtld-servers.net.
d.gtld-servers.net.
l.gtld-servers.net.

Ask any of those by directing the query with '@':

$ dig +norecurse -t ns datafarm.net @h.gtld-servers.net.

; <<>> DiG 9.16.50-Debian <<>> -t ns datafarm.net @h.gtld-servers.net.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 25538
;; flags: qr aa; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;datafarm.net. IN NS

;; AUTHORITY SECTION:
net. 900 IN SOA a.gtld-servers.net. nstld.verisign-grs.com. 1724083355 1800 900 604800 86400

;; Query time: 20 msec
;; SERVER: 2001:502:8cc::30#53(2001:502:8cc::30)
;; WHEN: Mon Aug 19 16:02:43 UTC 2024
;; MSG SIZE rcvd: 114

Note NXDOMAIN - so no name at all for "datafarm" exists within "net.". "aa"
flag says that this is an authoritative answer (not froma cache) and
"AUTHORITY SECTION" says what this server we queried is authoritative for, in
this case "net." zone. So this is an authoritative answer from
h.gtld-servers.net that no such name "datafarm" exists in "net.".

Thanks,
Andy
--
https://bitfolk.com/ -- No-nonsense VPS hosting
Michael Grant
2024-08-19 16:50:01 UTC
Permalink
Post by Andy Smith
TL;DR: I too find it a little odd that whois says this domain is reserved but
querying the DNS shows that it isn't there at all as I would
usually expect just the NS records to be present in the containing
zone. I can only assume that this registrar allows for registered
zones to not be published at all if one wishes. The whois is
authoritative for what is available to register; the DNS is
authoritative for what you can globally query.
There is no obligation to provide a working name server or serve DNS for a
domain name. DNS and name registration are separate.

If you want to know if a domain name is available, try to buy it, or
try to do a whois on it, but I have found that not all TLDs support whois.

But beware... I have seen cases where I have tried to buy a domain
and then a short while later, someone else buys it! There is a way to
look at who is querying domains even if they don't resolve.

Michael Grant
Andy Smith
2024-08-19 19:30:02 UTC
Permalink
Hi,
Post by Michael Grant
Post by Andy Smith
TL;DR: I too find it a little odd that whois says this domain is reserved but
querying the DNS shows that it isn't there at all as I would
usually expect just the NS records to be present in the containing
zone. I can only assume that this registrar allows for registered
zones to not be published at all if one wishes. The whois is
authoritative for what is available to register; the DNS is
authoritative for what you can globally query.
There is no obligation to provide a working name server or serve DNS for a
domain name. DNS and name registration are separate.
That's not what I'm talking about. When you register a domain you
have to provide nameservers for it, and while it is true that you do
not need to actually run nameserver software on those nameservers¹,
the parent zone does need to add a delegation before anything will
work.

I find it odd that the parent zone (.net) has no delegation for this
domain, but perhaps that is a registrar option that I have not
noticed before. It has already been pointed out that if the
intention is to use the domain internally then technically no
delegation needs to be made. Though again I find it odd that the
registrar bothers to say what the nameservers are in that case.

Thanks,
Andy

¹ Though there are some zone operators that actually check to see if
your proposed nameservers answer correctly for the domain you're
adding before they will add the delegation.
--
https://bitfolk.com/ -- No-nonsense VPS hosting
Wesley
2024-08-19 23:10:02 UTC
Permalink
Post by Andy Smith
Hi,
TL;DR: I too find it a little odd that whois says this domain is reserved but
querying the DNS shows that it isn't there at all as I would
usually expect just the NS records to be present in the containing
zone. I can only assume that this registrar allows for registered
zones to not be published at all if one wishes. The whois is
authoritative for what is available to register; the DNS is
authoritative for what you can globally query.
In future it would help if you showed what actual query you are
doing with "dig". From the output I can piece together that you did
$ dig datafarm.net
or
$ dig -t s datafarm.net
but assuming that indeed is what you did, it does not actually "ask
the registry nameserver".
Post by Wesley
;; SERVER: 10.160.0.1#53(10.160.0.1)
which is probably a resolver on your local network. So that answer
you got may have been from cache.
We can see from your output that you ended up (either implicitly or
Post by Wesley
;datafarm.net. IN A
However the best record to use when trying to see if a domain exists
i*in DNS* is an SOA ("Start of Authority"). It should show where the
domain delegation happens. It's basically the details for the DNS
zone.
Andy

The dig from com's nameservers got nxdomain as well. As you see here,

$ dig datafarm.net @a.gtld-servers.net

; <<>> DiG 9.18.18-0ubuntu0.22.04.1-Ubuntu <<>> datafarm.net
@a.gtld-servers.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45385
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;datafarm.net. IN A

;; AUTHORITY SECTION:
net. 900 IN SOA a.gtld-servers.net. nstld.verisign-grs.com. 1724107985
1800 900 604800 86400

;; Query time: 7 msec
;; SERVER: 2001:503:a83e::2:30#53(a.gtld-servers.net) (UDP)
;; WHEN: Tue Aug 20 06:53:27 HKT 2024
;; MSG SIZE rcvd: 114


nxdomain means this domain (zone) not existing, whether it's A record or
the zone itself. if the zone exists but lacks A record, the status
should be 'NOERROR'.

What confused me is that since domain is registered in the registrar,
they should put a glue in com's nameservers. hence com nameserver would
not return 'nxdomain' but a reference instead.

BTW, I found there are many cases like the domain 'datafarm.net'. for
example, 'netfirm.net' behaves the same.

Thank you.
--
https://wespeng.pages.dev/
Andy Smith
2024-08-19 23:20:01 UTC
Permalink
Hi,
Post by Wesley
The dig from com's nameservers got nxdomain as well. As you see here,
You appear to have not read my email in full as everything you point
out in your reply was already stated in my reply to you. Even the
TL;DR: I put at the top, fearing that my email was too long, agrees
with you.

Thanks,
Andy
--
https://bitfolk.com/ -- No-nonsense VPS hosting
Loading...