Networking [SOLVED]: Discrepancy in NS information between dig and whois

Networking [SOLVED]: Discrepancy in NS information between dig and whois

Home Forums Networking Networking [SOLVED]: Discrepancy in NS information between dig and whois

Tagged: 

Viewing 1 post (of 1 total)
  • Author
    Posts
  • #9064

    Anonymous

    QuestionQuestion

    I’m having problem trying to understand how Whois protocol works, in particular, the section related to the Name server information.

    For example

    dig +short NS adtogroups.com
    

    Returns nothing, which is expected since there is a ClientHold on the domain which prevent it from resolving

    Whois adtogroups.com
    ... Showing part of the output: Domain Status: clientHold https://icann.org/epp#clientHold
    

    However, the name server section of whois answer returns a set of servers. I know that dig is the reliable source for resolving any domain since it’s built on sending DNS queries, while the name server information in whois is mirrored somehow from another source.

    My question is, from where did whois get the name server information in the above example, knowing that the domain is under ClientHold (i.e. the DNS will not respond to resolving requests) and none of the NS output by whois appeared in passive DNS ?

    I think I’m missing something on how Whois fetch the information related to NS.

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.