hosts: dns [NOTFOUND=continue] files
순서동작원리 1 자신의 DNS가 www.yahoo.com 의정보를가지고있는지검색 2 자신의 DNS가 yahoo.com 의정보를가지고있는지검색 3 자신의 DNS가 com 의정보를가지고있는지검색 4 검색결과로서의 DNS정보를따라순차적인 DNS 검색 순서동작원리 1 리졸버는자신의 DNS에게 Query String으로 Query 2 자신의 DNS (A) 는다른 DNS (B,C,D) 등에 Query를전달 3 자신의 DNS가받은 DNS Answer를리졸버에게전달
Header Question 네임서버에대한질문 Answer 질문에답하는 Resource Recode Authority authority를가리키는 RR Additional 기타정보를담고있는 RR ID QR Opcode AA TC RD RA Z RCODE QDCOUNT ANCOUNT NSCOUNT ARCOUNT 항목 설명 질의를생성하는프로그램에의해생성되는 16비트 ID 인식자이며질의를보낸측이어떤질의에대한응답인 지식별하는데사용 QR Query 인지 Response 인지를의미 (1-응답,0-질의) Opcode 질의의종류를나타내는 4비트필드, 일반적으로 0 AA Authorive Answer 일때는 1 아닐때는 0 전송채널이허용하는크기보다더크다는이유등으로인해 TC DNS 메시지가잘려나갔을경우 RD 선택적으로재귀적인 Query를요구했을경우에 1 RA 해당 DNS에서재귀적인 Query를지원할경우 1 Z 항상 0 이며 Reserved 된 Flag이다. Response Code 로서응답상태를나타낸다. RCODE 0 - 에러없음 1-5 각에러코드별로에러상태를나타냄 QDCOUNT 질문항목들의개수 ANCOUNT 질문부분내에있는리소스레코드들의개수 NSCOUNT authoritive DNS의개수 ARCOUNT 이상해당사항없는리소스레코드들의개수
#!/bin/sh # Auther : vpark PID=`ps -ef grep /usr/local/sbin/named grep -v grep awk -F" " '{print $2}'` case "$1" in 'start') if test "$PID" then echo "Sorry, Name service is already running..." else echo "Starting named 8.2.2 service..." /usr/local/sbin/named fi ;; 'stop') if test "$PID" then kill -9 $PID fi ;; *) echo "usage: $0 start stop" esac #name dgram udp wait root /usr/sbin/in.tnamed in.tnamed named.* /var/adm/messages
1 // made by opman 2 options { 3 directory "/dns1"; 4 statistics-file "/var/adm/named.stat"; 5 pid-file "/var/adm/named.pid"; 6 allow-transfer { 7 202.30.50.50; 8 202.30.50.51; 9 202.30.50.52; 10 168.126.63.1; 11 198.32.4.13; 12 // 147.47.1.1; 13 14 zone "." { 15 type hint; 16 file "root.cache"; 17 18 19 zone "0.0.127.in-addr.arpa" { 20 type master;{ 21 file "named.local"; 22 23 24 zone "krnic.net" { 25 type master; 26 file "nic.zone"; 27 allow-transfer { 203.255.208.37; 28 29 30 zone "50.30.202.in-addr.arpa" { 31 type master; 32 file "202.30.50.rev"; 33 34 Line # 설 명 3 Zone data를저장할디렉토리지정 4 DNS Query의통계로그파일 5 Process ID 파일 6~12 slave DNS 들에대한 Zone transfer 허용대상목록 (Global 대상 ) 14 Root DNS 에대한캐쉬정보 19 local Host에대한도메인이름설정 krnic.net Zone에대한 DNS 정보를본 DNS가 Master로서소유하고 24 있음을의미하며 203.255.208.37 이라는 slave DNS에 transfer를 허용함을의미함 ( krnic.net Zone에만대상 ) 30 Inverse Zone 에대한정보 16,21,27,32 file : Zone data를해당이름으로항상저장
