> My question is what is the way to find the DNS server where the zonename is located?
> or the computername.zonename record is located?
You have to assume the data returned by these two is correct:
nslookup -q=ns zonex.com
nslookup -q=soa zonex.com
You cannot, from the client, find details of Conditional Forwarders configured on a server from the DNS query alone (the DNS packet doesn't contain that kind of information).
That makes the answer to these two as follows:
> and it will give the DNS server that resolved the query,
Yes.
> if there is forwarder, it should also give us the DNS that resolved the query.
No. If you look at it from the clients perspective this happens:
1. NsLookup sends a DNS Packet to DNSB requesting "something" from zonex.com and waits for a response
2. DNSB sees the request and considers how to deal with it
a. If a cached answer exists it will respond with that
b. If a Forwarder (conditional or general) exists it will send the request to that server and wait for a response
- This represents a role-change. DNSB becomes the DNS client, it sends out a request and waits for a response
c. If no forwarders exist, DNSB will begin Iterative name resolution, starting with Root Hints
3. DNSB receives a reply (in this case from the Forwarder), stores it in the Cache and returns the answer to the Client
4. NsLookup receives the response from DNSB
The DNS packet is designed to be as small as possible, it contains the following:
1. A packet header, containing:
a. Response Code (RCode)
b. Flags (Such as Recursion Desired, Recursion Allowed, Authoritative Answer, etc, etc)
c. OpCode, defining what the packet is (Query, in this case)
d. The number of individual records returned in each section, Query, Answer, Authority and Additional
2. A packet payload, containing:
a. The original question (Name, Class, and Resource Record Type). e.g. Name: experts-exchange.com; Class: IN; RR Type: A
b. Answer: Answers to the question. e.g. experts-exchange.com. IN A 64.156.132.140
c. Authority: If the answer is not entirely complete, any additional NS records used to find the complete answer
d. Additional: A records associated with Authority
The packet does not contain information about the server resolving the request. That information is returned separately when using NsLookup, and only from the name server used by the client (NsLookup is the client).
Chris