DIG returns different result from different servers

Question

Yesterday, one of my domain names expired, so one of my websites was down. I'm well aware of dns caching, but I think there is something I miss.

My website was not down everywhere (thanks to dns caching). However, the results given by, for instance, Google dns server, were different from two servers. How come ?

My DNS has the .paris extension (parisian startup)

From my computer, it was working fine. Here is the result from dig:

dig @8.8.8.8 mydomain.paris

; <<>> DiG 9.8.3-P1 <<>> @8.8.8.8 mydomain.paris
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 189
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;mydomain.paris.         IN  A

;; ANSWER SECTION:
mydomain.paris.      27  IN  A   104.25.219.14
mydomain.paris.      27  IN  A   104.25.218.14

;; Query time: 75 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Wed Dec  9 19:47:52 2015
;; MSG SIZE  rcvd: 63

From another server, it was not working :

dig @8.8.8.8 mydomain.paris

; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> @8.8.8.8 mydomain.paris
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 61073
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;mydomain.paris.         IN  A

;; AUTHORITY SECTION:
paris.          1799    IN  SOA a.nic.fr. hostmaster.nic.paris. 2222333866 3600 1800 3600000 5400

;; Query time: 18 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Wed Dec  9 20:02:24 2015
;; MSG SIZE  rcvd: 90

Both time, I'm querying Google's DNS server. How come I get different results ? Is there caching even with the dig @ command ? And why do I get answsers, but no AUTHORITY SECTION, in the first case, and only an AUTHORITY SECTION but no answers in the second case ? What is AUTHORITY SECTION ?

Thanks a lot :)

Without knowing the domain name in question, it will be difficult to help you. — MadHatter, Dec 10 '15 at 11:15
The domain has been restored so there's no error anymore, these are logs I kept, that's why — Noé Malzieu, Dec 10 '15 at 15:06

score 8 · Accepted Answer · edited Oct 07 '21 at 07:34

For Google (8.8.8.8) as with many providers the resolving service gets load balanced over a number of nodes and as each node maintains it's own cache, subsequent queries to apparently the same name server might actually come from a different node and yield different (cached) results. (Different errors, different TTL values etc.)

@ is used by dig to select a specific name server, rather than your default name server(s) as found in /etc/resolv.conf nothing more, nothing less, it doesn't determine caching on that name server.

To avoid cached results you could use the dig +trace option, which will make dig use tracing, iterative queries to resolve the name being looked up. It will follow referrals from the root servers, showing the answer from each server that was used to resolve the lookup.

With regards to the AUTHORITY section: cached results are not authoritative and will not contain authority data.

RFC 2308 requires that cached errors (NXDOMAIN) do include an authority section; "it MUST add the cached SOA record to the authority section of the response with the TTL decremented by the amount of time it was stored in the cache. This allows the NXDOMAIN / NODATA response to time out correctly."

DIG returns different result from different servers

1 Answers1