1 @ IN SOA ns.krnic.net. domain.krnic.net. 2 ( 20000210008 3600 300 3600000 3600 ) 3 IN NS ns1.nic.or.kr. 4 IN NS ns2.nic.or.kr. 5 IN MX 0 mail 6 ; 7 ; For domain registration 8 ; 9 domain IN A 202.30.50.71 10 IN A 202.30.50.72 11 IN A 202.30.50.73 12 ; IN A 202.30.50.74 13 canonical CNAME domain 14 domain TXT "Domain managed by KRNIC" Line # 설명 @ : local host의기원 (Origin Domain Name) IN : Internet Resouce 임을의미 ( 생략가능 ) 1 SOA : Start Of Authority 해당 DNS Zone 에대한가장정확한 DNS 정보는 ns.krnic.net에서가지고있음을의미 domain@krnic.net : 해당 Zone 데이터에대한책임자 Email주소 20000210008 ; Serial 3600 ; Refresh 2 300 ; Retry 3600000 ; Expire 3600 ; Minimum TTL 3~4 해당 Zone Data에대한 1, 2차네임서버정보 해당도메인에대한 Mail Exchange 설정 5 0 은 Mail Exchange의우선순위를의미하며여기서는하나밖에 없음 6~ Zone에속해있는도메인들의 IP주소정보 ( 여기서는 Load sharing 사용중 ) 13 "aliase" 로서 canonical.nic.or.kr을찾을때실제 domain.nic.or.kr 의 IP주소를돌려줌 14 2Kbyte제한의 TXT를통하여추가정보를기록할수있음
레코드 설 명 영역내의모든 Zone data에적용 Serial 해당 Zone data가몇번수정되었는지를의미하며수정시반드시증가시켜야함 일반적인구성예 : YYYYMMDDNN Refresh Zone Data의갱신여부를검사는주기 ( 초단위 ) Retry Refresh 간격이후에 Master DNS에접속실패하였을경우, 재시도하는시간 ( 초단위 ) Expirer기간동안 Master DNS에접속실패했을 경우해당 Zone data를폐기한다. 만약접속실 Expire 패와동시에 Zone data를폐기하지않고이전 data를계속가지고있길원한다면 named.conf 에서 file" 옵션으로백업파일을남긴다. ( 초단위 ) 각 Query에대한 Response에는 TTL 값이포함 Minimum TTL 되어있는데본 TTL 기간동안 Cache안의 data 를그대로돌려준다. MD (Mail Destination) 과 MF (Mail Forwarder) MX 를의미하며메일메시지가최종적으로도착할 도착지및경유지를설정한다. $ORIGIN kr. pe IN SOA ns.krnic.net. root.ns.krnic.net. ( 2000041317 7200 3600 604800 21600 ) IN NS ns.krnic.net. IN NS ns.kreonet.re.kr. IN NS ns.kren.ne.kr. IN NS ns.kornet.ne.kr. IN NS kr2ld.dacom.co.kr. $ORIGIN pe.kr. 0-0 IN NS nspe1.chollian.net. $INCLUDE "pe2.zone"; 항 목 설 명 $ORIGIN Zone data의기본도메인이름의기원 (Origin) $INCLUDE 해당 Zone data file의 INCLUDE
zone "vpark.pe.kr" { type master; file "krnicstaff/vpark.zone"; allow-transfer { 203.255.208.37; zone "vpark.pe.kr" IN { type slave; file "vpark.zone"; masters { 202.30.50.51; named.* /var/adm/messages channel 기록될데이터가 syslog, 파일, 표준에러장치, 비트스트림등기록의목적지를지정 category 어떤데이터가기록되는지를지정 + syslog 데몬의 Log Type - - BIND 8.X 만의로그 + critical, error, warning, notice, info debug [level], dynamic
1 ; made by opman 2 logging { 3 channel my_syslog { 4 syslog daemon; 5 severiry info; 6 7 channel my_file { 8 file "log.msgs"; 9 severity dynamic; 10 11 12 category default { null; 13 category statistics { my_syslog; my_file; 14 category queries { my_file; 15 Line # 설명 2 logging 설정시작 3 출력방향을지정하는채널설정 4 syslog 로출력방향지정 ( /var/adm/messages ) 8 별도지정된파일로출력방향지정 12 BIND 8.X 의 default category 에해당되는기록은모두미기록 13 statistics ( 통계로그 ) 를 syslog 및 log_msgs 양쪽으로보냄 14 Query 내역로그를 log_msgs 파일로기록 channel default_syslog { syslog daemon; severity info; channel default_debug { file "named.run"; severity dynamic; channel default_strerr { file "<stderr>"; severity info; channel null { null; 기본적으로 info 이상의모든 syslog 메시지들은 syslog 로전달되고디버깅기능이켜져있으면 syslog 메시지및디버깅메시지가 named.run 파일로기록된다.
