Testing DNS without cacheing

Helping a friend figure out a DNS problem, passing on some ancient wisdom about how to test if your DNS is right. The key thing is to avoid all the caches, make direct queries to the servers of authority.

$ whois somebits.com

Ask the Internet name authority about the domain somebits.com. Lots of crap is returned there, what you care about is the name servers.

$ whois somebits.com | grep 'Name Server'

Name Server: NS1.HOVER.COM
Name Server: NS2.HOVER.COM
Name Server: NS3.HOVER.COM

So now we know that there are three authoritative DNS servers for the domain. Let’s ask one of them for information (and strip out comments, lines starting with semicolon)

$ dig @NS1.HOVER.COM somebits.com any | grep -v '^;'

somebits.com. 900 IN NS ns1.hover.com.
somebits.com. 900 IN A 107.150.51.74
somebits.com. 900 IN SOA ns1.hover.com. dnsmaster.hover.com. 1394118405 10800 3600 604800 900
somebits.com. 900 IN NS ns2.hover.com.

ns1.hover.com. 900 IN A 216.40.47.26
ns2.hover.com. 900 IN A 64.98.148.13

The important thing here is learning the A record for somebits.com, pointing to 107.150.51.74. That’s the DNS record for my server.

If you’re debugging a DNS problem, start with this type of query. Go straight to the Name Server of authority. If those records are wrong then it’s hopeless. If they look right then something else can still have gone wrong. Particularly cached data, whether cached in DNS or else cached by client software. Google Chrome seems overaggressive about caching DNS info, for instance. Java used to be awful.