Skip to main content

Beta What do you think of this service? Your feedback will help us to improve it.

  5. Name servers that do not provide A record for target domain name

Author: Government Security Group

Name servers that do not provide A record for target domain name

What this means

The domain has a name server (NS) record with no corresponding address (A) record, and no IPv4 address to find the server.

A working name server needs to have a corresponding A record.

Why this is a problem

Without an A record for the corresponding NS record, the name server will not be discoverable and DNS lookups in the affected domain may fail.

In most cases a domain will have more than one name server, so as long as other name servers have an A record and are responding to queries there will be a minimal impact.

How to check if the problem is still there

Use dig to look up the NS records and check the A records of those name servers to see if they are still present.

Example

dig ns example.gov.uk +short

ns1.example.com
ns2.example.com

then

dig a ns1.example.com +short

If the A record provides an IP address, this issue has been resolved.

If the A record does not provide an IP address, or you see an NXDOMAIN error, the problem remains.

How to fix it

Add an A record for the name server(s) as appropriate.

Check the host name in the NS record is correct. It could be there is a typo in the host name which results in a missing A record.

Sign up to UK Government Security

Subscribe to our newsletters to receive notifications when changes to strategy, policy, standards, and guidance are published on the website.

Sign up now