logging { channel my_file { file "log.msgs" ; severity dynamic; print-category yes; print-severity yes; category default { default_syslog; my_file; category panic { default_syslog; my_file; category packet { my_file category eventlib { my_file category queries { my_file Signal 설명 HUP named를재시작한다. Slave DNS에서는 Zone transfer 를하지않고이전 Zone data로재시작된다. INT Zone data 정보및 Cache 정보를 named_dump.db 라는파일로덤프 ILL 네임서버의통계치를 named.stats 파일에추가한다. USR1 디버깅정보를 named.run 파일에추가한다. TERM 종료하면서동적영역을파일로저장한다. # /usr/local/sbin/named 또는 ndc start # /usr/local/sbin/named -b 특정설정파일
Apr 11 11:15:56 mail named[13691]: starting. named 8.2.2-P5 Tue Mar 14 18:43:27 KST 2000 Apr 11 11:17:39 mail named[13701]: /usr/local/etc/named.conf:29: syntax error near '}' # ndc stop named-xfer -z vpark.pe.kr -f /etc/named/vpark.zone ns1.nic.or.kr ; BIND version named 8.2.2-P5 Tue Mar 14 18:43:27 KST 2000 ; BIND version root@class:/user1/down/temp/src/bin/named ; zone 'vpark.pe.kr' first transfer ; from 202.30.50.51:53 (local 203.255.208.37) using AXFR at Tue Apr 11 10:42:19 2000
// made by opman options { directory "/dns1"; zone "." { type hint; file "root.cache"; zone "0.0.127.in-addr.arpa" { type master;{ file "named.local"; zone "vpark.pe.kr" IN { type slave; file "vpark.zone"; masters { 202.30.50.51; 202.30.50.52; 202.30.50.53; zone "50.30.202.in-addr.arpa" { type slave; file "202.30.50.rev"; masters { 202.30.50.51; domain nic.or.kr nameserver 202.30.50.51 nameserver 202.30.50.52
search nic.or.kr vpark.pe.kr nameserver 202.30.50.51 nameserver 202.30.50.52 # nslookup > set " 옵션 > exit
옵션 의 미 비 고 all 전체옵션목록출력 ( 현재모든옵션설정현황 ) [no]debug 디버깅에필요한정보들 (1차네임서버및 2차네임서버등 ) /etc/resolve.conf 에정의되어있는 [no]defname 기본도메인이름 (nic.or.kr) 을 defname은 /etc/resolv.conf의 nslookup query 시에추가 On, Off "domain" 값에대응 [no]search defname의옵션과유사 search는 /etc/resolv.conf의 search" 값에대응 [no]recurse 재귀적인 Query를 On, Off 레벨2의디버깅을 On,Off하며기본 [no]d2 Debug 정보외에도질의부분및 Query 가지연시에 time out 등도함 께출력 [no]vc 기본적인 UDP 패킷이아닌 TCP 패킷을이용해 Query [no]ignoretc "truncated" 비트가설정되어있는기본적으로 TCP 패킷은 UDP패 DNS 패킷이왔을때 TCP 패킷이아킷보다 2배크기때문에 truncated" 비트가발견되면자닌 UDP 패킷으로계속 Query함동으로 TCP로 Query함 port=53 디버깅목적으로다른포트에서 BIND 를시작함 type=a Query type을설정 원격 DNS가 5초이내응답하지않으 timeout=5 면시간을두배로늘려다시 Query 한다. retry=4 포기하기전까지 4번 Query함 root=a.root-ser vers.net. domain =nic.or.kr defnam옵션이 on 되어있을때설정되는기본도메인 srchlist =nic.or.kr search 옵션이 on 되어있을때추가되는기본도메인
