How do I find the authoritative name-server for a domain name?

Question

How can I find the origins of conflicting DNS records?

Answer 1

SOA records are present on all servers further up the hierarchy, over which the domain owner has NO control, and they all in effect point to the one authoritative name server under control of the domain owner.

The SOA record on the authoritative server itself is, on the other hand, not strictly needed for resolving that domain, and can contain bogus info (or hidden primary, or otherwise restricted servers) and should not be relied on to determine the authoritative name server for a given domain.

You need to query the server that is authoritative for the top level domain to obtain reliable SOA information for a given child domain.

(The information about which server is authoritative for which TLD can be queried from the root name servers).

When you have reliable information about the SOA from the TLD authoritative server, you can then query the primary name server itself authoritative (the one thats in the SOA record on the gTLD nameserver!) for any other NS records, and then proceed with checking all those name servers you've got from querying the NS records, to see if there is any inconsistency for any other particular record, on any of those servers.

This all works much better/reliable with linux and dig than with nslookup/windows.