DEV Community

Pavol Z. Kutaj
Pavol Z. Kutaj

Posted on

1

Explaining DNS NXDOMAIN status in SOA Record Type: On Non-Existing Domains

#dns #network

The aim of this pageđź“ť is to explain DNS querying and filtering using jq and doggo. This is Today I Learned (TIL) about DNS (for an advanced intro New talk: Learning DNS in 10 years is just amazing!). Sharing a bit of tools I use to do that in a few lines of bash (doggo + jq).

  • I received an alert indicating that a domain, created for the generation of first-party cookies, stopped resolving DNS. This caused an alert and brought me to this task to monitor the health of the customer domain space.
  • We often need to check domain records, such as A and SOA records.
  • jq is a lightweight, flexible command-line JSON processor. which is great, see https://news.ycombinator.com/item?id=28266193
  • doggo is a command-line DNS client used for querying DNS records, see Show HN: Doggo – A powerful, human-friendly DNS client for the command line | Hacker News
  • The aim is to filter domains that do not have an A record but have SOA and NXDOMAIN responses.
  • NXDOMAIN indicates a non-existent domain.
  • SOA (Start of Authority) records contain administrative information about the domain.
  • Domains are listed in domains_to_check.txt. 
for domain in $(cat domains_to_check.txt); do
    # Perform a DNS query for A records using doggo
    a_record=$(doggo "$domain" A --short)

    # Check if the A record is empty
    if [ -z "$a_record" ]; then
        # If no A record, perform a DNS query and filter for SOA records
        doggo "$domain" --json | jq -c '{"domain": $input_line, "soa": [.responses[].authorities[]? | select(.type=="SOA")], "status": .status}' --arg input_line "$domain" | jq 'select(.soa != [] and .status == 3)'
    fi
done
Enter fullscreen mode Exit fullscreen mode

Example Non-Existing SOA Record JSON

Here is an example of a JSON response for a non-existing SOA record:

{
  "responses": [
    {
      "answers": null,
      "authorities": [
        {
          "name": "com.au.",
          "type": "SOA",
          "class": "IN",
          "ttl": "1800s",
          "mname": "q.au.",
          "rname": "hostmaster.donuts.email",
          "serial": 1734513429,
          "refresh": 7200,
          "retry": 900,
          "expire": 1209600,
          "minimum": 3600,
          "status": "NXDOMAIN",
          "rtt": "53ms",
          "nameserver": "8.8.8.8:53"
        }
      ]
    }
  ]
}
Enter fullscreen mode Exit fullscreen mode

Explanation

  • Loop through each domain.
  • Use cat to read domains from domains_to_check.txt.
  • Check A records using doggo.
  • If no A record, check SOA records.
  • Filter JSON response for SOA and NXDOMAIN using jq.
  • Example JSON shows the structure of a non-existing domain's SOA record.

LINKS

https://stedolan.github.io/jq/
https://doggo.mrkaran.dev/docs/

profile
Docusign Developers
 Promoted

Image of Docusign

Bring your solution into Docusign. Reach over 1.6M customers.

Docusign is now extensible. Overcome challenges with disconnected products and inaccessible data by bringing your solutions into Docusign and publishing to 1.6M customers in the App Center.

Learn more

Top comments (0)

profile
Pieces.app
 Promoted

A Workflow Copilot. Tailored to You.

Pieces.app image

Our desktop app, with its intelligent copilot, streamlines coding by generating snippets, extracting code from screenshots, and accelerating problem-solving.

Read the docs

Read next

sira profile image

Navigating into Tech from Non-Tech Grounds

yasiramus -

mikeyoung44 profile image

AI Breakthrough: Expert System Achieves 91% Accuracy in Predicting New Materials Synthesis Success

Mike Young -

mikeyoung44 profile image

New Test Reveals Major Gaps in AI's Ability to Spot Image-Text Mismatches

Mike Young -

mikeyoung44 profile image

Smart AI Data Compression Breakthrough Cuts Training Costs by 60%

Mike Young -