> set debug > www Server: ns1.nic.or.kr Address: 202.30.50.51 ;; res_nmkquery(query, www.nic.or.kr, IN, A) ------------ Got answer: HEADER: opcode = QUERY, id = 27466, rcode = NOERROR header flags: response, auth. answer, want recursion, recursion avail. questions = 1, answers = 1, authority records = 2, additional = 2 QUESTIONS: www.nic.or.kr, type = A, class = IN ANSWERS: -> www.nic.or.kr internet address = 202.30.50.90 ttl = 3600 (1H) AUTHORITY RECORDS: -> nic.or.kr nameserver = ns1.nic.or.kr ttl = 3600 (1H) -> nic.or.kr nameserver = ns2.nic.or.kr ttl = 3600 (1H) ADDITIONAL RECORDS: -> ns1.nic.or.kr internet address = 202.30.50.51 ttl = 3600 (1H) -> ns2.nic.or.kr internet address = 202.30.50.52 ttl = 3600 (1H) ------------ Name: www.nic.or.kr Address: 202.30.50.90 SendRequest(), len 31 HEADER: opcode = QUERY, id = 27467, rcode = NOERROR header flags: query, want recursion questions = 1, answers = 0, authority records = 0, additional = 0 QUESTIONS: www.nic.or.kr, type = A, class = IN
항목 헤더부분 (Header Section) 질문부분 (Question section) Authority 부분 (Authority section) 기타부분 (Additional section) 설명 opcode : 항상 Query want recursion : 재귀적질의 auth.answer : answer가 authority 한지? rcode : 응답코드 ( 에러없음 ) 다음의결과가가능함 - server failer, name error, not implemented, refused 질의내용, Class 등 Authority DNS 들의정보 이전정보들에대한추가적인정보들 # nslookup > set norec > set nosearch > www.yahoo.com. 1 먼저. DNS 의정보만을출력 > server " 루트서버 IP" 2 루트서버 IP 로 Query 할원격 DNS 변경 > www.yahoo.com. 3 ".com" DNS 의정보만을출력 > server ".com. DNS IP" 4 ".com" DNS IP 로 query 할원격 DNS 변경 > www.yahoo.com. 5 ".yahoo.com" DNS 의정보만을출력 > server ".yahoo.com. DNS IP" 6 ".yahoo.com" 의 DNS IP 로 Query 할원격 DNS 변경 > www.yahoo.com. 7 "www.yahoo.com" 의 IP 주소를출력 # nslookup > ls "zone 이름 # nslookup > ls "zone 이름 > " 디렉토리 / 파일이름
1 ; <<>> DiG 8.2 <<>> @ns1.nic.or.kr yahoo.com mx 2 ; (1 server found) 3 ;; res options: init recurs defnam dnsrch 4 ;; got answer: 5 ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6 6 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 20 7 ;; QUERY SECTION: 8 ;; yahoo.com, type = MX, class = IN 9 10 ;; ANSWER SECTION: 11 yahoo.com. 3m10s IN MX 1 mx2.mail.yahoo.com. 12 yahoo.com. 3m10s IN MX 0 mx1.mail.yahoo.com. 13 14 ;; AUTHORITY SECTION: 15 yahoo.com. 17h1m53s IN NS NS3.EUROPE.yahoo.com. 16 yahoo.com. 17h1m53s IN NS NS1.yahoo.com. 17 yahoo.com. 17h1m53s IN NS NS2.DCA.yahoo.com. 18 yahoo.com. 17h1m53s IN NS NS5.DCX.yahoo.com. 19 20 ;; ADDITIONAL SECTION: 21 mx2.mail.yahoo.com. 9m56s IN A 128.11.68.223-35 mx1.mail.yahoo.com. 8m10s IN A 128.11.23.237 36 mx1.mail.yahoo.com. 8m10s IN A 128.11.68.147 37 NS3.EUROPE.yahoo.com. 5h30m2s IN A 194.237.108.51 38 NS1.yahoo.com. 2d6h10m14s IN A 204.71.200.33 39 NS2.DCA.yahoo.com. 13h25s IN A 209.143.200.34 40 NS5.DCX.yahoo.com. 13h25s IN A 216.32.74.10 41 42 ;; Total query time: 9 msec 43 ;; FROM: mail to SERVER: ns1.nic.or.kr 202.30.50.51 44 ;; WHEN: Tue Apr 11 11:38:57 2000 45 ;; MSG SIZE sent: 27 rcvd: 479 Line # 설명 1, 2 쿼리내용과이용할네임서버를성공적으로찾았음 3 쿼리옵션, Recursive query 임을알수있음 5 ~ DNS Message Header 부분설명 flags에 aa 기록이없는것으로볼때 cache에서 6 답을가져온 Non-authoritive Answer임 ( 어느 DNS에서답변을받았는지알고자한다면 Recursive Option을 Disable 한후재 Query) 10 ~ Query에대한 Answer 14 ~ Authority 한 DNS 목록 21 ~ 답변된서버들에대한 IP주소 ( 로드밸런싱을하고있음을알수있음 ) 42 ~ 쿼리문에대한정보
