Your IP:

Our Forums Have Moved!

Visit our new forums at http://community.opendns.com/forums/ to post on topics and read the latest content. These forums are now read-only archives.

K-12 Forums

Talk with other K-12 network administrators in your state.

Or see all states.

Categories

Vanilla 1.1.4 is a product of Lussumo. More Information: Documentation, Community Support.

This discussion has been inactive for longer than 30 days, and is thus closed.
    • CommentAuthordesiderius
    • CommentTimeNov 10th 2011 edited
     permalink
    I am trying to understand how the "nslookup" command works. (The dot is neccessary at the end of the command: "nslookup example.com." -- it's not a period ending my sentence.)

    Below are two outputs using the command:

    The first case is the output for "nslookup myip.opendns.com.". It returns the resolver, OpenDNS's DNS server; then it returns the string "myip.opendns.com", and then my IP (71.38.234.219, which, in my case, is Qwest---as I have a dynamic IP.) So, the first question is, why would this return my IP address and not OpenDNS's IP?

    The second case results from issuing the nslookup command on the doamin I own: "nslookup mypersonaldomain.com.". It returns my actual domain name (human readable) and then my Godaddy's registrar's IP address (68.178.232.100.) This I think I understand. But, if I understand this correctly, then the first case becomes confusing.

    --------------------------------------------
    1st case: $ nslookup myip.opendns.com.
    Non-authoritative answer:
    Server: resolver1.opendns.com
    Address: 208.67.222.222

    Name: myip.opendns.com
    Address: 71.38.234.219
    --------------------------------------------

    2nd case: $ nslookup mypersonaldomain.com.
    Non-authoritative answer:
    Server: resolver1.opendns.com
    Address: 208.67.222.222

    Name: mypersonaldomain.com
    Address: 68.178.232.100
    --------------------------------------------

    I have searched for how the "nslookup" works. Obviously, there is a lot of material on the web, but it is very techniclal--I can't piece together the information I found with the results obtained above. Any help would be appreciated.

    Thanks
  1.  permalink
    nslookup asks a DNS server a question, and displays the answer. By default, it uses the resolver your system is configured to use, in this case OpenDNS.

    myip.opendns.com. is magical. When you ask the OpenDNS resolver for myip.opendns.com.'s IP, it returns your own IP. There's nothing very technically interesting about this: A DNS resolver can technically return whatever nonsense it wants to, and obviously it knows your IP since you're the one asking it stuff, so OpenDNS put two and two together and added a little bit of code to their resolver to synthesize the magical answer.

    In the case of "mypersonaldomain.com." (which, by the way, is a real domain, whose IP is currently 69.43.160.178), nslookup is asking your resolver (OpenDNS) for the answer; OpenDNS queries the authoritative servers (which is to say, the servers that run mypersonaldomain.com., apparently GoDaddy's in your case*) to find the answer and then returns it to you, at which point nslookup displays it.

    * Your registrar, DNS host and web host don't have to be related at all. All the registrar does is submit a little bit of e-paperwork to the registry (the organization that runs .com or whatever TLD you're using) to say "desideratus bought example.com, and its authoritative DNS servers are ns1.example.net and ns2.example.net". Many registrars provide DNS hosting as well, in which case the aforementioned DNS servers are their own, and some also provide web hosting and such, in which case the DNS servers would obviously return their IPs for things like www.example.com, but the three things are completely separate technically.

    (Edit: Small changes.)
    Thankful People: desiderius, rotblitz, zelus, cindelicato
    • CommentAuthordesiderius
    • CommentTimeNov 10th 2011 edited
     permalink
    I think understand (will have to digest it some!):wink:

    I used "mypersonaldomain.com" to be general, and it never occurred to me that there was an actual domain with that name. I should have known better :sad: , as there are not too many domains not taken by somebody.

    Yes, my registrar is Godaddy, they are not currently hosting any website for me. I just installed Google Apps several weeks ago; I don't understand their way of doing things as they are pointing people to a "faux" address for my website.

    Just learning about this stuff---its quite complex. Knew a little before, enough to get by, but working with OpenDNS has sparked my interest in learning more.

    Thanks
  2.  permalink
    Does the "'faux' address" have advertising or other sources of revenue on it? If so, that would be why they're pointing people to it.
    • CommentAuthordesiderius
    • CommentTimeNov 11th 2011
     permalink
    I started using Google Apps because it allowed me to use my own domain with Gmail---this allowed me to sync Gmail with MS Outlook on my Windows PC. I now have all my email, contacts, calendar, etc. available on both my Windows XP machine (all syced with Outlook) and on any other machine via Gmail's web interface on other platforms---in my case, I use Ubuntu on another machine.

