Yesterday i was doing my work, and one of my colleague came to me and asked about the output of the nslookup command. So the question is very simple. He said me that when we do nslookup then what is the significance of server name and ip address that comes at top of the result.
What is this server name “Unknown” and which ip address 10.10.10.1 is this?
He said that he knows that the entry in non-authoritative answer tells us the ip address and domain name as well as cname entry of the server but he is not aware of the entry that comes above it.
So i showed him /etc/resolv.conf entry of the system which contains the same ip address and host name, and the answer is clear that this is the ip address of our local gateway/dns slave/master server through which our system queries for getting the ip address of the hostname or vice versa.
Now to understand this lets look at the output of ipconfig on my machine.
Wireless LAN adapter Wireless Network Connection:
Connection-specific DNS Suffix . : local
Link-local IPv6 Address . . . . . : fe80::a11a:df12:86a1:f6a1%10
IPv4 Address. . . . . . . . . . . : 10.10.10.32
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.10.10.1
Now the answer is clear since we don’t have any dns slave/master server exists in our network, this is the gateway ip that helps our pc to reach the actual dns server and bring us the result. In linux, just see /etc/resolv.conf entry and in case your linux system is not abale to resolve any ip/hostname then you need to update entry in resolv.conf.
If you want to understand it better than just look at the output of tracert in windows and traceroute in linux and you will came to know how our system/network resolves a ip/hostname address.
Tracing route to saketjain.com [18.104.22.168]
over a maximum of 30 hops:
1 2 ms 1 ms 1 ms 10.10.10.1
2 2 ms 2 ms 1 ms 192.168.1.1
3 6 ms 6 ms 7 ms 22.214.171.124
4 52 ms 53 ms 53 ms 126.96.36.199
5 168 ms 169 ms 168 ms pos14-2.palermo6.pal.seabone.net [188.8.131.52
6 208 ms 208 ms 210 ms xe-3-1-1.franco31.fra.seabone.net [184.108.40.206
7 210 ms 209 ms 210 ms xe-2-0-0.mpr1.fra4.de.above.net [220.127.116.11]
8 222 ms 222 ms 222 ms xe-0-1-0.mpr2.cdg12.fr.above.net [18.104.22.168]
9 221 ms 221 ms 221 ms xe-5-2-0.mpr1.lhr3.uk.above.net [22.214.171.124]
10 287 ms 304 ms 287 ms xe-4-3-0.cr2.dca2.us.above.net [126.96.36.199]
11 317 ms 317 ms 402 ms xe-2-2-0.cr2.iah1.us.above.net [188.8.131.52]
12 318 ms 333 ms 328 ms xe-1-1-0.mpr4.phx2.us.above.net [184.108.40.206]
13 345 ms 335 ms 314 ms xe-1-0-0.mpr3.phx2.us.above.net [220.127.116.11]
14 298 ms 298 ms 298 ms 18.104.22.168.t00738-01.above.net [22.214.171.124
15 312 ms 311 ms 311 ms gi4-18.cr1.phoenix.codero.com [126.96.36.199]
16 316 ms 314 ms 318 ms gi1-45.dr1.dg2.phoenix.codero.com [188.8.131.52]
17 301 ms 300 ms 307 ms unlimited.inwayhosting.com [184.108.40.206]
So you can now see how our system finally resolved the actual ip address and hostname using these many gateways/dns slave/master servers in between.