1 tcpdump: listening on ppp0 2 16:38:21.817066 ppp-blt-1-03.netrail.net.domain > skipper.netrail.net.domain: 21213+ A? ns.adnc.com. (29) 3 16:38:22.072951 skipper.netrail.net.domain > ppp-blt-1-03.netrail.net.domain: 21213 1/9/9 A 205.216.138.22 (160) (frag 36540:168@0+) Line # 2 3 설명 Query Packet 1) skipper.netrail.net.domain 으로먼저 Query 를던짐 2) "A?" IP Address Query 임 3) Query String 은 ns.adnc.com 임 4) Query ID 는 21213 임 5) + 는 Recursive Query 를의미함 Response Packet 1) skipper.netrail.net.domain 으로부터 Answer 를받음 2) 1/9/9 : 1 answer, 9 AA, 9 AR 3) Answer Address 205.216.138.22 4) (frag:**) DNS Packet 이조각전송되는것을의미
1 statistics Dump +++ (948160150) Tue Jan 18 10:49:10 2000 2 48061 time since boot (secs) 3 48061 time since reset (secs) 4 9 Unknown query types 5 62548 A queries 6 576 NS queries 7 0 MD queries 8 0 MF queries 9 0 CNAME queries 10 638 SOA queries 11 12-13 14 41169 ANY queries 15 ++ Name Server Statistics ++ 16 (Legend) 17 RR RNXD RFwdR RDupR RFail 18 RFErr RErr RAXFR RLame ROpts 19 SSysQ SAns SFwdQ SDupQ SErr 20 RQ RIQ RFwdQ RDupQ RTCP 21 SFwdR SFail SFErr SNaAns SNXD 22 (Global) 52013 4185 15709 303 6729 0 3 3 24117 0 6692 79230 50112 75093 0 1294 24 49 0 0 70 162 15709 10 0 39936 9467 24 -- Name Server Statistics -- 25 --- Statistics Dump --- (948160150) Tue Jan 18 10:49:10 2000 26 27 Line # 설명비고 Local DNS가부팅이후얼마나오랫동안실 2 행중인지의미 3 가장최근의 HUP 신호이후의지난시간 4 네임서버가인식하지못하는 Query Type 14 모든종류의 Query Type 을요구한 Query
options { notify no; zone "test.pe.kr" { type master; file "test.zone"; notify yes; auto-notify { 12.34.56.78; zone "vpark.pe.kr" { type master; file vpark.zone"; allow-update { 203.255.208.37; Apr 19 17:20:21 ns1 named[18183]: dynamic zone file 'krnicstaff/vpark.zone' is writable
$ORIGIN pe.kr. vpark 3600 IN SOA ns1.vpark.pe.kr. vpark.nic.or.kr. ( 24346465 3600 300 3600000 3600 ) 3600 IN NS ns1.vpark.pe.kr. 3600 IN NS mail.vpark.pe.kr. 3600 IN A 202.30.50.115 3600 IN MX 0 mail.vpark.pe.kr. $ORIGIN vpark.pe.kr. mail 3600 IN A 203.255.208.37 ( 변경후삭제됨 ) mail 3600 IN TXT "Managed by vpark" 3600 IN A 203.255.208.37 web 3600 IN CNAME www.vpark.pe.kr. ns1 3600 IN A 202.30.50.51 www 3600 IN A 202.30.50.115 mail:/> nsupdate > prereq yxrrset mail.vpark.pe.kr. in mx > update delete mail.vpark.pe.kr. in mx > $ORIGIN pe.kr. vpark 3600 IN MX 0 mail.vpark.pe.kr. ;Cl=3 3600 IN A 202.30.50.115 ;Cl=3 3600 IN NS ns1.vpark.pe.kr. ;Cl=3 3600 IN NS mail.vpark.pe.kr. ;Cl=3 3600 IN SOA ns1.vpark.pe.kr. vpark.nic.or.kr. ( 24346467 3600 300 3600000 3600 ) ;Cl=3 $ORIGIN vpark.pe.kr. web 3600 IN CNAME www.vpark.pe.kr. ;Cl=3 mail 3600 IN TXT "Managed by vpark" ;Cl=3 3600 IN A 203.255.208.37 ;Cl=3 www 3600 IN A 202.30.50.115 ;Cl=3 ns1 3600 IN A 202.30.50.51 ;Cl=3 options { trans-per-ns 2; server 203.255.208.37 { transfers 2;