    This is very nifty for those people who, like me, truly do not like web-based email and who still think that Outlook is far superior to other email clients, and who do not want an email address which reads xxxx@gmail.com. And then as bonus, you get Google sites, docs, etc, all integrated.

    So, I setup a "Google site" and attempted to have that site point to my domain, following Google's instructions to change the relevant records at my registrar. It didn't work, as far a I see: when someone clicks on my website they get is:

    https://sites.google.com/a/123xyz.com/123xyz/home

    ... where "123xyz.com" is my domain. That's what I meant by my "faux" address for my website---it doesn't read simply www.123xyz.com. When I go there, I get a sign-in page, when others go there they get my google site's web page.

    By the way, I find Google's way of doing things when it comes to Google Apps immensely confusing: multiple logins; settings found here their, everywhere; settings buried and hidden in places which are not intuitive to remember. Quite a mess!
    • CommentAuthorrotblitz
    • CommentTimeNov 11th 2011
     permalink
    ...and they may use the content of your mail for "targeted advertising" or more... :shocked:
    You know that you handed out your mail to a 3rd party, do you?
    • CommentAuthordesiderius
    • CommentTimeNov 12th 2011 edited
     permalink
    Yes, I know.

    Let's see: I had Facebook, shut that down because I saw nothing but trivia and for privacy issues. I use Google search---do they track me?! I use Amazon, NY Times, and more.....they all say they don't track me or sell me out. Can I trust them? I use OpenDNS---can I be certain that they are true blue and do what they say?

    I swore I would never trust my info to the "cloud." I now use cloud services to back up my data. I use Dropbox, Amazon, Ubuntu One, to back up my music and other files. Why? The convenience!

    Yes, Google Apps is handling my email, for $5.00 per month. They say they are not using my email to target me, and because I pay the fee, I see no ads on my Gmail. Can I trust them? Hell, no!

    I don't trust my ISP, my registrar, Google, Microsoft, none of them. I used to be a fanatic about privacy, and the result was I used very few of the new technology and apps out there. I still get almost no spam, because I am very careful with my email address, but to the issues you address, I do what I can to minimize, within reason, the services I use.

    Fact: I do know how to protect oneself completely. It is the only way---anything less will leave you vulnerable: Turn off your computer and completely disconnect it? :cool:
    Thankful People: maintenance
    • CommentAuthorrotblitz
    • CommentTimeNov 12th 2011
     permalink
    Ok, I see, you're sensible enough to know what you do and to think about the risks.
    Thankful People: maintenance
    • CommentAuthordesiderius
    • CommentTimeNov 12th 2011 edited
     permalink
    I try to be sensible, but is that good enough? I hope it is.
    Thankful People: maintenance
    • CommentAuthorrotblitz
    • CommentTimeNov 12th 2011 edited
     permalink
    No, not sarcastic, just concerned. Really.
    http://www.google-watch.org/

    Edit: Ah, you edited your message in between, "sarcastic" disappeared.
    Thankful People: desiderius, maintenance
    • CommentAuthordesiderius
    • CommentTimeNov 12th 2011
     permalink
    I read your post again, and I realized I was reading something into your post that you didn't mean. Sorry for that, you've been very helpful. So I quickly edited the post.
    Thankful People: rotblitz, maintenance
    • CommentAuthordesiderius
    • CommentTimeNov 12th 2011
     permalink
    "Do no Evil,: they say. Yes, I am concerned. And thanks for the link.
    Thankful People: maintenance
  3.  permalink
    Indeed, I would hope that teh Goog would leave your email alone if you are paying them. For everyone else, this is not the case.

    For whatever Google service you use, take control of your privacy and security:
    https://www.google.com/intl/en/privacy/
    https://www.google.com/intl/en/privacy/tools.html

    You can limit what they do with your data using their own tools. I do it, even just so I get raw search results when I use Google, and not results somehow based on previous searches.
    Thankful People: desiderius
    • CommentAuthordesiderius
    • CommentTimeNov 12th 2011
     permalink
    Good info!!! I am going to look into those tools.

    A small matter when compared to security, "raw search" is definitely something I want. I don't want to see reflected back to me what Google thinks I want to see based on my previous searches.

This discussion has been inactive for longer than 30 days, and is thus closed.