server 203.255.208.37 { transfers-in 10; options { } max-transfer-time-in 180; options { datasize size; } options { stacksize size; } options { coresize size; } options { } interface-interval 0;
options { } statistics-interval 60; server 10.0.0.2 { } bogus yes; options { } allow-query { 202.30.50/24; zone "test.pe.kr" { type master; file "test.zone"; allow-query { 202.30.50/24; domain IN A 202.30.50.71 IN A 202.30.50.72 IN A 202.30.50.73
레벨 설명 1 DNS의시작시의정보및질의처리과정을볼수있음 2 Query 진행과정중에이용되는원격 DNS들의 IP주소들을나열, 각각의 RTT도나열됨 DNS Zone data 갱신에관한메시지를포함 3 호출된중복질의들, 샐성된시스템질의들, Query중에이용된 DNS 들의이름, 각서버에대하여찾은주소들의개수 4 DNS가수신하는질의및응답패킷들을보고자할때와캐시데이터들에대한신뢰성 malloc() 등의시스템콜이실패했을때및메시지및 DNS가질의를 5 포기했을때 6 들어온질의에게보내지는응답 7 환경설정및구문분석메시지들 10 DNS가전송하는질의및응답패킷들을볼때 # /usr/local/bin/named -d 1 & ( 디버깅레벨 1 로데몬실행 ) # kill -USR1 `cat /etc/named/named.pid` 1 레벨 1 # kill -USR1 `cat /etc/named/named.pid` 2 레벨 2 # kill -USR1 `cat /etc/named/named.pid` 3 레벨 3 # kill -USR1 `cat /etc/named/named.pid` 4 레벨 4 # kill -USR2 `cat /etc/named/named.pid` 5 Debugging Off # /usr/local/bin/named -q
Apr 17 16:29:44 mail named[2545]: cannot set resource limits on this system Apr 17 16:29:44 mail named[2545]: fcn 시 (dfd, F_DUPFD, 20): Too many open files options { listen-on { 202.30.50.51; options { files number; Apr 17 16:29:44 mail named[2545]: owner name "ID_4.movie.edu IN" (master) is invalid - rejecting
Apr 17 16:29:44 mail named[2545]:mail has CNAME and other data (invalid) Apr 17 16:29:44 mail named[2545]: zoneref: Masters for slave zone "vpark.pe.kr" unreachable Apr 17 16:29:44 mail named[2545]: unapproved AXFR from [203.255.208.37].2263 for "vpark.pe.kr" Apr 17 16:29:44 mail named[2545]:response from unexpected source ([204.138.114.3].53) Apr 17 16:29:44 mail named[2545]:zone "vpark.zone" (class 1) SOA serial# (3345) rcvd from [202.30.50.51] is < ours (3399)
Apr 18 11:33:25 mail named[800]: Zone "vpark.pe.kr" (IN) SOA serial# (24346461) rcvd from [202.30.50.51] is < ours (24346464) Apr 18 11:33:26 mail named-xfer[833]: serial from [202.30.50.51], zone vpark.pe.kr: 24346461 lower than current: 24346464 Apr 18 11:33:25 mail named[800]:lame server on 'foo.movie.edu' (in MOVIE,EDU'?) : [10.0.7.125].53 'NS,HOLLYWOOD.LA.CA.US' : learnt (A=10.47.3.62,NS=10.47.3.62) Apr 18 11:33:25 mail named[800]:err/to getting serial# for "vpark.pe.kr"
Apr 18 11:33:25 mail named[800]:no root nameservers for class IN